neshta | 008d3235fac02c07e1b5c162f2cf7408257c3808fa8d7a74afc15087c017d48c

Analysis

max time kernel
899s
max time network
901s
platform
windows10-ltsc_2021_x64
resource
win10ltsc2021-20250314-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250314-enlocale:en-usos:windows10-ltsc_2021-x64system
submitted
27/03/2025, 17:55 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ahoutak Ebaini.mp3
Size

4.3MB
MD5

b7fd7114e3745aaacb99db60fb0f9bcd
SHA1

792b5fbb0d2687b8a051144e1a226fc1c6b30311
SHA256

008d3235fac02c07e1b5c162f2cf7408257c3808fa8d7a74afc15087c017d48c
SHA512

6a5c4cedfa13505f0dbe5fc8f8b1d4fa6392b340213c215af3fb7c632a71bb4b57607da55267a3e612d3732fa6e2317f4df0fcf0e063f11e5291f25616e5696d
SSDEEP

98304:aNCE3xoY6gC+m0Vf0chVw2VpD8KvbVt8vwHo7LsAL29UAw:aZPNXVMcXFVpD8KTVwwIvE9UAw

Score

10^/10

neshta njrat victim discovery persistence spyware trojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

1.0.0.721:6522

Mutex

99f38bbe0af13fde32226e71d4a6ac11

Attributes

reg_key
99f38bbe0af13fde32226e71d4a6ac11
splitter
Y262SUCZ4UJJ

Signatures

Detect Neshta payload 1 IoCs

resource	yara_rule
behavioral1/memory/5932-3074-0x00000000008B0000-0x00000000013EE000-memory.dmp	family_neshta

Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
persistence spyware neshta
Neshta family
neshta
Njrat family
njrat
njRAT/Bladabindi
Widely used RAT written in .NET.
trojan njrat

Executes dropped EXE 1 IoCs

pid	Process
4652	Payload.exe

Drops desktop.ini file(s) 3 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Documents\desktop.ini	firefox.exe
File opened for modification	C:\Users\Public\desktop.ini	firefox.exe
File opened for modification	C:\Users\Public\Documents\desktop.ini	firefox.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 8 IoCs

Web Service

T1102

flow	ioc
346	camo.githubusercontent.com
683	pastebin.com
687	pastebin.com
688	pastebin.com
241	camo.githubusercontent.com
244	camo.githubusercontent.com
245	camo.githubusercontent.com
247	camo.githubusercontent.com

Looks up external IP address via web service 4 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
510	api.ipify.org
512	api.ipify.org
513	api.ipify.org
514	api.ipify.org

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 7 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ilasm.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Payload.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Dangerous RAT 2020 Cracked by Unknown Venom.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	яσσтRAT.exe

Checks processor information in registry 2 TTPs 64 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe

Modifies registry class 51 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\3\0\0	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257"	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\Shell	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202020202020202	NjRat 0.7D Horror Edition.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0100000000000000ffffffff	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257"	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1	NjRat 0.7D Horror Edition.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\Shell\SniffedFolderType = "Generic"	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\NodeSlot = "14"	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\MRUListEx = ffffffff	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\3\0	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings	firefox.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\Shell	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14	NjRat 0.7D Horror Edition.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\Shell\SniffedFolderType = "Generic"	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\3	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202020202020202020202	NjRat 0.7D Horror Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	NjRat 0.7D Horror Edition.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\14\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	NjRat 0.7D Horror Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe1100000073aa2f39ec94db016bba242df894db01e11b272df894db0114000000	NjRat 0.7D Horror Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3174447216-2582055397-1659630574-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	NjRat 0.7D Horror Edition.exe

NTFS ADS 3 IoCs

description	ioc	Process
File created	C:\Users\Admin\Downloads\XWorm-V5.6-Source-main.zip:Zone.Identifier	firefox.exe
File created	C:\Users\Admin\Downloads\SOURCE-CODE-njRAT-0.7d-Horror-Edition-main.zip:Zone.Identifier	firefox.exe
File created	C:\Users\Admin\Downloads\njRAT-All-Versions-master.zip:Zone.Identifier	firefox.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1516	vlc.exe

Suspicious behavior: EnumeratesProcesses 32 IoCs

pid	Process
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe
4652	Payload.exe

Suspicious behavior: GetForegroundWindowSpam 3 IoCs

pid	Process
1516	vlc.exe
1520	njRAT-Arabic.exe
4652	Payload.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	3760	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3760	AUDIODG.EXE
Token: 33	1516	vlc.exe
Token: SeIncBasePriorityPrivilege	1516	vlc.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: 33	3492	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3492	AUDIODG.EXE
Token: SeDebugPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: SeDebugPrivilege	3316	firefox.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe
Token: 33	4652	Payload.exe
Token: SeIncBasePriorityPrivilege	4652	Payload.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
4484	NjRat 0.7D Horror Edition.exe
4484	NjRat 0.7D Horror Edition.exe
4484	NjRat 0.7D Horror Edition.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
4484	NjRat 0.7D Horror Edition.exe
3884	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
3884	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
3884	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
3884	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
5632	GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
5632	GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
5632	GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
5632	GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
5932	Dangerous RAT 2020 Cracked by Unknown Venom.exe
5932	Dangerous RAT 2020 Cracked by Unknown Venom.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
1516	vlc.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
4484	NjRat 0.7D Horror Edition.exe
4484	NjRat 0.7D Horror Edition.exe
4484	NjRat 0.7D Horror Edition.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
4484	NjRat 0.7D Horror Edition.exe
3884	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
3884	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
3884	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
3884	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
5632	GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
5632	GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
5632	GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
5632	GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
5932	Dangerous RAT 2020 Cracked by Unknown Venom.exe
5932	Dangerous RAT 2020 Cracked by Unknown Venom.exe
5932	Dangerous RAT 2020 Cracked by Unknown Venom.exe
5932	Dangerous RAT 2020 Cracked by Unknown Venom.exe
1576	NjRat 0.7D Horror Edition.exe
1576	NjRat 0.7D Horror Edition.exe
1576	NjRat 0.7D Horror Edition.exe
1576	NjRat 0.7D Horror Edition.exe
1244	njRAT v0.11G.exe
1244	njRAT v0.11G.exe
1244	njRAT v0.11G.exe
1244	njRAT v0.11G.exe
696	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
696	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
696	njRAT v8.5 %M.A.H-RAT%. (Fixed).exe

Suspicious use of SetWindowsHookEx 64 IoCs

pid	Process
1516	vlc.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
4484	NjRat 0.7D Horror Edition.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe
3316	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3948 wrote to memory of 3316	3948	firefox.exe	93
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 4760	3316	firefox.exe	94
PID 3316 wrote to memory of 2100	3316	firefox.exe	95
PID 3316 wrote to memory of 2100	3316	firefox.exe	95
PID 3316 wrote to memory of 2100	3316	firefox.exe	95
PID 3316 wrote to memory of 2100	3316	firefox.exe	95
PID 3316 wrote to memory of 2100	3316	firefox.exe	95
PID 3316 wrote to memory of 2100	3316	firefox.exe	95
PID 3316 wrote to memory of 2100	3316	firefox.exe	95
PID 3316 wrote to memory of 2100	3316	firefox.exe	95

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Ahoutak Ebaini.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:1516

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2cc 0x304
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3760

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3948
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Drops desktop.ini file(s)
  - Checks processor information in registry
  - Modifies registry class
  - NTFS ADS
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:3316
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 2012 -prefsLen 27100 -prefMapHandle 2016 -prefMapSize 270279 -ipcHandle 2104 -initialChannelId {ddfb156c-dbe7-4920-bf58-6fc1ad6de20e} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -appDir "C:\Program Files\Mozilla Firefox\browser" - 1 gpu
    3⤵
    PID:4760
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 2480 -prefsLen 27136 -prefMapHandle 2484 -prefMapSize 270279 -ipcHandle 2492 -initialChannelId {d35ef3ab-9abb-46bf-88a2-e49d8696e146} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 2 socket
    3⤵
    PID:2100
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 3744 -prefsLen 27277 -prefMapHandle 3748 -prefMapSize 270279 -jsInitHandle 3752 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 3760 -initialChannelId {d06d115c-3712-40d1-9661-8f47d1516586} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 3 tab
    3⤵
    - Checks processor information in registry
    PID:4604
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 3912 -prefsLen 27277 -prefMapHandle 3916 -prefMapSize 270279 -ipcHandle 4016 -initialChannelId {5fcb7e53-2b07-4d4d-aa5a-14b906ba417b} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -appDir "C:\Program Files\Mozilla Firefox\browser" - 4 rdd
    3⤵
    PID:1088
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 4464 -prefsLen 34776 -prefMapHandle 4468 -prefMapSize 270279 -jsInitHandle 4472 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 4480 -initialChannelId {5de7bb85-33de-4d56-8de0-43bb9fbcdb7e} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 5 tab
    3⤵
    - Checks processor information in registry
    PID:3780
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -sandboxingKind 0 -prefsHandle 5044 -prefsLen 35013 -prefMapHandle 5048 -prefMapSize 270279 -ipcHandle 4420 -initialChannelId {358b87e9-92ac-4d27-924d-49a789ae57f5} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 6 utility
    3⤵
    - Checks processor information in registry
    PID:5432
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5200 -prefsLen 32952 -prefMapHandle 5204 -prefMapSize 270279 -jsInitHandle 5208 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5216 -initialChannelId {6dec4bbe-ccd0-454b-91d2-5d043664b8b9} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 7 tab
    3⤵
    - Checks processor information in registry
    PID:5496
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5412 -prefsLen 32952 -prefMapHandle 5416 -prefMapSize 270279 -jsInitHandle 5420 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5424 -initialChannelId {47e03016-594d-4e70-bb5b-38036028d401} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 8 tab
    3⤵
    - Checks processor information in registry
    PID:5516
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5652 -prefsLen 32952 -prefMapHandle 5656 -prefMapSize 270279 -jsInitHandle 5660 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5664 -initialChannelId {22e57eb7-3233-481b-b953-9e72437a419c} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 9 tab
    3⤵
    - Checks processor information in registry
    PID:5540
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5680 -prefsLen 33071 -prefMapHandle 6220 -prefMapSize 270279 -jsInitHandle 6280 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6428 -initialChannelId {4a656c8f-218b-44e0-b2c8-f0aba2ca37a4} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 10 tab
    3⤵
    - Checks processor information in registry
    PID:1592
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 6352 -prefsLen 36543 -prefMapHandle 6348 -prefMapSize 270279 -jsInitHandle 4828 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6612 -initialChannelId {8827d34a-cf35-48a6-a829-aa8e314c0246} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 11 tab
    3⤵
    - Checks processor information in registry
    PID:3984
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5512 -prefsLen 36543 -prefMapHandle 1496 -prefMapSize 270279 -jsInitHandle 6212 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6156 -initialChannelId {90b43554-5f96-46d6-8ad3-a74bad29de8d} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 12 tab
    3⤵
    - Checks processor information in registry
    PID:5984
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5680 -prefsLen 36586 -prefMapHandle 6428 -prefMapSize 270279 -jsInitHandle 6476 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6424 -initialChannelId {3ce492d5-6a33-4c6b-8917-d48d58e6cecd} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 13 tab
    3⤵
    - Checks processor information in registry
    PID:1260
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5924 -prefsLen 36586 -prefMapHandle 6332 -prefMapSize 270279 -jsInitHandle 6952 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5836 -initialChannelId {0f122edf-a4ff-475d-9503-f80daa291b4d} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 14 tab
    3⤵
    - Checks processor information in registry
    PID:2184
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 6168 -prefsLen 36586 -prefMapHandle 6140 -prefMapSize 270279 -jsInitHandle 6180 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6504 -initialChannelId {001cf221-0cd6-43a9-ae27-95ecaddcbcb6} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 15 tab
    3⤵
    - Checks processor information in registry
    PID:4332
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 7068 -prefsLen 36586 -prefMapHandle 7064 -prefMapSize 270279 -jsInitHandle 7060 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5912 -initialChannelId {872b406a-48c1-4802-a56d-dfc7599db858} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 16 tab
    3⤵
    - Checks processor information in registry
    PID:1292
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 7604 -prefsLen 36586 -prefMapHandle 7608 -prefMapSize 270279 -jsInitHandle 7600 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 7452 -initialChannelId {5043b219-fabc-4240-beeb-dd9df6fda8f8} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 17 tab
    3⤵
    - Checks processor information in registry
    PID:3048
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 7776 -prefsLen 36586 -prefMapHandle 7780 -prefMapSize 270279 -jsInitHandle 7784 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 7424 -initialChannelId {902766f4-3e9c-4c8e-9e95-d5dc6298dded} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 18 tab
    3⤵
    - Checks processor information in registry
    PID:5440
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 6252 -prefsLen 36626 -prefMapHandle 6164 -prefMapSize 270279 -jsInitHandle 8140 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6288 -initialChannelId {083fd26d-90c5-426d-a7a2-0764eecda89d} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 19 tab
    3⤵
    - Checks processor information in registry
    PID:5336
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 6476 -prefsLen 36626 -prefMapHandle 8124 -prefMapSize 270279 -jsInitHandle 8152 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 8116 -initialChannelId {c32650ff-79b4-48a3-b91f-3dffddc6918f} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 20 tab
    3⤵
    - Checks processor information in registry
    PID:1084
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 7880 -prefsLen 36626 -prefMapHandle 6892 -prefMapSize 270279 -jsInitHandle 7612 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5716 -initialChannelId {8c398706-196e-468a-ac13-0780979dea6a} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 21 tab
    3⤵
    - Checks processor information in registry
    PID:5644
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 8188 -prefsLen 36626 -prefMapHandle 5724 -prefMapSize 270279 -jsInitHandle 8176 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 7328 -initialChannelId {c75ab783-88f8-4a44-896b-2ff91e86fc2d} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 22 tab
    3⤵
    - Checks processor information in registry
    PID:5872
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 8708 -prefsLen 36626 -prefMapHandle 8712 -prefMapSize 270279 -jsInitHandle 8716 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6096 -initialChannelId {2f2838ca-4163-4019-b2f1-647c57fb8846} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 23 tab
    3⤵
    - Checks processor information in registry
    PID:2796
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 8936 -prefsLen 36626 -prefMapHandle 8940 -prefMapSize 270279 -jsInitHandle 8944 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 8844 -initialChannelId {3faab17b-59ad-4269-9db6-cb958ce1a7a1} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 24 tab
    3⤵
    - Checks processor information in registry
    PID:4756
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 9224 -prefsLen 36626 -prefMapHandle 9228 -prefMapSize 270279 -jsInitHandle 9232 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 9240 -initialChannelId {1db3167a-44e1-4c21-966c-96fb5b3d8e36} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 25 tab
    3⤵
    - Checks processor information in registry
    PID:3240
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 9412 -prefsLen 36626 -prefMapHandle 9408 -prefMapSize 270279 -jsInitHandle 9404 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 9396 -initialChannelId {f186be88-b757-4fa1-a86e-d7f3e5838397} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 26 tab
    3⤵
    - Checks processor information in registry
    PID:3376
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 8232 -prefsLen 36626 -prefMapHandle 8236 -prefMapSize 270279 -jsInitHandle 8220 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 8208 -initialChannelId {812f512f-8091-48bf-a51e-bf74c8571629} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 27 tab
    3⤵
    - Checks processor information in registry
    PID:2444
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 9336 -prefsLen 36626 -prefMapHandle 9320 -prefMapSize 270279 -jsInitHandle 9324 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 9192 -initialChannelId {b003d2a5-3e2b-4860-8b79-6d8bc9fbcf67} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 28 tab
    3⤵
    - Checks processor information in registry
    PID:6068
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 4784 -prefsLen 36626 -prefMapHandle 6808 -prefMapSize 270279 -jsInitHandle 6056 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 9336 -initialChannelId {82508b0d-0fef-497c-aa33-306b3443bc7d} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 29 tab
    3⤵
    - Checks processor information in registry
    PID:4452
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 6808 -prefsLen 36626 -prefMapHandle 6056 -prefMapSize 270279 -jsInitHandle 6816 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 9348 -initialChannelId {b24a106e-b480-482b-b895-85fc80c61b38} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 30 tab
    3⤵
    - Checks processor information in registry
    PID:4532
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -sandboxingKind 1 -prefsHandle 9664 -prefsLen 39716 -prefMapHandle 9660 -prefMapSize 270279 -ipcHandle 9464 -initialChannelId {4d92df57-6532-4e62-829f-852e30faf5e3} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 31 utility
    3⤵
    - Checks processor information in registry
    PID:2348
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5428 -prefsLen 36626 -prefMapHandle 8816 -prefMapSize 270279 -jsInitHandle 8708 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 8656 -initialChannelId {6484a0c1-fe3a-4bd6-9afb-e0404ed6d768} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 32 tab
    3⤵
    - Checks processor information in registry
    PID:3688
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 9244 -prefsLen 36626 -prefMapHandle 9720 -prefMapSize 270279 -jsInitHandle 8372 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 9276 -initialChannelId {24f3e6f6-077a-4642-93e2-d52fb4963a29} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 33 tab
    3⤵
    - Checks processor information in registry
    PID:5144
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 9344 -prefsLen 36626 -prefMapHandle 8372 -prefMapSize 270279 -jsInitHandle 7360 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 9420 -initialChannelId {fc1f035b-d4f7-49b5-b529-c92ec6d2be1a} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 34 tab
    3⤵
    - Checks processor information in registry
    PID:3380
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 7808 -prefsLen 36626 -prefMapHandle 6092 -prefMapSize 270279 -jsInitHandle 6220 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 8216 -initialChannelId {5fef8414-f082-4930-bf72-dd2b4351e206} -parentPid 3316 -crashReporter "\\.\pipe\gecko-crash-server-pipe.3316" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 35 tab
    3⤵
    - Checks processor information in registry
    PID:5264

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5456

C:\Users\Admin\Downloads\SOURCE-CODE-njRAT-0.7d-Horror-Edition-main\SOURCE-CODE-njRAT-0.7d-Horror-Edition-main\njRAT 0.7d Horror Edition - BIN\NjRat 0.7D Horror Edition.exe
"C:\Users\Admin\Downloads\SOURCE-CODE-njRAT-0.7d-Horror-Edition-main\SOURCE-CODE-njRAT-0.7d-Horror-Edition-main\njRAT 0.7d Horror Edition - BIN\NjRat 0.7D Horror Edition.exe"
1⤵
- Modifies registry class
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:4484
- C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
  "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe" /alignment=512 /QUIET "C:\Users\Admin\AppData\Local\Temp\stub.il" /output:"C:\Users\Admin\Desktop\Payload.exe"
  2⤵
  - System Location Discovery: System Language Discovery
  PID:1424

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2cc 0x304
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3492

C:\Users\Admin\Desktop\Payload.exe
"C:\Users\Admin\Desktop\Payload.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
PID:4652

C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT v0.3.5 - Arabic\njRAT-Arabic.exe
"C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT v0.3.5 - Arabic\njRAT-Arabic.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:1520

C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT v8.5 M.A.H-RAT (Fixed)\njRAT v8.5 M.A.H-RAT (Fixed)\njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
"C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT v8.5 M.A.H-RAT (Fixed)\njRAT v8.5 M.A.H-RAT (Fixed)\njRAT v8.5 %M.A.H-RAT%. (Fixed).exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3884

C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\GHAWY HACKER EGYPT NjRat 0.7D v.2\GHAWY HACKER EGYPT NjRat 0.7D v.2.exe
"C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\GHAWY HACKER EGYPT NjRat 0.7D v.2\GHAWY HACKER EGYPT NjRat 0.7D v.2.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5632

C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\CobianRAT v1.0.40.7\CobianRAT v1.0.40.7.exe
"C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\CobianRAT v1.0.40.7\CobianRAT v1.0.40.7.exe"
1⤵
PID:5312

C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\Dangerous RAT\Dangerous RAT 2020 Cracked by Unknown Venom.exe
"C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\Dangerous RAT\Dangerous RAT 2020 Cracked by Unknown Venom.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5932

C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT 0.7d Horror Edition\NjRat 0.7D Horror Edition.exe
"C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT 0.7d Horror Edition\NjRat 0.7D Horror Edition.exe"
1⤵
- Suspicious use of SendNotifyMessage
PID:1576

C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT v0.11G\njRAT v0.11G\njRAT v0.11G.exe
"C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT v0.11G\njRAT v0.11G\njRAT v0.11G.exe"
1⤵
- Suspicious use of SendNotifyMessage
PID:1244

C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT v8.5 M.A.H-RAT (Fixed)\njRAT v8.5 M.A.H-RAT (Fixed)\njRAT v8.5 %M.A.H-RAT%. (Fixed).exe
"C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\njRAT v8.5 M.A.H-RAT (Fixed)\njRAT v8.5 M.A.H-RAT (Fixed)\njRAT v8.5 %M.A.H-RAT%. (Fixed).exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SendNotifyMessage
PID:696

C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\RootRAT\яσσтRAT.exe
"C:\Users\Admin\Downloads\njRAT-All-Versions-master\njRAT-All-Versions-master\RootRAT\яσσтRAT.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:5996

Network

DNS

checkappexec.microsoft.com

Remote address:

8.8.8.8:53

Request

checkappexec.microsoft.com

IN A

Response

checkappexec.microsoft.com

IN CNAME

prod-atm-wds-apprep.trafficmanager.net

prod-atm-wds-apprep.trafficmanager.net

IN CNAME

prod-agic-us-3.uksouth.cloudapp.azure.com

prod-agic-us-3.uksouth.cloudapp.azure.com

IN A

172.165.61.93
POST

https://checkappexec.microsoft.com/windows/shell/actions

Remote address:

172.165.61.93:443

Request

POST /windows/shell/actions HTTP/2.0
host: checkappexec.microsoft.com
accept-encoding: gzip, deflate
user-agent: SmartScreen/2814751014982010
authorization: SmartScreenHash eyJhdXRoSWQiOiJhZGZmZjVhZC1lZjllLTQzYTYtYjFhMy0yYWQ0MjY3YWVlZDUiLCJoYXNoIjoiemlZd1V6d3g1QnM9Iiwia2V5IjoiZFVZRWNGMEc5NW9NbTE5YTYrNEhQUT09In0=
content-length: 1462
content-type: application/json; charset=utf-8
cache-control: no-cache

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:56:48 GMT
content-type: application/json; charset=utf-8
content-length: 183
server: Kestrel
cache-control: max-age=0, private
request-context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:c47c::
DNS

spocs.getpocket.com

firefox.exe

Remote address:

8.8.8.8:53

Request

spocs.getpocket.com

IN A

Response

spocs.getpocket.com

IN CNAME

prod.ads.prod.webservices.mozgcp.net

prod.ads.prod.webservices.mozgcp.net

IN A

34.117.188.166
DNS

merino.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

merino.services.mozilla.com

IN A

Response

merino.services.mozilla.com

IN A

34.110.138.217
DNS

prod.ads.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.ads.prod.webservices.mozgcp.net

IN A

Response

prod.ads.prod.webservices.mozgcp.net

IN A

34.117.188.166
DNS

215.156.26.20.in-addr.arpa

firefox.exe

Remote address:

8.8.8.8:53

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

merino.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

merino.services.mozilla.com

IN A

Response

merino.services.mozilla.com

IN A

34.110.138.217
DNS

prod.ads.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.ads.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

merino.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

merino.services.mozilla.com

IN AAAA

Response
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

example.org

firefox.exe

Remote address:

8.8.8.8:53

Request

example.org

IN A

Response

example.org

IN A

23.215.0.133

example.org

IN A

96.7.128.186

example.org

IN A

23.215.0.132

example.org

IN A

96.7.128.192
DNS

ipv4only.arpa

firefox.exe

Remote address:

8.8.8.8:53

Request

ipv4only.arpa

IN A

Response

ipv4only.arpa

IN A

192.0.0.171

ipv4only.arpa

IN A

192.0.0.170
DNS

prod.detectportal.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.detectportal.prod.cloudops.mozgcp.net

IN A

Response

prod.detectportal.prod.cloudops.mozgcp.net

IN A

34.107.221.82
GET

http://detectportal.firefox.com/success.txt?ipv4

firefox.exe

Remote address:

34.107.221.82:80

Request

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Priority: u=4
Pragma: no-cache
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 27 Mar 2025 03:42:55 GMT
Age: 51235
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
DNS

prod.detectportal.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.detectportal.prod.cloudops.mozgcp.net

IN AAAA

Response

prod.detectportal.prod.cloudops.mozgcp.net

IN AAAA

2600:1901:0:38d7::
DNS

www.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

172.217.169.36
GET

https://www.google.com/search?client=firefox-b-d&channel=entpr&q=njrat+blood+editcohe

firefox.exe

Remote address:

172.217.169.36:443

Request

GET /search?client=firefox-b-d&channel=entpr&q=njrat+blood+editcohe HTTP/2.0
host: www.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
priority: u=0, i
te: trailers
DNS

www.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

172.217.169.36
DNS

www.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN AAAA

Response

www.google.com

IN AAAA

2a00:1450:4009:818::2004
DNS

csp.withgoogle.com

firefox.exe

Remote address:

8.8.8.8:53

Request

csp.withgoogle.com

IN A

Response

csp.withgoogle.com

IN A

142.250.200.49
DNS

csp.withgoogle.com

firefox.exe

Remote address:

8.8.8.8:53

Request

csp.withgoogle.com

IN A

Response

csp.withgoogle.com

IN A

142.250.200.49
DNS

csp.withgoogle.com

firefox.exe

Remote address:

8.8.8.8:53

Request

csp.withgoogle.com

IN A
POST

https://csp.withgoogle.com/csp/gws/fff

firefox.exe

Remote address:

142.250.200.49:443

Request

POST /csp/gws/fff HTTP/2.0
host: csp.withgoogle.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
content-type: application/csp-report
content-length: 792
origin: https://www.google.com
sec-fetch-dest: report
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=4
te: trailers
POST

https://csp.withgoogle.com/csp/gws/fff

firefox.exe

Remote address:

142.250.200.49:443

Request

POST /csp/gws/fff HTTP/2.0
host: csp.withgoogle.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
content-type: application/csp-report
content-length: 1260
origin: https://www.google.com
sec-fetch-dest: report
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=4
te: trailers
DNS

ogads-pa.clients6.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ogads-pa.clients6.google.com

IN A

Response

ogads-pa.clients6.google.com

IN A

142.250.200.10
DNS

ogads-pa.clients6.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ogads-pa.clients6.google.com

IN A

Response

ogads-pa.clients6.google.com

IN A

142.250.180.10
DNS

ogads-pa.clients6.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ogads-pa.clients6.google.com

IN AAAA

Response

ogads-pa.clients6.google.com

IN AAAA

2a00:1450:4009:81d::200a
DNS

csp.withgoogle.com

firefox.exe

Remote address:

8.8.8.8:53

Request

csp.withgoogle.com

IN AAAA

Response

csp.withgoogle.com

IN AAAA

2a00:1450:4009:823::2011
DNS

play.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

216.58.204.78
POST

https://play.google.com/log?format=json&hasfast=true

firefox.exe

Remote address:

216.58.204.78:443

Request

POST /log?format=json&hasfast=true HTTP/2.0
host: play.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
content-encoding: gzip
content-type: application/binary
content-length: 289
origin: https://www.google.com
cookie: AEC=AVcja2daO91kUvPlmfp2Cl28rV9d7xs_V2xdm0NgVV5tlcACpJBim4gtAQ
cookie: __Secure-ENID=26.SE=e1Gc1nf7JplaghTZp2eqoHXzBUE7izaJmNxLEvLTpUsN6sjgrY5l29uc8z8X90mmOFFYv7x0BtwlerpZ9X4L14dgUl41QSd37xkVvdzZu_D0LA7K3E4yYvs260uL2SBMZY08PVif7PZgxvrq6i-pYfkURIEvAHl83vI8aI5gEuikdNVRJDbAKPx9CVWO3rHuRuH2nsOBEs7-bshGFMgF-J9SZujUFMqgF9m364mmzl6xfDkBDBqOpfsTzA
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
te: trailers
DNS

play.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

216.58.204.78
OPTIONS

https://play.google.com/log?format=json&hasfast=true

firefox.exe

Remote address:

216.58.204.78:443

Request

OPTIONS /log?format=json&hasfast=true HTTP/2.0
host: play.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
access-control-request-method: POST
access-control-request-headers: content-encoding,content-type
referer: https://www.google.com/
origin: https://www.google.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
priority: u=4
te: trailers
DNS

play.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN AAAA

Response

play.google.com

IN AAAA

2a00:1450:4009:827::200e
DNS

consent.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

consent.google.com

IN A

Response

consent.google.com

IN A

142.250.200.14
POST

https://consent.google.com/save?continue=https://www.google.com/search?client%3Dfirefox-b-d%26channel%3Dentpr%26q%3Dnjrat%2Bblood%2Beditcohe%26sei%3DdJHlZ6yQN7PBhbIP8LbuwA8&gl=UK&m=0&pc=srp&x=5&src=2&hl=en&bl=gws_20250324-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true

firefox.exe

Remote address:

142.250.200.14:443

Request

POST /save?continue=https://www.google.com/search?client%3Dfirefox-b-d%26channel%3Dentpr%26q%3Dnjrat%2Bblood%2Beditcohe%26sei%3DdJHlZ6yQN7PBhbIP8LbuwA8&gl=UK&m=0&pc=srp&x=5&src=2&hl=en&bl=gws_20250324-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true HTTP/2.0
host: consent.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
origin: https://www.google.com
cookie: AEC=AVcja2daO91kUvPlmfp2Cl28rV9d7xs_V2xdm0NgVV5tlcACpJBim4gtAQ
cookie: __Secure-ENID=26.SE=e1Gc1nf7JplaghTZp2eqoHXzBUE7izaJmNxLEvLTpUsN6sjgrY5l29uc8z8X90mmOFFYv7x0BtwlerpZ9X4L14dgUl41QSd37xkVvdzZu_D0LA7K3E4yYvs260uL2SBMZY08PVif7PZgxvrq6i-pYfkURIEvAHl83vI8aI5gEuikdNVRJDbAKPx9CVWO3rHuRuH2nsOBEs7-bshGFMgF-J9SZujUFMqgF9m364mmzl6xfDkBDBqOpfsTzA
cookie: SOCS=CAISHAgCEhJnd3NfMjAyNTAzMjQtMF9SQzEaAmVuIAEaBgiAqpK_Bg
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
priority: u=0
content-length: 0
te: trailers
DNS

consent.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

consent.google.com

IN A

Response

consent.google.com

IN A

142.250.200.14
DNS

consent.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

consent.google.com

IN AAAA

Response

consent.google.com

IN AAAA

2a00:1450:4009:822::200e
DNS

location.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

location.services.mozilla.com

IN A

Response

location.services.mozilla.com

IN CNAME

prod.classify-client.prod.webservices.mozgcp.net

prod.classify-client.prod.webservices.mozgcp.net

IN A

35.190.72.216
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.classify-client.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.classify-client.prod.webservices.mozgcp.net

IN A

Response

prod.classify-client.prod.webservices.mozgcp.net

IN A

35.190.72.216
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

2600:1901:0:5133::
DNS

prod.classify-client.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.classify-client.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

archive.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

archive.mozilla.org

IN A

Response

archive.mozilla.org

IN CNAME

mozilla-download.fastly-edge.com

mozilla-download.fastly-edge.com

IN A

151.101.195.19

mozilla-download.fastly-edge.com

IN A

151.101.3.19

mozilla-download.fastly-edge.com

IN A

151.101.131.19

mozilla-download.fastly-edge.com

IN A

151.101.67.19
GET

https://archive.mozilla.org/pub/system-addons/hotfix-intermediate-2018/hotfix-intermediate-2018-1.0.0-build1/hotfix-intermediate-2018.xpi

firefox.exe

Remote address:

151.101.195.19:443

Request

GET /pub/system-addons/hotfix-intermediate-2018/hotfix-intermediate-2018-1.0.0-build1/hotfix-intermediate-2018.xpi HTTP/2.0
host: archive.mozilla.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/x-xpinstall
x-guploader-uploadid: AKDAyItxkTJYRI9LyqSbqYKtFOnLKCR7JdNBT3NiAcU7PTvemvjRDUuVoFSLxm_J6DxmviRH
cache-control: max-age=432000
expires: Wed, 26 Mar 2025 15:02:12 GMT
last-modified: Fri, 21 Mar 2025 14:36:07 GMT
etag: "25e8156b7f7ca8dad999ee2b93a32b71"
x-goog-hash: crc32c=QBD+UQ==
x-goog-hash: md5=JegVa398qNrZme4rk6MrcQ==
x-goog-storage-class: STANDARD
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 varnish, 1.1 varnish
tmp-path:
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:18 GMT
age: 112057
x-served-by: cache-bfi-kbfi7400074-BFI, cache-lon4273-LON
x-cache: HIT, HIT
x-cache-hits: 59, 1698
x-timer: S1743098239.561050,VS0,VE0
vary: Origin
content-length: 11409
DNS

mozilla-download.fastly-edge.com

firefox.exe

Remote address:

8.8.8.8:53

Request

mozilla-download.fastly-edge.com

IN A

Response

mozilla-download.fastly-edge.com

IN A

151.101.67.19

mozilla-download.fastly-edge.com

IN A

151.101.195.19

mozilla-download.fastly-edge.com

IN A

151.101.131.19

mozilla-download.fastly-edge.com

IN A

151.101.3.19
DNS

mozilla-download.fastly-edge.com

firefox.exe

Remote address:

8.8.8.8:53

Request

mozilla-download.fastly-edge.com

IN AAAA

Response

mozilla-download.fastly-edge.com

IN AAAA

2a04:4e42::787

mozilla-download.fastly-edge.com

IN AAAA

2a04:4e42:200::787

mozilla-download.fastly-edge.com

IN AAAA

2a04:4e42:400::787

mozilla-download.fastly-edge.com

IN AAAA

2a04:4e42:600::787
DNS

ciscobinary.openh264.org

firefox.exe

Remote address:

8.8.8.8:53

Request

ciscobinary.openh264.org

IN A

Response

ciscobinary.openh264.org

IN CNAME

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

IN CNAME

a17.rackcdn.com

a17.rackcdn.com

IN CNAME

a17.rackcdn.com.mdc.edgesuite.net

a17.rackcdn.com.mdc.edgesuite.net

IN CNAME

a19.dscg10.akamai.net

a19.dscg10.akamai.net

IN A

23.200.87.12

a19.dscg10.akamai.net

IN A

23.200.86.251
GET

http://ciscobinary.openh264.org/openh264-win64-652bdb7719f30b52b08e506645a7322ff1b2cc6f.zip

firefox.exe

Remote address:

23.200.87.12:80

Request

GET /openh264-win64-652bdb7719f30b52b08e506645a7322ff1b2cc6f.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 12 Mar 2025 03:55:32 GMT
ETag: e690f995973164fe425f76589b1be2d9
Content-Length: 514215
Accept-Ranges: bytes
X-Timestamp: 1741751731.97128
Content-Type: application/zip
X-Trans-Id: txd0dbcdfb42514b58bf141-0067d3f1aadfw1
Cache-Control: public, max-age=144291
Expires: Sat, 29 Mar 2025 10:02:09 GMT
Date: Thu, 27 Mar 2025 17:57:18 GMT
Connection: keep-alive
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN A

Response

a19.dscg10.akamai.net

IN A

23.200.87.12

a19.dscg10.akamai.net

IN A

23.200.86.251
GET

https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/mfnf4w4aaa2rporuqgtjqv35v4_4.10.2891.0/oimompecagnajdejgnnjijobebaeigek_4.10.2891.0_win64_acwxtxt2znguar3w2o252umtomsq.crx3

firefox.exe

Remote address:

34.104.35.123:443

Request

GET /edgedl/release2/chrome_component/mfnf4w4aaa2rporuqgtjqv35v4_4.10.2891.0/oimompecagnajdejgnnjijobebaeigek_4.10.2891.0_win64_acwxtxt2znguar3w2o252umtomsq.crx3 HTTP/2.0
host: edgedl.me.gvt1.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
te: trailers

Response

HTTP/2.0 200

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-request-id: 2e9c34e4-3508-482c-9810-63ec536916a4
content-length: 14730673
date: Thu, 27 Mar 2025 02:43:10 GMT
age: 54848
last-modified: Mon, 13 Jan 2025 23:20:14 GMT
etag: "3c40b5d"
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN AAAA

Response

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:82::17c8:56fb

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:82::17c8:570c
DNS

id.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

id.google.com

IN A

Response

id.google.com

IN A

142.250.187.195
GET

https://id.google.com/verify/AH5-l65c0CWVOy9dAS1t1xvtQrlaxPf11oislDjGs6VEUNAwGHGzY69TY46qhSW2BJcYTMowmfPyBLTwUgfnAqfedsC3YM0q_Gw1j_8BUR4GXXap

firefox.exe

Remote address:

142.250.187.195:443

Request

GET /verify/AH5-l65c0CWVOy9dAS1t1xvtQrlaxPf11oislDjGs6VEUNAwGHGzY69TY46qhSW2BJcYTMowmfPyBLTwUgfnAqfedsC3YM0q_Gw1j_8BUR4GXXap HTTP/2.0
host: id.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
cookie: AEC=AVcja2daO91kUvPlmfp2Cl28rV9d7xs_V2xdm0NgVV5tlcACpJBim4gtAQ
cookie: SOCS=CAISHAgCEhJnd3NfMjAyNTAzMjQtMF9SQzEaAmVuIAEaBgiAqpK_Bg
cookie: NID=522=V7CjHPD4CQ9MfOb9mJBaBY9X-HP9s7R60Cs0kdowdbrvp22vKRo_pOn4xXMjJqvK4mvrOopVeBrUM2CqeV5Cv3CSL6uMB9NjrIuTlVlvlT-NHbtd7uChxHyRWw8kmhLKyA8R5KZrjQr2vDF4CzmBV3yiQ_mVEi-ab0htPBngMDH8ZWgALJmlz0XubO4_QssyngOVkYoN6fICmDyGtt4qIw9lqzGme0oSTH8GC4QdRCGEm8_UkO0Wt349UkuPqWh6lwIVbw-A
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=5, i
te: trailers
DNS

id.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

id.google.com

IN A

Response

id.google.com

IN A

108.177.122.94
DNS

id.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

id.google.com

IN AAAA

Response

id.google.com

IN AAAA

2a00:1450:4009:820::2003
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
sec-fetch-user: ?1
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:29 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"ec34e07da29646b51b76b76a14fe021a"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.683991019.1743098249; Path=/; Domain=github.com; Expires=Fri, 27 Mar 2026 17:57:29 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Fri, 27 Mar 2026 17:57:29 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: 648A:3FF059:B39743:DB9AFF:67E59189
GET

https://github.com/fluidicon.png

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /fluidicon.png HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=6
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:29 GMT
content-type: image/png
content-length: 33270
last-modified: Thu, 27 Mar 2025 17:39:39 GMT
etag: "67e58d5b-81f6"
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
x-github-request-id: 648A:3FF059:B3984E:DB9C38:67E59189
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/latest-commit/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/latest-commit/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:30 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"a1eb0181e638df2915e5e88782782e1e"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 82
x-github-request-id: 648A:3FF059:B39860:DB9C4F:67E5918A
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/refs?type=branch

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/refs?type=branch HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:30 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"55c8eec8e2f6cffeda3bb4db925ed4e0"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 525
x-github-request-id: 648A:3FF059:B39860:DB9C50:67E5918A
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/tree-commit-info/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/tree-commit-info/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:31 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"57dd3ff551f8b3d10b3856a048bab63c"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 53
x-github-request-id: 648A:3FF059:B39862:DB9C52:67E5918A
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/branch-and-tag-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/branch-and-tag-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:31 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"6f77cfd8503da0743473118f7ac05966"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 468
x-github-request-id: 648A:3FF059:B39860:DB9C4E:67E5918A
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/security/overall-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/security/overall-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:31 GMT
content-type: text/fragment+html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
accept-ranges: bytes
x-github-request-id: 648A:3FF059:B3986C:DB9C64:67E5918A
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/hovercards/citation/sidebar_partial?tree_name=main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/hovercards/citation/sidebar_partial?tree_name=main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:57:31 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 648A:3FF059:B39875:DB9C6D:67E5918A
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/used_by_list

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/used_by_list HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:31 GMT
content-type: text/plain; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
accept-ranges: bytes
x-github-request-id: 648A:3FF059:B39876:DB9C70:67E5918B
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.111.154
DNS

avatars.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.108.133

avatars.githubusercontent.com

IN A

185.199.111.133

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.110.133
DNS

github-cloud.s3.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

3.5.29.116

s3-w.us-east-1.amazonaws.com

IN A

3.5.25.129

s3-w.us-east-1.amazonaws.com

IN A

52.217.85.180

s3-w.us-east-1.amazonaws.com

IN A

52.216.54.73

s3-w.us-east-1.amazonaws.com

IN A

16.15.184.108

s3-w.us-east-1.amazonaws.com

IN A

52.217.141.177

s3-w.us-east-1.amazonaws.com

IN A

52.217.121.153

s3-w.us-east-1.amazonaws.com

IN A

52.217.164.225
DNS

user-images.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.109.133

user-images.githubusercontent.com

IN A

185.199.111.133

user-images.githubusercontent.com

IN A

185.199.108.133

user-images.githubusercontent.com

IN A

185.199.110.133
GET

https://github.githubassets.com/assets/light-74231a1f3bbb.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/light-74231a1f3bbb.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 20 Mar 2025 23:48:59 GMT
etag: "0x8DD6809C8F8EBA8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 511308
x-served-by: cache-iad-kjyo7100038-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 21, 4476
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e5f8c16bf37344421b5358b8ae7446e9cc90da4d
content-length: 8965
GET

https://github.githubassets.com/assets/staff-7d691607ec07.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/staff-7d691607ec07.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:00 GMT
etag: "0x8DCC5ED2B1012E4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 3757922
x-served-by: cache-iad-kiad7000161-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 766, 860
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7a24cd597ee9d87793e7d57e336394374fabee1a
content-length: 403
GET

https://github.githubassets.com/assets/devtools-ed3c56d5f6b2.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/devtools-ed3c56d5f6b2.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 24 Feb 2025 17:50:00 GMT
etag: "0x8DD54FBA92D9917"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 1927502
x-served-by: cache-iad-kjyo7100115-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 12, 892
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d9d67b9bf422ca4b918f6ef00a452f3d6d853640
content-length: 7339
GET

https://github.githubassets.com/assets/repository-4fce88777fa8.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repository-4fce88777fa8.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 27 Jan 2025 16:33:51 GMT
etag: "0x8DD3EF06259EC32"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 1399252
x-served-by: cache-iad-kjyo7100076-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 3265
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 717be7b07653b2c352a68ee05aacfa0b78c13630
content-length: 5184
GET

https://github.githubassets.com/assets/code-0210be90f4d3.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/code-0210be90f4d3.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 17 Jan 2025 17:06:48 GMT
etag: "0x8DD37195443E4FE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 1730637
x-served-by: cache-iad-kjyo7100163-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 2667
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d6bfb09bde574adbbe5c69c21c6161a143e1090a
content-length: 5189
GET

https://github.githubassets.com/assets/wp-runtime-98ba33526bb7.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/wp-runtime-98ba33526bb7.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 27 Mar 2025 13:08:52 GMT
etag: "0x8DD6D30857A7F50"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 6918
x-served-by: cache-iad-kiad7000034-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 9, 495
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 97af451b0739895b48dd4765c37c5aaafaa7e43a
content-length: 14602
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E029647C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2032526
x-served-by: cache-iad-kiad7000023-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 3989
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cb89be54e5951279dba094a19cff793f26686009
content-length: 3080
GET

https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-46b9f4874d95.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-46b9f4874d95.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 17:29:27 GMT
etag: "0x8DD631DC5862072"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 1110675
x-served-by: cache-iad-kiad7000102-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 32, 4270
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9795844246ef97b1cffc1b855dd7ac2cc2a1f761
content-length: 4853
GET

https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-75968cfb5298.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_failbot_failbot_ts-75968cfb5298.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 03 Jan 2025 21:10:51 GMT
etag: "0x8DD2C3B1AB7B5CF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 3829465
x-served-by: cache-iad-kjyo7100116-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 33, 4014
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8e675fdd437660f66affed1b9a287e4bc3895270
content-length: 5794
GET

https://github.githubassets.com/assets/environment-f04cb2a9fc8c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/environment-f04cb2a9fc8c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 13 Mar 2025 05:22:50 GMT
etag: "0x8DD61EF19738E21"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 816166
x-served-by: cache-iad-kiad7000134-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 39, 4343
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ae08054cc2956606bfc76a7da6acf20fd0ce112b
content-length: 4704
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-0dbb79f97f8f.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-0dbb79f97f8f.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 21:20:53 GMT
etag: "0x8DD4BAB21C35645"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2601655
x-served-by: cache-iad-kiad7000150-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 4045
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a52c948d81f0a5464cf6306df9114eb7f37217c1
content-length: 783
GET

https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F8D41"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 3760827
x-served-by: cache-iad-kiad7000168-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 3982
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 255be3393aada3338ee14ab1e2e05cc518d612eb
content-length: 3284
GET

https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-62d275b7ddd9.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-62d275b7ddd9.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 11 Mar 2025 02:46:42 GMT
etag: "0x8DD6046F4852561"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 773464
x-served-by: cache-iad-kiad7000085-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 97, 4388
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b7446fbabe3c03e9b821b751b27fb3ea06fb1b00
content-length: 6810
GET

https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500C5DFD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 3605571
x-served-by: cache-iad-kiad7000164-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 4007
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c4008a5f0ec9d1ec2c4243dbab3660df443548b1
content-length: 4311
GET

https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a90ac05d2469.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a90ac05d2469.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E0F9ED8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2531580
x-served-by: cache-iad-kcgs7200078-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 15, 4039
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c43c3de606aa9dc4ae4662c7d4fa18539a8061b2
content-length: 5379
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 19:56:20 GMT
etag: "0x8DD1954B7817C15"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 5030611
x-served-by: cache-iad-kjyo7100066-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 4028
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 56259a8ee67f5cf9c4f5e46e21548a22b0705b35
content-length: 3683
GET

https://github.githubassets.com/assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 18 Mar 2025 21:48:50 GMT
etag: "0x8DD6666AB94AD17"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 589170
x-served-by: cache-iad-kiad7000174-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 84, 4501
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 52bbc680566accd533607b37f99954299bc266d7
content-length: 3705
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-efa32db3a345.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-efa32db3a345.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 21 Mar 2025 18:36:17 GMT
etag: "0x8DD68A744A906EC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 166267
x-served-by: cache-iad-kcgs7200152-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 55, 5998
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 18a0a188dc56198991b5ddf65bca81082d839305
content-length: 27736
GET

https://github.githubassets.com/assets/github-elements-394f8eb34f19.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/github-elements-394f8eb34f19.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 17:47:06 GMT
etag: "0x8DD63203CFB9E5C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 1110675
x-served-by: cache-iad-kcgs7200076-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 32, 4336
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0fbd259b74425efa1ce7ed6faf2475d55f5bf10f
content-length: 9613
GET

https://github.githubassets.com/assets/element-registry-8206a1f1fc89.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/element-registry-8206a1f1fc89.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 13 Feb 2025 00:26:04 GMT
etag: "0x8DD4BC50046C86E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2601381
x-served-by: cache-iad-kjyo7100074-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 4537
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5fe5857b7406913886e9c249f4eca55fa85abb13
content-length: 6982
GET

https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-2906d7-2a07a295af40.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-2906d7-2a07a295af40.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 26 Mar 2025 03:21:21 GMT
etag: "0x8DD6C1547FD87F0"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 91839
x-served-by: cache-iad-kjyo7100141-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 4718
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a89d1098e40fad9f641763820ae715b92b403a3f
content-length: 8137
GET

https://github.githubassets.com/assets/dark-8a995f0bacd4.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/dark-8a995f0bacd4.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 20 Mar 2025 23:48:57 GMT
etag: "0x8DD6809C7E5F19F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 511308
x-served-by: cache-iad-kjyo7100109-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 4484
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9d2617697c97aab9fb5260f6d37e95955215ba47
content-length: 9074
GET

https://github.githubassets.com/assets/primer-aaa714e5674d.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-aaa714e5674d.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 24 Mar 2025 16:17:52 GMT
etag: "0x8DD6AEF6DBB34FE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 91839
x-served-by: cache-iad-kjyo7100062-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 4615
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: be1af2f2baf585e14c8a56711c8a3c4c6d7bae46
content-length: 21528
GET

https://github.githubassets.com/assets/github-ea73c9cb5377.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/github-ea73c9cb5377.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 03 Mar 2025 21:33:15 GMT
etag: "0x8DD5A9B01FC085A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 1419384
x-served-by: cache-iad-kiad7000140-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 49, 4136
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 86c17b47f37098562fa4f828143dd16f34663d9e
content-length: 2401
GET

https://github.githubassets.com/assets/primer-primitives-225433424a87.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-primitives-225433424a87.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Sun, 23 Mar 2025 20:48:43 GMT
etag: "0x8DD6A4C19B57200"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 235242
x-served-by: cache-iad-kjyo7100116-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 64, 5031
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2bf0493153f1451ae593d4860842b337f43bda44
content-length: 37890
GET

https://github.githubassets.com/assets/global-7eaba1d4847c.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/global-7eaba1d4847c.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 11 Mar 2025 23:23:05 GMT
etag: "0x8DD60F3AD388533"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 773463
x-served-by: cache-iad-kjyo7100025-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 98, 4454
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 10f5ebd4c461b766d11e80b006a22f9a1dc2c35d
content-length: 39262
GET

https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500E579D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2538548
x-served-by: cache-iad-kjyo7100066-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 4037
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b4b07d76e1f2d630f1a8815a406efc0b53b2c2fb
content-length: 3918
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B44FAF168F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 822871
x-served-by: cache-iad-kiad7000037-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 4046
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b39c6ab1f3d4631bbc843064a1a4fa41fcea579e
content-length: 2385
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-a03ee12d659a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-a03ee12d659a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:43:23 GMT
etag: "0x8DD63413E9D2A2F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 769341
x-served-by: cache-iad-kiad7000037-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 4407
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 64d1606eb5abafa86f3b04938a3e552fc5ecb449
content-length: 18654
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-b6294cf703b7.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-b6294cf703b7.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 19 Mar 2025 13:51:07 GMT
etag: "0x8DD66ED1953DBC6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 688680
x-served-by: cache-iad-kjyo7100098-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 4466
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 87d12e41d7f1ce0ba3478ae0ebf37eeed8015037
content-length: 3866
GET

https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:40 GMT
etag: "0x8DD02B44F3EF886"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2865766
x-served-by: cache-iad-kcgs7200145-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 4059
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dda98b061a627209bc6ed9cba4d922f3e37ed373
content-length: 4851
GET

https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-947061-e7a6c4a19f98.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-947061-e7a6c4a19f98.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 20 Mar 2025 14:16:49 GMT
etag: "0x8DD67B9DAA62EE6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 589170
x-served-by: cache-iad-kiad7000092-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 84, 4567
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c0f94b05efe44b1d7af7a5946af0700ab4ccb347
content-length: 17396
GET

https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-2a55124d5c52.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_updatable-content_updatable-content_ts-2a55124d5c52.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 20:20:04 GMT
etag: "0x8DD5C231DC98B21"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 1415664
x-served-by: cache-iad-kjyo7100096-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 135, 4225
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9e5afcfd7c6e0bddeb1ca05d4c31ef3db41918c7
content-length: 3409
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-768abe60b1f8.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-768abe60b1f8.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 20:19:48 GMT
etag: "0x8DD5C23140C73E2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 1479719
x-served-by: cache-iad-kcgs7200084-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 135, 4191
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 01c6ab7de1514749e8293888fb5479957ed0f86d
content-length: 4510
GET

https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-3e000c5d31a9.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-3e000c5d31a9.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 24 Feb 2025 18:43:21 GMT
etag: "0x8DD55031CA06860"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2634103
x-served-by: cache-iad-kiad7000106-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 82, 4121
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b4e8e0e733409b9dcf41e6ad05669b86baa51141
content-length: 3363
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-87a4ae-b8865f653f6b.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-87a4ae-b8865f653f6b.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:57:06 GMT
etag: "0x8DD6AE425299E55"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 175915
x-served-by: cache-iad-kjyo7100027-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 5782
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e4e693af6715d52b27317ddf1ff4f90e975b767b
content-length: 6977
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-e429cff6ceb1.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-e429cff6ceb1.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 24 Feb 2025 18:43:20 GMT
etag: "0x8DD55031C53893A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2541951
x-served-by: cache-iad-kiad7000146-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 81, 4124
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ffd5439d97ad36a5ae357a63d66d7823e75b5772
content-length: 3112
GET

https://github.githubassets.com/assets/behaviors-c1f5beceda17.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/behaviors-c1f5beceda17.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 26 Mar 2025 22:56:22 GMT
etag: "0x8DD6CB96DC0D657"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 65145
x-served-by: cache-iad-kiad7000139-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 3737
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0eee8cb35087baa940cba7b71810a3b0a9e19dc0
content-length: 61365
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 17:47:26 GMT
etag: "0x8DD08C23B22EDF8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2857329
x-served-by: cache-iad-kiad7000141-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 31, 4044
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e9ab5724a1743b13d1a6e82b50685be35da6ca38
content-length: 4143
GET

https://github.githubassets.com/assets/notifications-global-01e85cd1be94.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-global-01e85cd1be94.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 24 Feb 2025 18:43:33 GMT
etag: "0x8DD55032404E23B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2633737
x-served-by: cache-iad-kiad7000020-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 82, 4146
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 740c883232c0f12026d2414efe7848169797949e
content-length: 3083
GET

https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-94dc7a2157c1.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-94dc7a2157c1.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 20 Feb 2025 22:50:49 GMT
etag: "0x8DD52010557AFC3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 2630289
x-served-by: cache-iad-kiad7000074-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 36, 2813
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0f59643339f4d2fb681d579775fa9b16553288a1
content-length: 3989
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-4b93df70b903.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-4b93df70b903.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 19 Mar 2025 13:51:07 GMT
etag: "0x8DD66ED195539C2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:29 GMT
age: 688675
x-served-by: cache-iad-kiad7000069-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 2561
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7107887cdedb6323c3ff09297d4bede1aeace951
content-length: 5032
GET

https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-3e9d848bab5f.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_ref-selector_ts-3e9d848bab5f.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 21 Feb 2025 22:10:48 GMT
etag: "0x8DD52C49873BAE7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2637209
x-served-by: cache-iad-kjyo7100146-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 63, 2819
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b53e6ecbe5ff3c73e2947fe8e102cc03775001e0
content-length: 5097
GET

https://github.githubassets.com/assets/codespaces-c3bcacfe317c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/codespaces-c3bcacfe317c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 20:19:53 GMT
etag: "0x8DD5C2316CBB8A8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1872581
x-served-by: cache-iad-kjyo7100094-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 80, 2367
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ac49cb542b043a0d7f30fa240c8523c4896597c7
content-length: 5533
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FC3AE69"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 4424838
x-served-by: cache-iad-kcgs7200159-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 15, 2624
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5c15896a6e9a2691247b6d46de0d78c23e94ced2
content-length: 6126
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 19:35:21 GMT
etag: "0x8DD0675CF86BAD9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2617156
x-served-by: cache-iad-kiad7000054-IAD, cache-lcy-eglc8600074-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 2520
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0ac9c3278d78447d46e20b75a435f72b698aeca4
content-length: 4341
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-b71ef90fbdc7.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-b71ef90fbdc7.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 19 Mar 2025 13:51:07 GMT
etag: "0x8DD66ED193E6FFE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 688674
x-served-by: cache-iad-kjyo7100031-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 2701
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2bedf784f4fac6e56e96d3fe32355673fd0fdbc5
content-length: 3569
GET

https://github.githubassets.com/assets/repositories-7a0dbaa42c57.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repositories-7a0dbaa42c57.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 24 Feb 2025 18:43:36 GMT
etag: "0x8DD550325B4F233"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2648722
x-served-by: cache-iad-kjyo7100037-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 27, 2456
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 32981d1cf87096b80f023c28abfa4902676d1528
content-length: 16347
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E7C17D4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2608255
x-served-by: cache-iad-kcgs7200094-IAD, cache-lcy-eglc8600074-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 2735
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7f92b0eaa336701187d08710c672d1481a8eac09
content-length: 2646
GET

https://github.githubassets.com/assets/code-menu-1c0aedc134b1.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/code-menu-1c0aedc134b1.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 21 Feb 2025 22:10:49 GMT
etag: "0x8DD52C49957C2F5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2002753
x-served-by: cache-iad-kjyo7100035-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 41, 2769
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b23d6c7358d82b8dc3fc25664306eb53641279eb
content-length: 3532
GET

https://github.githubassets.com/assets/primer-react-dee7fde768ad.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-react-dee7fde768ad.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 19 Mar 2025 20:06:52 GMT
etag: "0x8DD6721971C202A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 72508
x-served-by: cache-iad-kiad7000071-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 14, 3949
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 67488f930bca9627729a399e7b8b79603a890f78
content-length: 112954
GET

https://github.githubassets.com/assets/react-core-a18127980111.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-core-a18127980111.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 26 Mar 2025 20:38:28 GMT
etag: "0x8DD6CA62A421B03"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 72508
x-served-by: cache-iad-kiad7000095-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 13, 3951
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d1efd8008ee50981233965d7657af86ac7c6f4ea
content-length: 46769
GET

https://github.githubassets.com/assets/react-lib-f1bca44e0926.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/react-lib-f1bca44e0926.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 21:20:56 GMT
etag: "0x8DD4BAB23D5B1F6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2016963
x-served-by: cache-iad-kjyo7100091-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 4164
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bc0611c58c876ef952862a29372885a002c8d3f0
content-length: 56524
GET

https://github.githubassets.com/assets/octicons-react-cf2f2ab8dab4.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/octicons-react-cf2f2ab8dab4.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 01:33:12 GMT
etag: "0x8DD5B85B15020B8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 742647
x-served-by: cache-iad-kcgs7200096-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 191, 4689
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 06964115e6213afc3b2517a0a017155fd1a2eda2
content-length: 91021
GET

https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-62da9f-2df2f32ec596.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-62da9f-2df2f32ec596.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 28 Jan 2025 01:30:47 GMT
etag: "0x8DD3F3B64406EA2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1996841
x-served-by: cache-iad-kjyo7100087-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 4064
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 92ff8bd8d06c117b37c2d2cc67d1b161c58926a7
content-length: 16517
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-9a233856b02c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-9a233856b02c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 17:29:27 GMT
etag: "0x8DD631DC5B36648"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1110675
x-served-by: cache-iad-kjyo7100064-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 32, 4366
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c838eb9ef65f5fd808e8b70658b0c6173a505102
content-length: 5123
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E025E5FB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 3829465
x-served-by: cache-iad-kcgs7200172-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 31, 4057
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bc5961ce37e8bd4aa32ab9586996f87158a0c995
content-length: 3077
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu-58a0c58bfee4.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-subscriptions-menu-58a0c58bfee4.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 16:44:21 GMT
etag: "0x8DD581726D218CC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1856963
x-served-by: cache-iad-kiad7000063-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 77, 3150
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 733f6e939955f45c880682cce75a940abdc14ab5
content-length: 5552
GET

https://github.githubassets.com/assets/primer-react.2a23faf8f7c3da694407.module.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/primer-react.2a23faf8f7c3da694407.module.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 27 Mar 2025 13:08:50 GMT
etag: "0x8DD6D308443F85E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 6922
x-served-by: cache-iad-kjyo7100077-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 525
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 50c11dadadbc730d94f36efa18f5fde4fd960a75
content-length: 22173
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:17 GMT
etag: "0x8DCC5ED35736954"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1927490
x-served-by: cache-iad-kjyo7100115-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 32, 3123
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bd3a6fbc28bbebb41e59070a13f31ffa2beb12c1
content-length: 479
GET

https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-2ea4e93613c0.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_ui-commands_ui-commands_ts-2ea4e93613c0.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 26 Mar 2025 13:04:01 GMT
etag: "0x8DD6C66ADDC3B2A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 91840
x-served-by: cache-iad-kcgs7200064-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 4827
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b8bd3748f1c44b9cbce7c135c721bb40c79ab6f8
content-length: 6650
GET

https://github.githubassets.com/assets/keyboard-shortcuts-dialog-33dfb803e078.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/keyboard-shortcuts-dialog-33dfb803e078.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 11 Mar 2025 19:47:29 GMT
etag: "0x8DD60D58EF44FA4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 696958
x-served-by: cache-iad-kiad7000070-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 4442
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: da0b058ac7b9ad4794787df252200ff97c85572d
content-length: 6884
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-4898d1bf4b51.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-4898d1bf4b51.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 24 Feb 2025 18:43:37 GMT
etag: "0x8DD5503266F0C88"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1466863
x-served-by: cache-iad-kjyo7100164-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 31, 3503
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 900d06c06389e39dede68ae550e11af929d3acbd
content-length: 4156
GET

https://github.githubassets.com/assets/sessions-730dca81d0a2.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/sessions-730dca81d0a2.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 19 Mar 2025 16:19:49 GMT
etag: "0x8DD6701DF2DEA46"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 633879
x-served-by: cache-iad-kiad7000162-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 3774
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 613f95d34407586b68a5151b6440c63465c9385e
content-length: 5380
GET

https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_es_mjs-dd1d3ea6a436.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_dompurify_dist_purify_es_mjs-dd1d3ea6a436.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 18 Feb 2025 12:21:19 GMT
etag: "0x8DD5016BFEDEAE3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2419705
x-served-by: cache-iad-kcgs7200153-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 32, 3122
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d44fb7149ca7bacc1bdb1a3c8eaffa5211c27720
content-length: 8171
GET

https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E029647C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2796341
x-served-by: cache-iad-kcgs7200065-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 2285
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a3a724e782fdbb6a5be98fe179971e6d413f5691
content-length: 3412
GET

https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-17c672-34345cb18aac.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-17c672-34345cb18aac.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 27 Feb 2025 14:26:15 GMT
etag: "0x8DD573AB1A5ED59"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2010421
x-served-by: cache-iad-kjyo7100051-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 54, 3174
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f79f5dd8d38429f7f642730d62d80a619deb50dc
content-length: 3388
GET

https://github.githubassets.com/assets/ui_packages_paths_index_ts-1b92c4b9d0a5.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_paths_index_ts-1b92c4b9d0a5.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 27 Mar 2025 01:04:57 GMT
etag: "0x8DD6CCB64A94BC4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 46370
x-served-by: cache-iad-kjyo7100024-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 62, 3349
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 95ba0c3ecc4320f50889d3f559f7334de3ffcf30
content-length: 7326
GET

https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-7496afc3784d.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_ref-selector_RefSelector_tsx-7496afc3784d.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 19 Feb 2025 17:02:34 GMT
etag: "0x8DD510734B3091A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2612375
x-served-by: cache-iad-kjyo7100158-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 46, 2617
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e1935283a9eaefec1f955d4cc05514551b1f4f00
content-length: 6468
GET

https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-7094d4-15017f02e61c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-7094d4-15017f02e61c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 12 Mar 2025 21:22:11 GMT
etag: "0x8DD61ABF3F5C59A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1198043
x-served-by: cache-iad-kcgs7200114-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 56, 2768
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f0e66a663f98242f79c3540c128cd9fea8dab529
content-length: 7510
GET

https://github.githubassets.com/assets/ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_verified-fetch_verified-fetch_ts-u-4672d1-96a19eaeffb7.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_verified-fetch_verified-fetch_ts-u-4672d1-96a19eaeffb7.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 27 Mar 2025 04:02:44 GMT
etag: "0x8DD6CE43A99B150"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 39394
x-served-by: cache-iad-kjyo7100033-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 2245
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ca688ffdeae5e7b35a1fec95fc4becfe54c369e0
content-length: 2880
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-d63960-3cb8cae9e2d0.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-d63960-3cb8cae9e2d0.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 27 Mar 2025 04:02:44 GMT
etag: "0x8DD6CE43A585DE0"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 39394
x-served-by: cache-iad-kiad7000050-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 2232
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f1bdb2e0036d7006f0a63e75c7a90ddedf0a7b01
content-length: 12980
GET

https://github.githubassets.com/assets/repos-overview-520cf5801570.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repos-overview-520cf5801570.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 27 Mar 2025 04:02:43 GMT
etag: "0x8DD6CE4398EC49E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 39394
x-served-by: cache-iad-kiad7000101-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 15, 1882
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b3ad68b6113d39245b60d6d6e7bb481f6ef0ccf9
content-length: 25871
GET

https://github.githubassets.com/assets/repos-overview.0ee7cac3ab511a65d9f9.module.css

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/repos-overview.0ee7cac3ab511a65d9f9.module.css HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: style
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 06 Mar 2025 17:41:31 GMT
etag: "0x8DD5CD6218DA075"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 797685
x-served-by: cache-iad-kcgs7200077-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 45, 2251
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2437a460e848f237ea2a9fbb82ec36b96e700978
content-length: 554
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-dbc875e76b97.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_primer_experimental_select-panel-element_ts-dbc875e76b97.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 13 Feb 2025 15:14:49 GMT
etag: "0x8DD4C4128E82E39"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1412110
x-served-by: cache-iad-kjyo7100044-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3908
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dfe18e7ad7be6194a0b734bb4d600829742bc379
content-length: 7780
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-670c71d392c6.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-670c71d392c6.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 21:20:51 GMT
etag: "0x8DD4BAB206F2F47"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1680969
x-served-by: cache-iad-kjyo7100175-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3835
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dbd2cbc64f41af4eeb999230dae44904fa66822f
content-length: 544
GET

https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-abc100eaa2cb.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_search_custom-scopes-element_ts-abc100eaa2cb.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 21:20:51 GMT
etag: "0x8DD4BAB2073226E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1994795
x-served-by: cache-iad-kcgs7200119-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3557
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2d504488cd4fc7b2834c5869a77a0ba078f5d6b2
content-length: 4101
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3C55516"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1483932
x-served-by: cache-iad-kiad7000044-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 13, 3556
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7af0142a576a4bd53ef317404def4a225c30b753
content-length: 6323
GET

https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-b492d6900d5e.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_query-builder-element_query-builder-element_ts-b492d6900d5e.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 07 Mar 2025 02:09:02 GMT
etag: "0x8DD5D1D07C1610E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1734087
x-served-by: cache-iad-kcgs7200022-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3847
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e99ff12f16e0b7752cf7c77bdd7100a0aee671d1
content-length: 7505
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-91468a3354f9.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-91468a3354f9.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 21:20:49 GMT
etag: "0x8DD4BAB1F42AF08"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1397280
x-served-by: cache-iad-kiad7000068-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3608
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2b93908ef78afb5178ffb910612b54072de7e85e
content-length: 5570
GET

https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-880f27a93f7b.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-880f27a93f7b.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 13 Feb 2025 15:14:50 GMT
etag: "0x8DD4C41292E5E2A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1329594
x-served-by: cache-iad-kjyo7100100-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3590
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7bd8126eef0583b1581496049bcd3cb42b5a1638
content-length: 4438
GET

https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-cf531d29cf91.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_search_qbsearch-input-element_ts-cf531d29cf91.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 10 Mar 2025 20:02:55 GMT
etag: "0x8DD600E8BF8D0F4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1371035
x-served-by: cache-iad-kcgs7200120-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 14, 3737
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 79f7d91344544035026af5411ac1c952a01fd707
content-length: 17020
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-8ca582ddd98a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-8ca582ddd98a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 21:20:51 GMT
etag: "0x8DD4BAB20A937F6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2009207
x-served-by: cache-iad-kcgs7200107-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3797
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8a1d72a5266ef797156a17cb758df6ebfcbd6569
content-length: 2913
GET

https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-04338159da93.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-04338159da93.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 21:20:51 GMT
etag: "0x8DD4BAB20A91111"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1838290
x-served-by: cache-iad-kiad7000059-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3778
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c8a64a7a5aefb79f62fbd6ac6eda9be53cfe9468
content-length: 3160
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3BAD98C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2541952
x-served-by: cache-iad-kiad7000114-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 13, 3535
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 46d98251d0da73664c4becd357760817f4c5383d
content-length: 5020
GET

https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-37a12a0ee62c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-37a12a0ee62c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 13 Feb 2025 15:14:50 GMT
etag: "0x8DD4C41292FE316"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2855026
x-served-by: cache-iad-kcgs7200097-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3545
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 87b628ce4daeac45a84ce5042aab308f32f23acc
content-length: 2521
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-c4e5a9b4f95a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-c4e5a9b4f95a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 21:20:51 GMT
etag: "0x8DD4BAB20C138E3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1337848
x-served-by: cache-iad-kiad7000148-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3837
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 73179a086e0adc39b6797a5789d93015f00625e6
content-length: 2844
GET

https://github.githubassets.com/favicons/favicon.svg

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6
te: trailers

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: bYAvaN8MCaSZfP0o7q/Z/w==
last-modified: Wed, 14 Aug 2024 19:18:58 GMT
etag: "0x8DCBC95F2647EDF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 162
x-served-by: cache-iad-kiad7000081-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 2146563, 3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5d7667362c7f0d0b86ebaa4e72878b6fdc471089
content-length: 959
GET

https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-ef1fa1f779f7.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-ef1fa1f779f7.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 11 Mar 2025 14:40:25 GMT
etag: "0x8DD60AAA9215B29"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 1316609
x-served-by: cache-iad-kcgs7200092-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 18, 2097
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e2cf8011a6a30a46893088b8fded7249a38b6445
content-length: 5383
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:32 GMT
etag: "0x8DD02B44AD10969"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:30 GMT
age: 2594636
x-served-by: cache-iad-kjyo7100146-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3580
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 94c8ee2ace1038eca4f250c6a372c54d53de3168
content-length: 9421
GET

https://github.githubassets.com/images/gravatars/gravatar-user-420.png?size=40

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /images/gravatars/gravatar-user-420.png?size=40 HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

content-type: image/png
content-md5: J4WxvtrtOWJpKhhQpMUPqg==
last-modified: Wed, 14 Aug 2024 19:20:19 GMT
etag: "0x8DCBC9622FDA663"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:57:31 GMT
age: 222
x-served-by: cache-iad-kiad7000066-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1899351, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: eb4017b4bc05bcbf283294f9c84f4671bac17115
content-length: 5065
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-a03ee12d659a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-a03ee12d659a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:43:23 GMT
etag: "0x8DD63413E9D2A2F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:58:07 GMT
age: 769379
x-served-by: cache-iad-kiad7000037-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 4409
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 08ce8ed43c1bad61ea231340e8382cfd67811d26
content-length: 18654
GET

https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-62da9f-2df2f32ec596.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-62da9f-2df2f32ec596.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 28 Jan 2025 01:30:47 GMT
etag: "0x8DD3F3B64406EA2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:58:07 GMT
age: 1996879
x-served-by: cache-iad-kjyo7100087-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 4066
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b23c180fa375cc9bf1a112e171a1241c73e942d1
content-length: 16517
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-d63960-3cb8cae9e2d0.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-d63960-3cb8cae9e2d0.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 21 Feb 2025 22:10:49 GMT
etag: "0x8DD52C49957C2F5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 18:00:45 GMT
age: 2002948
x-served-by: cache-iad-kjyo7100035-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 41, 2775
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6a7be54f2c1d00dacab682adea94e548bc5cab55
content-length: 3532
GET

https://github.githubassets.com/assets/code-menu-1c0aedc134b1.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/code-menu-1c0aedc134b1.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 13 Feb 2025 15:14:50 GMT
etag: "0x8DD4C41292FE316"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 18:00:45 GMT
age: 2855221
x-served-by: cache-iad-kcgs7200097-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 3551
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2cff2b7e3b3b678bed482c00573ca5b223892b47
content-length: 2521
GET

https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-37a12a0ee62c.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-37a12a0ee62c.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:06 GMT
etag: "0x8DD154459DDCAE0"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 18:00:49 GMT
age: 5036693
x-served-by: cache-iad-kjyo7100030-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 21, 320
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 08643448e5983340606e1e7362037ad7e8a615d1
content-length: 3886
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-c4e5a9b4f95a.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-c4e5a9b4f95a.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 13 Feb 2025 15:14:49 GMT
etag: "0x8DD4C4128CAB534"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 18:00:49 GMT
age: 2632138
x-served-by: cache-iad-kjyo7100102-IAD, cache-lcy-eglc8600074-LCY
x-cache: HIT, HIT
x-cache-hits: 21, 345
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9ce9fccba6d92052f72287cac100d2c24fb95aed
content-length: 4881
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_hydro-analytics-c-35f15c-30ba527ded25.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_hydro-analytics-c-35f15c-30ba527ded25.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
GET

https://github.githubassets.com/assets/chunk-app_components_accessibility_animated-image-element_ts-3813856f440e.js

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /assets/chunk-app_components_accessibility_animated-image-element_ts-3813856f440e.js HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://github.com
referer: https://github.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
GET

https://github.githubassets.com/images/gravatars/gravatar-user-420.png?size=40

firefox.exe

Remote address:

185.199.109.154:443

Request

GET /images/gravatars/gravatar-user-420.png?size=40 HTTP/2.0
host: github.githubassets.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers
GET

https://private-user-images.githubusercontent.com/138373919/283999837-be96d782-19f3-49e6-b8f2-64bba00f7905.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NDMwOTg1ODcsIm5iZiI6MTc0MzA5ODI4NywicGF0aCI6Ii8xMzgzNzM5MTkvMjgzOTk5ODM3LWJlOTZkNzgyLTE5ZjMtNDllNi1iOGYyLTY0YmJhMDBmNzkwNS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjUwMzI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI1MDMyN1QxNzU4MDdaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT0yNjBlNzI2MmI0OTg3OTQxOTI3NjhkMjcxOGExZGFmM2M2ODAzNmU5MmQwNGZlYzczNDFjY2M1NjhhNWVkMWZkJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCJ9.nZH5mnw_4-uXADu8FNBZgazCz_-pIkCDI4F9-DK-pyU

firefox.exe

Remote address:

185.199.108.133:443

Request

GET /138373919/283999837-be96d782-19f3-49e6-b8f2-64bba00f7905.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NDMwOTg1ODcsIm5iZiI6MTc0MzA5ODI4NywicGF0aCI6Ii8xMzgzNzM5MTkvMjgzOTk5ODM3LWJlOTZkNzgyLTE5ZjMtNDllNi1iOGYyLTY0YmJhMDBmNzkwNS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjUwMzI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI1MDMyN1QxNzU4MDdaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT0yNjBlNzI2MmI0OTg3OTQxOTI3NjhkMjcxOGExZGFmM2M2ODAzNmU5MmQwNGZlYzczNDFjY2M1NjhhNWVkMWZkJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCJ9.nZH5mnw_4-uXADu8FNBZgazCz_-pIkCDI4F9-DK-pyU HTTP/2.0
host: private-user-images.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

x-amz-replication-status: COMPLETED
last-modified: Sat, 18 Nov 2023 12:57:23 GMT
etag: "fdedc7356552ef0724257c2b397673ba"
cache-control: max-age=2592000
x-amz-version-id: null
content-type: image/png
accept-ranges: bytes
age: 461780
date: Thu, 27 Mar 2025 17:58:07 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600092-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1743098288.910962,VS0,VE1
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
x-fastly-request-id: 146ed1a46f5c6969b6cc3c9949928dc083166f41
server: GitHub.Cloud
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
timing-allow-origin: https://github.com
content-length: 38774
GET

https://camo.githubusercontent.com/9a7ebb6f4070d26e002fda7d4db60bd138809a0faa543763ec661763734106b1/68747470733a2f2f63646e2e73656c6c69782e696f2f73746f726566726f6e742f336563336333653035646662323264363931666264643666666633323032363266393238626136312f3638373437343730373333613266326636393265363936323632326536333666326637393538333537383333373133313266353636393634363536663265363736393636

firefox.exe

Remote address:

185.199.108.133:443

Request

GET /9a7ebb6f4070d26e002fda7d4db60bd138809a0faa543763ec661763734106b1/68747470733a2f2f63646e2e73656c6c69782e696f2f73746f726566726f6e742f336563336333653035646662323264363931666264643666666633323032363266393238626136312f3638373437343730373333613266326636393265363936323632326536333666326637393538333537383333373133313266353636393634363536663265363736393636 HTTP/2.0
host: camo.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 404

cache-control: no-cache, no-store, private, must-revalidate
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
server: github.com
x-github-request-id: B314:2EC048:1DB7EB:418E14:67E591AA
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:58:08 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600092-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1743098288.951775,VS0,VE91
x-fastly-request-id: 41fb07eaa9608a5171eb7d5b2d4b92acfda03e1d
timing-allow-origin: https://github.com
content-length: 27
GET

https://camo.githubusercontent.com/9a7ebb6f4070d26e002fda7d4db60bd138809a0faa543763ec661763734106b1/68747470733a2f2f63646e2e73656c6c69782e696f2f73746f726566726f6e742f336563336333653035646662323264363931666264643666666633323032363266393238626136312f3638373437343730373333613266326636393265363936323632326536333666326637393538333537383333373133313266353636393634363536663265363736393636

firefox.exe

Remote address:

185.199.108.133:443

Request

GET /9a7ebb6f4070d26e002fda7d4db60bd138809a0faa543763ec661763734106b1/68747470733a2f2f63646e2e73656c6c69782e696f2f73746f726566726f6e742f336563336333653035646662323264363931666264643666666633323032363266393238626136312f3638373437343730373333613266326636393265363936323632326536333666326637393538333537383333373133313266353636393634363536663265363736393636 HTTP/2.0
host: camo.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 404

cache-control: no-cache, no-store, private, must-revalidate
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
server: github.com
x-github-request-id: A600:A84F1:5BDE5D:C323D7:67E5919A
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:58:09 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600092-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1743098289.970961,VS0,VE99
x-fastly-request-id: 26eb0b1e4c4eaba95955f547c86d38fd3722a246
timing-allow-origin: https://github.com
content-length: 27
GET

https://private-user-images.githubusercontent.com/138373919/283999837-be96d782-19f3-49e6-b8f2-64bba00f7905.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NDMwOTg1OTAsIm5iZiI6MTc0MzA5ODI5MCwicGF0aCI6Ii8xMzgzNzM5MTkvMjgzOTk5ODM3LWJlOTZkNzgyLTE5ZjMtNDllNi1iOGYyLTY0YmJhMDBmNzkwNS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjUwMzI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI1MDMyN1QxNzU4MTBaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT04MGFiOTYxY2ZkZGE1NDRlMWQ1OWQ3MWQxYWI4MWIxZWZkM2MyMmE0MjdmNTdlYTBkOGFlYjM3MDgzYzEwZjYyJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCJ9.B8LO3aWL2QSJ6CCZfOGhgEFx2kcADep8-aycZ8UVp40

firefox.exe

Remote address:

185.199.108.133:443

Request

GET /138373919/283999837-be96d782-19f3-49e6-b8f2-64bba00f7905.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NDMwOTg1OTAsIm5iZiI6MTc0MzA5ODI5MCwicGF0aCI6Ii8xMzgzNzM5MTkvMjgzOTk5ODM3LWJlOTZkNzgyLTE5ZjMtNDllNi1iOGYyLTY0YmJhMDBmNzkwNS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjUwMzI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI1MDMyN1QxNzU4MTBaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT04MGFiOTYxY2ZkZGE1NDRlMWQ1OWQ3MWQxYWI4MWIxZWZkM2MyMmE0MjdmNTdlYTBkOGFlYjM3MDgzYzEwZjYyJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCJ9.B8LO3aWL2QSJ6CCZfOGhgEFx2kcADep8-aycZ8UVp40 HTTP/2.0
host: private-user-images.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

x-amz-replication-status: COMPLETED
last-modified: Sat, 18 Nov 2023 12:57:23 GMT
etag: "fdedc7356552ef0724257c2b397673ba"
cache-control: max-age=2592000
x-amz-version-id: null
content-type: image/png
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:58:10 GMT
via: 1.1 varnish
age: 461782
x-served-by: cache-lcy-eglc8600092-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1743098290.265634,VS0,VE2
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
x-fastly-request-id: 366086d869f8900b7dfdfa53930ca25cc8976a41
server: GitHub.Cloud
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
timing-allow-origin: https://github.com
content-length: 38774
GET

https://camo.githubusercontent.com/9a7ebb6f4070d26e002fda7d4db60bd138809a0faa543763ec661763734106b1/68747470733a2f2f63646e2e73656c6c69782e696f2f73746f726566726f6e742f336563336333653035646662323264363931666264643666666633323032363266393238626136312f3638373437343730373333613266326636393265363936323632326536333666326637393538333537383333373133313266353636393634363536663265363736393636

firefox.exe

Remote address:

185.199.108.133:443

Request

GET /9a7ebb6f4070d26e002fda7d4db60bd138809a0faa543763ec661763734106b1/68747470733a2f2f63646e2e73656c6c69782e696f2f73746f726566726f6e742f336563336333653035646662323264363931666264643666666633323032363266393238626136312f3638373437343730373333613266326636393265363936323632326536333666326637393538333537383333373133313266353636393634363536663265363736393636 HTTP/2.0
host: camo.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "73b28f2734988bf29dab01181e8df523211497ec7e8a2403aa481323741ece51"
last-modified: Sat, 21 Mar 2015 11:38:42 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 97DE:351451:45DF85:975B77:67DCB3AF
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:58:10 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600092-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1743098290.367844,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 7988124e39dcc5cec1a3316ac0c61f0b53190f1d
expires: Thu, 27 Mar 2025 18:03:10 GMT
source-age: 581122
vary: Authorization,Accept-Encoding
content-length: 1520
GET

https://avatars.githubusercontent.com/u/202700267?s=64&v=4

firefox.exe

Remote address:

185.199.108.133:443

Request

GET /u/202700267?s=64&v=4 HTTP/2.0
host: avatars.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 404

cache-control: no-cache, no-store, private, must-revalidate
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
server: github.com
x-github-request-id: A600:A84F1:5BDE84:C32421:67E591B1
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:58:10 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600092-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1743098290.269279,VS0,VE107
x-fastly-request-id: 8e871148f2ac81d08e7b46e244fae7cdfb74b11b
timing-allow-origin: https://github.com
content-length: 27
GET

https://camo.githubusercontent.com/9a3a096e576eacb703344fda1c137b3865e1e6ad8cd795395cacdaf2b9052cab/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f7265706f2d73697a652f44652d656c6f7065722f6e6a5241542d416c6c2d56657273696f6e73

firefox.exe

Remote address:

185.199.108.133:443

Request

GET /9a3a096e576eacb703344fda1c137b3865e1e6ad8cd795395cacdaf2b9052cab/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f7265706f2d73697a652f44652d656c6f7065722f6e6a5241542d416c6c2d56657273696f6e73 HTTP/2.0
host: camo.githubusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

cache-control: max-age=300, s-maxage=300
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
content-type: image/svg+xml;charset=utf-8
expires: Thu, 27 Mar 2025 18:05:47 GMT
last-modified: Thu, 27 Mar 2025 18:00:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
server: github.com
x-github-request-id: 5F69:204D87:5C23BF:C377E8:67E59247
accept-ranges: bytes
age: 0
date: Thu, 27 Mar 2025 18:00:47 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600092-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1743098447.401001,VS0,VE205
x-fastly-request-id: 2eba74a097cf2a4a67b7db013b9b364ff862a24c
timing-allow-origin: https://github.com
content-length: 1144
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.111.154
DNS

avatars.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.108.133

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.110.133

avatars.githubusercontent.com

IN A

185.199.111.133
DNS

user-images.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.109.133

user-images.githubusercontent.com

IN A

185.199.108.133

user-images.githubusercontent.com

IN A

185.199.111.133

user-images.githubusercontent.com

IN A

185.199.110.133
DNS

s3-w.us-east-1.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

s3-w.us-east-1.amazonaws.com

IN A

Response

s3-w.us-east-1.amazonaws.com

IN A

3.5.28.27

s3-w.us-east-1.amazonaws.com

IN A

52.216.35.57

s3-w.us-east-1.amazonaws.com

IN A

54.231.160.121

s3-w.us-east-1.amazonaws.com

IN A

3.5.30.34

s3-w.us-east-1.amazonaws.com

IN A

16.182.36.129

s3-w.us-east-1.amazonaws.com

IN A

3.5.25.25

s3-w.us-east-1.amazonaws.com

IN A

52.216.251.100

s3-w.us-east-1.amazonaws.com

IN A

52.217.224.145
DNS

avatars.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN AAAA

Response

avatars.githubusercontent.com

IN AAAA

2606:50c0:8000::154

avatars.githubusercontent.com

IN AAAA

2606:50c0:8003::154

avatars.githubusercontent.com

IN AAAA

2606:50c0:8001::154

avatars.githubusercontent.com

IN AAAA

2606:50c0:8002::154
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN AAAA

Response
DNS

s3-w.us-east-1.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

s3-w.us-east-1.amazonaws.com

IN AAAA

Response
DNS

user-images.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN AAAA

Response

user-images.githubusercontent.com

IN AAAA

2606:50c0:8003::154

user-images.githubusercontent.com

IN AAAA

2606:50c0:8001::154

user-images.githubusercontent.com

IN AAAA

2606:50c0:8002::154

user-images.githubusercontent.com

IN AAAA

2606:50c0:8000::154
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.112.21
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: text/plain;charset=UTF-8
content-length: 1076
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:57:31 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.004366
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6389:355130:662020:79168A:67E5918B
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: text/plain;charset=UTF-8
content-length: 1149
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:57:32 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003224
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6389:355130:662336:791A4E:67E5918B
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: text/plain;charset=UTF-8
content-length: 1070
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:58:10 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003290
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6389:355130:668B6A:7997C0:67E5918C
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: text/plain;charset=UTF-8
content-length: 2632
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:58:10 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003283
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6389:355130:668BE1:799863:67E591B2
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: text/plain;charset=UTF-8
content-length: 1143
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:58:24 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002243
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6389:355130:66B364:79C7C2:67E591B2
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: text/plain;charset=UTF-8
content-length: 1217
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:58:25 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002582
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6389:355130:66B75D:79CC7D:67E591C0
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.114.22
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: text/plain;charset=UTF-8
content-length: 909
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:31 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1743101851
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 0875:60528:74058A:92B76F:67E5918B
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: text/plain;charset=UTF-8
content-length: 988
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:36 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1743101856
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 0875:60528:740765:92B9BC:67E5918B
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN AAAA

Response
DNS

encrypted-tbn0.gstatic.com

firefox.exe

Remote address:

8.8.8.8:53

Request

encrypted-tbn0.gstatic.com

IN A

Response

encrypted-tbn0.gstatic.com

IN A

216.58.201.110
GET

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRbbRQTTLNvD7gFAxyqupCRNpqu0g8f1y_zt4sF5e3-Ng&s=10

firefox.exe

Remote address:

216.58.201.110:443

Request

GET /images?q=tbn:ANd9GcRbbRQTTLNvD7gFAxyqupCRNpqu0g8f1y_zt4sF5e3-Ng&s=10 HTTP/2.0
host: encrypted-tbn0.gstatic.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers
GET

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTNBAX8Mdrzpj86r_W5xIRVIVNy07Et-EaBDEMsWzzwlQ&s=10

firefox.exe

Remote address:

216.58.201.110:443

Request

GET /images?q=tbn:ANd9GcTNBAX8Mdrzpj86r_W5xIRVIVNy07Et-EaBDEMsWzzwlQ&s=10 HTTP/2.0
host: encrypted-tbn0.gstatic.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers
GET

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRpfHskCP5D8YEb-uJXYvy4ZEbDzmGpjoHlNG3PyIOPopC_7Y9OZUrRfHFMYA&s=10

firefox.exe

Remote address:

216.58.201.110:443

Request

GET /images?q=tbn:ANd9GcRpfHskCP5D8YEb-uJXYvy4ZEbDzmGpjoHlNG3PyIOPopC_7Y9OZUrRfHFMYA&s=10 HTTP/2.0
host: encrypted-tbn0.gstatic.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers
GET

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ1tmAyEs3d5YsiP8cE2VYchTMVDM_8GnPr2MUyGNaxwtVEbhvtP7rQkJe6IA&s=10

firefox.exe

Remote address:

216.58.201.110:443

Request

GET /images?q=tbn:ANd9GcQ1tmAyEs3d5YsiP8cE2VYchTMVDM_8GnPr2MUyGNaxwtVEbhvtP7rQkJe6IA&s=10 HTTP/2.0
host: encrypted-tbn0.gstatic.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers
GET

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQOT39LXabBW8stOJ5gD_GtunVyneRz-rwzkQWtaWevao1FiQBkdd4pBte7aQ&s=10

firefox.exe

Remote address:

216.58.201.110:443

Request

GET /images?q=tbn:ANd9GcQOT39LXabBW8stOJ5gD_GtunVyneRz-rwzkQWtaWevao1FiQBkdd4pBte7aQ&s=10 HTTP/2.0
host: encrypted-tbn0.gstatic.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers
DNS

encrypted-tbn0.gstatic.com

firefox.exe

Remote address:

8.8.8.8:53

Request

encrypted-tbn0.gstatic.com

IN A

Response

encrypted-tbn0.gstatic.com

IN A

216.58.201.110
DNS

encrypted-tbn0.gstatic.com

firefox.exe

Remote address:

8.8.8.8:53

Request

encrypted-tbn0.gstatic.com

IN AAAA

Response

encrypted-tbn0.gstatic.com

IN AAAA

2a00:1450:4009:826::200e
DNS

c.pki.goog

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

142.250.179.227
GET

http://c.pki.goog/r/r1.crl

Remote address:

142.250.179.227:80

Request

GET /r/r1.crl HTTP/1.1
Cache-Control: max-age = 3000
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
User-Agent: Microsoft-CryptoAPI/10.0
Host: c.pki.goog

Response

HTTP/1.1 304 Not Modified

Date: Thu, 27 Mar 2025 17:38:28 GMT
Expires: Thu, 27 Mar 2025 18:28:28 GMT
Age: 1160
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Cache-Control: public, max-age=3000
Vary: Accept-Encoding
DNS

tria.ge

firefox.exe

Remote address:

8.8.8.8:53

Request

tria.ge

IN A

Response

tria.ge

IN A

172.64.147.112

tria.ge

IN A

104.18.40.144
GET

https://tria.ge/240411-lhs8xagf79

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /240411-lhs8xagf79 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
sec-fetch-user: ?1
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: text/html; charset=utf-8
cache-control: no-store
content-security-policy: base-uri 'self'; frame-ancestors 'none'; form-action 'self' https://id.recordedfuture.com; default-src 'none'; script-src 'self' 'nonce-ZNmRaq3ap/zkBr05guoQkg' 'unsafe-inline'; connect-src 'self'; img-src 'self' data: https://hatching.io; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ 'self';
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
set-cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM; Path=/; HttpOnly; Secure; SameSite=Lax
traceparent: 00-509553e40170ffe48ca4ce14c19c2485-21652020bff00c3b-01
vary: Cookie
vary: accept-encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9270c5b25812ced6-LHR
content-encoding: gzip
GET

https://tria.ge/static/css/common.css?c=764d282

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/css/common.css?c=764d282 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:24:18 GMT
etag: W/"67d49e82-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 9270c5b41c4bced6-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 29 Mar 2025 17:57:48 GMT
cache-control: max-age=172800
cache-control: public
content-encoding: gzip
GET

https://tria.ge/static/css/report.css?c=764d282

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/css/report.css?c=764d282 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-156d8"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b3fbd9ced6-LHR
GET

https://tria.ge/static/css/report_overview.css?c=764d282

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/css/report_overview.css?c=764d282 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 14:34:15 GMT
etag: W/"67e16d67-8a3"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b41c3dced6-LHR
GET

https://tria.ge/static/js/ui.version.js?c=764d282

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/ui.version.js?c=764d282 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 14:34:28 GMT
etag: W/"67e16d74-919b"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b3fbdbced6-LHR
GET

https://tria.ge/static/svg/platforms/windows11.svg

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/svg/platforms/windows11.svg HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 14:34:28 GMT
etag: W/"67e16d74-2a00"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b40c0fced6-LHR
GET

https://tria.ge/static/svg/platforms/android.svg

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/svg/platforms/android.svg HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 14:34:15 GMT
etag: W/"67e16d67-1ca"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b41c31ced6-LHR
GET

https://tria.ge/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-196"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b42c55ced6-LHR
GET

https://tria.ge/static/js/ui.common.js?c=764d282

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/ui.common.js?c=764d282 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-444f"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b41c4eced6-LHR
GET

https://tria.ge/static/js/ui.report_overview.js?c=764d282

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/ui.report_overview.js?c=764d282 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-10c04"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b41c1bced6-LHR
GET

https://tria.ge/static/js/chunk-EJP5W3SV.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-EJP5W3SV.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.report_overview.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-f1b"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b4fe4dced6-LHR
GET

https://tria.ge/static/js/chunk-IBP4GVZ5.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-IBP4GVZ5.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.report_overview.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-210"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b4fe50ced6-LHR
GET

https://tria.ge/static/js/chunk-6SP6SDFH.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-6SP6SDFH.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.report_overview.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-8dc"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b4fe56ced6-LHR
GET

https://tria.ge/static/js/chunk-SJ2ZBNP7.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-SJ2ZBNP7.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.report_overview.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-ba2"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b4fe5eced6-LHR
GET

https://tria.ge/static/js/chunk-UI5PTGA5.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-UI5PTGA5.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.report_overview.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-341a"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b50e67ced6-LHR
GET

https://tria.ge/static/js/chunk-LWNJDMXF.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-LWNJDMXF.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.report_overview.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-18d"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b50e71ced6-LHR
GET

https://tria.ge/static/js/chunk-X62GPJC2.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-X62GPJC2.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.report_overview.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-b6b"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b50e85ced6-LHR
GET

https://tria.ge/static/js/chunk-FW4363Y4.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-FW4363Y4.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.report_overview.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:48 GMT
content-type: text/plain
last-modified: Mon, 24 Mar 2025 14:34:15 GMT
etag: W/"67e16d67-40e0"
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b51eaeced6-LHR
GET

https://tria.ge/static/fonts/inter/inter-v11-latin-regular.woff2

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/fonts/inter/inter-v11-latin-regular.woff2 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://tria.ge/static/css/common.css?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: text/plain
last-modified: Mon, 24 Mar 2025 14:34:14 GMT
etag: W/"67e16d66-449c"
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b51eb1ced6-LHR
GET

https://tria.ge/static/fonts/inter/inter-v11-latin-600.woff2

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/fonts/inter/inter-v11-latin-600.woff2 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://tria.ge/static/css/common.css?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 14:34:15 GMT
etag: W/"67e16d67-a2"
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9270c5b52ebbced6-LHR
content-encoding: gzip
GET

https://tria.ge/static/svg/icons/expand_less.svg

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/svg/icons/expand_less.svg HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/css/common.css?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: text/plain
last-modified: Mon, 24 Mar 2025 14:34:14 GMT
etag: W/"67e16d66-4428"
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b53ef5ced6-LHR
GET

https://tria.ge/static/fonts/inter/inter-v11-latin-700.woff2

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/fonts/inter/inter-v11-latin-700.woff2 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://tria.ge/static/css/common.css?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-6cd"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b54f08ced6-LHR
GET

https://tria.ge/static/fonts/inter/inter-v11-latin-500.woff2

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/fonts/inter/inter-v11-latin-500.woff2 HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://tria.ge/static/css/common.css?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: text/plain
last-modified: Mon, 24 Mar 2025 14:34:14 GMT
etag: W/"67e16d66-44b8"
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b53ee8ced6-LHR
GET

https://tria.ge/static/js/chunk-W6Q6E5RQ.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-W6Q6E5RQ.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.common.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-24b"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b50e89ced6-LHR
GET

https://tria.ge/static/js/chunk-Z2Q4BDK7.js

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/js/chunk-Z2Q4BDK7.js HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/js/ui.common.js?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 14:34:27 GMT
etag: W/"67e16d73-15e"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 9270c5b55f43ced6-LHR
GET

https://tria.ge/static/icons/apple-touch-icon.png

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/icons/apple-touch-icon.png HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=6
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: image/png
content-length: 3050
last-modified: Mon, 24 Mar 2025 14:34:15 GMT
etag: "67e16d67-bea"
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9270c5b618f5ced6-LHR
GET

https://tria.ge/static/icons/favicon_triage.ico

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/icons/favicon_triage.ico HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/240411-lhs8xagf79
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=6
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: image/x-icon
last-modified: Mon, 24 Mar 2025 14:34:15 GMT
etag: W/"67e16d67-3aee"
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9270c5b62913ced6-LHR
content-encoding: gzip
GET

https://tria.ge/static/svg/icons/chevron_right.svg

firefox.exe

Remote address:

172.64.147.112:443

Request

GET /static/svg/icons/chevron_right.svg HTTP/2.0
host: tria.ge
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://tria.ge/static/css/report_overview.css?c=764d282
cookie: _csrf=MTc0MzA5ODI2OHxJbUpxWkUxRWMxUkRVV1YwZDBWelJWZFdZMnBuVWxSVFprODFkamcxVkVnMmFHaHJWVUozZFdwbVMzYzlJZ289fHnrrEWTixqHivhEYmtXu8Kf963f0MB-S-1_wlceIKFM
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:57:49 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 14:34:15 GMT
etag: W/"67e16d67-a3"
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9270c5b6292bced6-LHR
content-encoding: gzip
DNS

tria.ge

firefox.exe

Remote address:

8.8.8.8:53

Request

tria.ge

IN A

Response

tria.ge

IN A

104.18.40.144

tria.ge

IN A

172.64.147.112
DNS

tria.ge

firefox.exe

Remote address:

8.8.8.8:53

Request

tria.ge

IN AAAA

Response

tria.ge

IN AAAA

2606:4700:4400::6812:2890

tria.ge

IN AAAA

2606:4700:4400::ac40:9370
DNS

github.githubassets.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN AAAA

Response
GET

https://github.com/USDTC/XWorm-V5.6-Source

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:07 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"4ef8df69ac440c0363b1a2f5ff90e760"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: 732B:3A70D6:B38BA8:DB94C4:67E591AE
GET

https://github.com/USDTC/XWorm-V5.6-Source/latest-commit/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/latest-commit/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"c651d582f4873ec66f18be4ad8113266"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 515
x-github-request-id: 732B:3A70D6:B38D89:DB96EC:67E591B1
GET

https://github.com/USDTC/XWorm-V5.6-Source/refs?type=branch

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/refs?type=branch HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"d3034f31e420319da354b031833fe8b7"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 391
x-github-request-id: 732B:3A70D6:B38D89:DB96EA:67E591AF
GET

https://github.com/USDTC/XWorm-V5.6-Source/tree-commit-info/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/tree-commit-info/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"e8576215be199679aeec609d751a1b62"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 5252
x-github-request-id: 732B:3A70D6:B38D8B:DB96EF:67E591B1
GET

https://github.com/USDTC/XWorm-V5.6-Source/overview-files/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/overview-files/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"c79fd3967cdf63cbd5ac3683459c2c00"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 52
x-github-request-id: 732B:3A70D6:B38D8B:DB96F0:67E591B1
GET

https://github.com/USDTC/XWorm-V5.6-Source/branch-and-tag-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/branch-and-tag-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"5aba3adc573d7464dd91189d1b4164db"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 77
x-github-request-id: 732B:3A70D6:B38D89:DB96EB:67E591B1
GET

https://github.com/USDTC/XWorm-V5.6-Source/sponsor_button

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/sponsor_button HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: text/fragment+html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
accept-ranges: bytes
x-github-request-id: 732B:3A70D6:B38DA1:DB9708:67E591B2
GET

https://github.com/USDTC/XWorm-V5.6-Source/security/overall-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/security/overall-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"297eeb916d08628135285c572f6439e0"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-html-safe: fec993441d7fbdae61b23daa9193c20b1420fc43d5cbe39509deaec8165c379e
content-length: 831
x-github-request-id: 732B:3A70D6:B38DA1:DB9707:67E591B1
GET

https://github.com/USDTC/XWorm-V5.6-Source/hovercards/citation/sidebar_partial?tree_name=main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/hovercards/citation/sidebar_partial?tree_name=main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:58:10 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 732B:3A70D6:B38DA1:DB9709:67E591B2
GET

https://github.com/USDTC/XWorm-V5.6-Source/sponsors_list?block_button=false&current_repository=XWorm-V5.6-Source

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/sponsors_list?block_button=false&current_repository=XWorm-V5.6-Source HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"089f60a79b55886e977959f90bbed257"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-html-safe: fec993441d7fbdae61b23daa9193c20b1420fc43d5cbe39509deaec8165c379e
content-length: 70
x-github-request-id: 732B:3A70D6:B38DA9:DB9714:67E591B2
GET

https://github.com/USDTC/XWorm-V5.6-Source/used_by_list

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/used_by_list HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"1e35ca8e6dcdeaac872774f1e8bd4c9a"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-html-safe: fec993441d7fbdae61b23daa9193c20b1420fc43d5cbe39509deaec8165c379e
content-length: 418
x-github-request-id: 732B:3A70D6:B38DAA:DB971C:67E591B2
GET

https://github.com/USDTC/XWorm-V5.6-Source/contributors_list?count=3&current_repository=XWorm-V5.6-Source&items_to_show=3

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/contributors_list?count=3&current_repository=XWorm-V5.6-Source&items_to_show=3 HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
accept-ranges: bytes
x-github-request-id: 732B:3A70D6:B38DA9:DB971A:67E591B2
GET

https://github.com/USDTC/XWorm-V5.6-Source/archive/refs/heads/main.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /USDTC/XWorm-V5.6-Source/archive/refs/heads/main.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-origin
sec-fetch-user: ?1
priority: u=0, i
te: trailers

Response

HTTP/2.0 302

date: Thu, 27 Mar 2025 17:58:25 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
location: https://codeload.github.com/USDTC/XWorm-V5.6-Source/zip/refs/heads/main
cache-control: max-age=0, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 732B:3A70D6:B3973D:DBA2CF:67E591B2
DNS

github-cloud.s3.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

3.5.29.179

s3-w.us-east-1.amazonaws.com

IN A

3.5.12.192

s3-w.us-east-1.amazonaws.com

IN A

52.217.137.65

s3-w.us-east-1.amazonaws.com

IN A

52.217.112.185

s3-w.us-east-1.amazonaws.com

IN A

52.217.254.1

s3-w.us-east-1.amazonaws.com

IN A

16.15.176.219

s3-w.us-east-1.amazonaws.com

IN A

16.15.176.166

s3-w.us-east-1.amazonaws.com

IN A

52.216.138.163
DNS

s3-w.us-east-1.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

s3-w.us-east-1.amazonaws.com

IN A

Response

s3-w.us-east-1.amazonaws.com

IN A

52.216.220.201

s3-w.us-east-1.amazonaws.com

IN A

16.182.32.177

s3-w.us-east-1.amazonaws.com

IN A

3.5.12.205

s3-w.us-east-1.amazonaws.com

IN A

3.5.13.54

s3-w.us-east-1.amazonaws.com

IN A

3.5.28.149

s3-w.us-east-1.amazonaws.com

IN A

16.182.66.57

s3-w.us-east-1.amazonaws.com

IN A

54.231.195.73

s3-w.us-east-1.amazonaws.com

IN A

52.217.121.25
DNS

s3-w.us-east-1.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

s3-w.us-east-1.amazonaws.com

IN AAAA

Response
DNS

private-user-images.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

private-user-images.githubusercontent.com

IN A

Response

private-user-images.githubusercontent.com

IN A

185.199.109.133

private-user-images.githubusercontent.com

IN A

185.199.108.133

private-user-images.githubusercontent.com

IN A

185.199.110.133

private-user-images.githubusercontent.com

IN A

185.199.111.133
DNS

camo.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

camo.githubusercontent.com

IN A

Response

camo.githubusercontent.com

IN A

185.199.109.133

camo.githubusercontent.com

IN A

185.199.108.133

camo.githubusercontent.com

IN A

185.199.111.133

camo.githubusercontent.com

IN A

185.199.110.133
DNS

private-user-images.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

private-user-images.githubusercontent.com

IN A

Response

private-user-images.githubusercontent.com

IN A

185.199.109.133

private-user-images.githubusercontent.com

IN A

185.199.110.133

private-user-images.githubusercontent.com

IN A

185.199.111.133

private-user-images.githubusercontent.com

IN A

185.199.108.133
DNS

camo.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

camo.githubusercontent.com

IN A

Response

camo.githubusercontent.com

IN A

185.199.108.133

camo.githubusercontent.com

IN A

185.199.109.133

camo.githubusercontent.com

IN A

185.199.111.133

camo.githubusercontent.com

IN A

185.199.110.133
DNS

private-user-images.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

private-user-images.githubusercontent.com

IN AAAA

Response
DNS

camo.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

camo.githubusercontent.com

IN AAAA

Response
DNS

cyberpress.org

firefox.exe

Remote address:

8.8.8.8:53

Request

cyberpress.org

IN A

Response

cyberpress.org

IN A

104.237.136.127
GET

https://cyberpress.org/x-worm-malware-github/

firefox.exe

Remote address:

104.237.136.127:443

Request

GET /x-worm-malware-github/ HTTP/2.0
host: cyberpress.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

x-powered-by: PHP/8.1.31
content-type: text/html; charset=UTF-8
x-pingback: https://cyberpress.org/xmlrpc.php
link: <https://cyberpress.org/wp-json/>; rel="https://api.w.org/"
link: <https://cyberpress.org/wp-json/wp/v2/posts/15551>; rel="alternate"; title="JSON"; type="application/json"
link: <https://cyberpress.org/?p=15551>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 812_HTTP.200,812_post,812_URL.d123a94106a7c4a495c4b8960353fa20,812_Po.15551,812_
etag: "64780-1743098290;br"
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Mar 2025 17:58:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
DNS

cyberpress.org

firefox.exe

Remote address:

8.8.8.8:53

Request

cyberpress.org

IN A

Response

cyberpress.org

IN A

104.237.136.127
DNS

cyberpress.org

firefox.exe

Remote address:

8.8.8.8:53

Request

cyberpress.org

IN AAAA

Response
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: text/plain;charset=UTF-8
content-length: 413
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1743101890
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 93E1:1A0681:7340A0:91F652:67E591B2
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
content-type: text/plain;charset=UTF-8
content-length: 410
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:58:10 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1743101890
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: 93E1:1A0681:7340AD:91F660:67E591B2
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.112.22
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.113.21
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
DNS

i0.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i0.wp.com

IN A

Response

i0.wp.com

IN A

192.0.77.2
DNS

i1.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i1.wp.com

IN A

Response

i1.wp.com

IN A

192.0.77.2
DNS

10.180.250.142.in-addr.arpa

firefox.exe

Remote address:

8.8.8.8:53

Request

10.180.250.142.in-addr.arpa

IN PTR

Response

10.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f101e100net
DNS

i2.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i2.wp.com

IN A

Response

i2.wp.com

IN A

192.0.77.2
DNS

i3.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i3.wp.com

IN A

Response

i3.wp.com

IN A

192.0.77.2
DNS

i0.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i0.wp.com

IN A

Response

i0.wp.com

IN A

192.0.77.2
DNS

i1.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i1.wp.com

IN A

Response

i1.wp.com

IN A

192.0.77.2
DNS

i3.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i3.wp.com

IN A

Response

i3.wp.com

IN A

192.0.77.2
DNS

i2.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i2.wp.com

IN A

Response

i2.wp.com

IN A

192.0.77.2
DNS

i0.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i0.wp.com

IN AAAA

Response
DNS

i1.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i1.wp.com

IN AAAA

Response
DNS

i3.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i3.wp.com

IN AAAA

Response
DNS

i2.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i2.wp.com

IN AAAA

Response
DNS

stats.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

stats.wp.com

IN A

Response

stats.wp.com

IN A

192.0.76.3
GET

https://stats.wp.com/e-202513.js

firefox.exe

Remote address:

192.0.76.3:443

Request

GET /e-202513.js HTTP/2.0
host: stats.wp.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Thu, 27 Mar 2025 17:58:11 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/14421-1717166113627.1218
content-encoding: br
expires: Sat, 21 Mar 2026 17:36:58 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT lhr
alt-svc: h3=":443"; ma=86400
DNS

stats.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

stats.wp.com

IN A

Response

stats.wp.com

IN A

192.0.76.3
DNS

stats.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

stats.wp.com

IN AAAA

Response
DNS

region1.google-analytics.com

firefox.exe

Remote address:

8.8.8.8:53

Request

region1.google-analytics.com

IN A

Response

region1.google-analytics.com

IN A

216.239.34.36

region1.google-analytics.com

IN A

216.239.32.36
DNS

region1.google-analytics.com

firefox.exe

Remote address:

8.8.8.8:53

Request

region1.google-analytics.com

IN A

Response

region1.google-analytics.com

IN A

216.239.34.36

region1.google-analytics.com

IN A

216.239.32.36
GET

https://i3.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLVUimwZLDKUKLwf_AVQeP5U2JpsE2dI_IucgDPw7-I_Q5S-QhuY71KHhw5TUxudEs6Z7gJlM32yUsGhVBW81Gv6vVt99HZ_RaEW5augfAhUDMaHPO9bWeiBiAAJyOdWfDmQWh6EXxAKEq23baOCMg1q0KTzAB69WOD6M270YIRcufvgIlU4tmqKLcrsY/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(19)%20(1).webp?w=1200&resize=1200,0&ssl=1

firefox.exe

Remote address:

192.0.77.2:443

Request

GET /blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLVUimwZLDKUKLwf_AVQeP5U2JpsE2dI_IucgDPw7-I_Q5S-QhuY71KHhw5TUxudEs6Z7gJlM32yUsGhVBW81Gv6vVt99HZ_RaEW5augfAhUDMaHPO9bWeiBiAAJyOdWfDmQWh6EXxAKEq23baOCMg1q0KTzAB69WOD6M270YIRcufvgIlU4tmqKLcrsY/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(19)%20(1).webp?w=1200&resize=1200,0&ssl=1 HTTP/2.0
host: i3.wp.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=4, i
te: trailers

Response

HTTP/2.0 302

server: nginx
date: Thu, 27 Mar 2025 17:58:12 GMT
content-type: text/html
content-length: 138
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLVUimwZLDKUKLwf_AVQeP5U2JpsE2dI_IucgDPw7-I_Q5S-QhuY71KHhw5TUxudEs6Z7gJlM32yUsGhVBW81Gv6vVt99HZ_RaEW5augfAhUDMaHPO9bWeiBiAAJyOdWfDmQWh6EXxAKEq23baOCMg1q0KTzAB69WOD6M270YIRcufvgIlU4tmqKLcrsY/s1600/Seven Years old Linux Kernel Flaw (19) (1).webp
alt-svc: h3=":443"; ma=86400
DNS

region1.google-analytics.com

firefox.exe

Remote address:

8.8.8.8:53

Request

region1.google-analytics.com

IN AAAA

Response

region1.google-analytics.com

IN AAAA

2001:4860:4802:34::36

region1.google-analytics.com

IN AAAA

2001:4860:4802:32::36
POST

https://region1.google-analytics.com/g/collect?v=2&tid=G-5WHMJGXKJ2&gtm=45Pe53q0v9189186384za200&_p=1743098290494&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109~102887799~102926062~102964103&gdid=dZTNiMT&cid=840664561.1743098291&ul=en-us&sr=1280x720&lps=1&frm=0&pscdl=noapi&_s=1&sid=1743098290&sct=1&seg=0&dl=https%3A%2F%2Fcyberpress.org%2Fx-worm-malware-github%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=X-Worm%20Malware%20Found%20on%20GitHub&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3331

firefox.exe

Remote address:

216.239.34.36:443

Request

POST /g/collect?v=2&tid=G-5WHMJGXKJ2&gtm=45Pe53q0v9189186384za200&_p=1743098290494&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109~102887799~102926062~102964103&gdid=dZTNiMT&cid=840664561.1743098291&ul=en-us&sr=1280x720&lps=1&frm=0&pscdl=noapi&_s=1&sid=1743098290&sct=1&seg=0&dl=https%3A%2F%2Fcyberpress.org%2Fx-worm-malware-github%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=X-Worm%20Malware%20Found%20on%20GitHub&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3331 HTTP/2.0
host: region1.google-analytics.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
origin: https://cyberpress.org
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6
pragma: no-cache
cache-control: no-cache
content-length: 0
te: trailers
DNS

secure.gravatar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

secure.gravatar.com

IN A

Response

secure.gravatar.com

IN A

192.0.73.2
DNS

blogger.googleusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

blogger.googleusercontent.com

IN A

Response

blogger.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.250.187.193
GET

https://secure.gravatar.com/avatar/23539cd900deff0dff176af545c010c0?s=96&d=mm&r=g

firefox.exe

Remote address:

192.0.73.2:443

Request

GET /avatar/23539cd900deff0dff176af545c010c0?s=96&d=mm&r=g HTTP/2.0
host: secure.gravatar.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Thu, 27 Mar 2025 17:58:12 GMT
content-type: image/png
content-length: 23892
last-modified: Fri, 14 Mar 2025 10:53:42 GMT
link: <https://gravatar.com/avatar/23539cd900deff0dff176af545c010c0?s=96&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="23539cd900deff0dff176af545c010c0.png"
access-control-allow-origin: *
accept-ranges: bytes
expires: Thu, 27 Mar 2025 18:03:12 GMT
cache-control: max-age=300
x-nc: HIT lhr 1
alt-svc: h3=":443"; ma=86400
DNS

secure.gravatar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

secure.gravatar.com

IN A

Response

secure.gravatar.com

IN A

192.0.73.2
GET

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLVUimwZLDKUKLwf_AVQeP5U2JpsE2dI_IucgDPw7-I_Q5S-QhuY71KHhw5TUxudEs6Z7gJlM32yUsGhVBW81Gv6vVt99HZ_RaEW5augfAhUDMaHPO9bWeiBiAAJyOdWfDmQWh6EXxAKEq23baOCMg1q0KTzAB69WOD6M270YIRcufvgIlU4tmqKLcrsY/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(19)%20(1).webp

firefox.exe

Remote address:

142.250.187.193:443

Request

GET /img/b/R29vZ2xl/AVvXsEhLVUimwZLDKUKLwf_AVQeP5U2JpsE2dI_IucgDPw7-I_Q5S-QhuY71KHhw5TUxudEs6Z7gJlM32yUsGhVBW81Gv6vVt99HZ_RaEW5augfAhUDMaHPO9bWeiBiAAJyOdWfDmQWh6EXxAKEq23baOCMg1q0KTzAB69WOD6M270YIRcufvgIlU4tmqKLcrsY/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(19)%20(1).webp HTTP/2.0
host: blogger.googleusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=4, i
te: trailers
GET

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhe42-gTwbCZ5Zj7ZBGLWLcj46wIhiW2qrI34xF7M1q3fen8TBzXrxzUNgjncKL61Rf-72P__EZGYuFu-QCG9YNO5xpwPHEn3ryWmQJxaGqY7Uk3_iKitF9fC46pwQ2ThF36SW0ZbhvC_uNAZ3F6Lv9DQeHFZ0fQeXZzaqTEP7yrMkXohXaoe09f68zZVk/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(15)%20(1).webp

firefox.exe

Remote address:

142.250.187.193:443

Request

GET /img/b/R29vZ2xl/AVvXsEhe42-gTwbCZ5Zj7ZBGLWLcj46wIhiW2qrI34xF7M1q3fen8TBzXrxzUNgjncKL61Rf-72P__EZGYuFu-QCG9YNO5xpwPHEn3ryWmQJxaGqY7Uk3_iKitF9fC46pwQ2ThF36SW0ZbhvC_uNAZ3F6Lv9DQeHFZ0fQeXZzaqTEP7yrMkXohXaoe09f68zZVk/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(15)%20(1).webp HTTP/2.0
host: blogger.googleusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: i
te: trailers
DNS

googlehosted.l.googleusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

googlehosted.l.googleusercontent.com

IN A

Response

googlehosted.l.googleusercontent.com

IN A

142.250.187.193
DNS

secure.gravatar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

secure.gravatar.com

IN AAAA

Response

secure.gravatar.com

IN AAAA

2a04:fa87:fffe::c000:4902
DNS

googlehosted.l.googleusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

googlehosted.l.googleusercontent.com

IN AAAA

Response

googlehosted.l.googleusercontent.com

IN AAAA

2a00:1450:4009:81f::2001
GET

https://cyberpress.org/wp-content/uploads/2024/04/cropped-Cyber-Press-2-32x32.png

firefox.exe

Remote address:

104.237.136.127:443

Request

GET /wp-content/uploads/2024/04/cropped-Cyber-Press-2-32x32.png HTTP/2.0
host: cyberpress.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=604800
expires: Thu, 03 Apr 2025 17:58:13 GMT
content-type: image/png
last-modified: Wed, 03 Jul 2024 14:13:05 GMT
accept-ranges: bytes
content-length: 954
date: Thu, 27 Mar 2025 17:58:13 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET

https://cyberpress.org/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2

firefox.exe

Remote address:

104.237.136.127:443

Request

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.7.2 HTTP/2.0
host: cyberpress.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

cache-control: public, max-age=604800
expires: Thu, 03 Apr 2025 17:58:13 GMT
content-type: application/javascript
last-modified: Thu, 04 Apr 2024 15:58:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4676
date: Thu, 27 Mar 2025 17:58:13 GMT
server: LiteSpeed
DNS

ep1.adtrafficquality.google

firefox.exe

Remote address:

8.8.8.8:53

Request

ep1.adtrafficquality.google

IN A

Response

ep1.adtrafficquality.google

IN A

216.58.212.194
GET

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250324&st=env

firefox.exe

Remote address:

216.58.212.194:443

Request

GET /getconfig/sodar?sv=200&tid=gda&tv=r20250324&st=env HTTP/2.0
host: ep1.adtrafficquality.google
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://cyberpress.org
referer: https://cyberpress.org/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

ep1.adtrafficquality.google

firefox.exe

Remote address:

8.8.8.8:53

Request

ep1.adtrafficquality.google

IN A

Response

ep1.adtrafficquality.google

IN A

142.250.179.226
DNS

ep1.adtrafficquality.google

firefox.exe

Remote address:

8.8.8.8:53

Request

ep1.adtrafficquality.google

IN AAAA

Response

ep1.adtrafficquality.google

IN AAAA

2a00:1450:4009:81f::2002
DNS

ep2.adtrafficquality.google

firefox.exe

Remote address:

8.8.8.8:53

Request

ep2.adtrafficquality.google

IN A

Response

ep2.adtrafficquality.google

IN A

142.250.200.33
GET

https://ep2.adtrafficquality.google/sodar/sodar2.js

firefox.exe

Remote address:

142.250.200.33:443

Request

GET /sodar/sodar2.js HTTP/2.0
host: ep2.adtrafficquality.google
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

firefox.exe

Remote address:

142.250.200.33:443

Request

GET /sodar/sodar2/232/runner.html HTTP/2.0
host: ep2.adtrafficquality.google
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://cyberpress.org/
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
priority: u=4
te: trailers
DNS

ep2.adtrafficquality.google

firefox.exe

Remote address:

8.8.8.8:53

Request

ep2.adtrafficquality.google

IN A

Response

ep2.adtrafficquality.google

IN A

142.250.200.33
DNS

ep2.adtrafficquality.google

firefox.exe

Remote address:

8.8.8.8:53

Request

ep2.adtrafficquality.google

IN AAAA

Response

ep2.adtrafficquality.google

IN AAAA

2a00:1450:4009:823::2001
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.113.22
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.112.21
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
DNS

camo.githubusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

camo.githubusercontent.com

IN AAAA

Response
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
DNS

codeload.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

codeload.github.com

IN A

Response

codeload.github.com

IN A

20.26.156.216
GET

https://codeload.github.com/USDTC/XWorm-V5.6-Source/zip/refs/heads/main

firefox.exe

Remote address:

20.26.156.216:443

Request

GET /USDTC/XWorm-V5.6-Source/zip/refs/heads/main HTTP/2.0
host: codeload.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/USDTC/XWorm-V5.6-Source
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-site
sec-fetch-user: ?1
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: https://render.githubusercontent.com
content-disposition: attachment; filename=XWorm-V5.6-Source-main.zip
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
cross-origin-resource-policy: cross-origin
etag: W/"3541646002d7734286b65ee6ecb57b5a4751e3845cb57d6f8a7ee0ec159668fd"
strict-transport-security: max-age=31536000
vary: Authorization,Accept-Encoding,Origin
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
date: Thu, 27 Mar 2025 17:58:26 GMT
x-github-request-id: 2BA0:3AD4B:4B9E2:E2B21:67E591C1
DNS

codeload.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

codeload.github.com

IN A

Response

codeload.github.com

IN A

20.26.156.216
DNS

codeload.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

codeload.github.com

IN AAAA

Response
DNS

pixel.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pixel.wp.com

IN A

Response

pixel.wp.com

IN A

192.0.76.3
DNS

pixel.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pixel.wp.com

IN A

Response

pixel.wp.com

IN A

192.0.76.3
DNS

pixel.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pixel.wp.com

IN AAAA

Response
DNS

tpc.googlesyndication.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

142.250.180.1
DNS

tpc.googlesyndication.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

142.250.180.1
DNS

tpc.googlesyndication.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN AAAA

Response

tpc.googlesyndication.com

IN AAAA

2a00:1450:4009:81e::2001
DNS

static.cloudflareinsights.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.cloudflareinsights.com

IN A

Response

static.cloudflareinsights.com

IN A

104.16.80.73

static.cloudflareinsights.com

IN A

104.16.79.73
GET

https://tpc.googlesyndication.com/simgad/6186945766719640876/14763004658117789537?w=400&h=209&tw=1&q=75

firefox.exe

Remote address:

142.250.180.1:443

Request

GET /simgad/6186945766719640876/14763004658117789537?w=400&h=209&tw=1&q=75 HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://pagead2.googlesyndication.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6, i
te: trailers
GET

https://tpc.googlesyndication.com/simgad/16838084701626851259/14763004658117789537?w=100&h=100&tw=1&q=75

firefox.exe

Remote address:

142.250.180.1:443

Request

GET /simgad/16838084701626851259/14763004658117789537?w=100&h=100&tw=1&q=75 HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://pagead2.googlesyndication.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6, i
te: trailers
DNS

i3.wp.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i3.wp.com

IN AAAA

Response
GET

https://secure.gravatar.com/avatar/f99e08d9811ef3e4575025a44158787c?s=96&d=mm&r=g

firefox.exe

Remote address:

192.0.73.2:443

Request

GET /avatar/f99e08d9811ef3e4575025a44158787c?s=96&d=mm&r=g HTTP/2.0
host: secure.gravatar.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
alt-used: secure.gravatar.com
referer: https://cyberpress.org/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Thu, 27 Mar 2025 17:58:43 GMT
content-type: image/png
content-length: 12151
last-modified: Fri, 09 Aug 2024 07:59:49 GMT
link: <https://gravatar.com/avatar/f99e08d9811ef3e4575025a44158787c?s=96&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="f99e08d9811ef3e4575025a44158787c.png"
access-control-allow-origin: *
accept-ranges: bytes
expires: Thu, 27 Mar 2025 18:03:43 GMT
cache-control: max-age=300
x-nc: HIT lhr 1
alt-svc: h3=":443"; ma=86400
DNS

www.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

172.217.169.36
DNS

www.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN AAAA

Response

www.google.com

IN AAAA

2a00:1450:4009:818::2004
DNS

cloudsek.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cloudsek.com

IN A

Response

cloudsek.com

IN A

104.26.15.226

cloudsek.com

IN A

104.26.14.226

cloudsek.com

IN A

172.67.72.49
GET

https://cloudsek.com/blog/no-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations

firefox.exe

Remote address:

104.26.15.226:443

Request

GET /blog/no-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations HTTP/2.0
host: cloudsek.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
priority: u=0, i
te: trailers

Response

HTTP/2.0 301

date: Thu, 27 Mar 2025 17:59:18 GMT
content-type: text/html
content-length: 167
location: https://www.cloudsek.com/blog/no-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations
cache-control: max-age=3600
expires: Thu, 27 Mar 2025 18:59:18 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w05CkgCeQvhAahz3qoJv8ty6ON0XmawAhDD31gulgMFB9tOLz2WL10%2FWHnR3LDRLmSjKsmStq%2BI%2BY5ApIG3rldN2qAmTeN8n8Uoo9qNXDUP6BbiZOubahpsPJUqoxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=5184000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 9270c7e59d409589-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=43654&min_rtt=43572&rtt_var=16504&sent=8&recv=8&lost=0&retrans=0&sent_bytes=4055&recv_bytes=2477&delivery_rate=92037&cwnd=245&unsent_bytes=0&cid=35e66ba19ece1995&ts=61&x=0"
DNS

cloudsek.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cloudsek.com

IN A

Response

cloudsek.com

IN A

104.26.14.226

cloudsek.com

IN A

104.26.15.226

cloudsek.com

IN A

172.67.72.49
DNS

cloudsek.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cloudsek.com

IN AAAA

Response

cloudsek.com

IN AAAA

2606:4700:20::681a:ee2

cloudsek.com

IN AAAA

2606:4700:20::681a:fe2

cloudsek.com

IN AAAA

2606:4700:20::ac43:4831
DNS

www.cloudsek.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.cloudsek.com

IN A

Response

www.cloudsek.com

IN A

104.26.15.226

www.cloudsek.com

IN A

172.67.72.49

www.cloudsek.com

IN A

104.26.14.226
DNS

www.cloudsek.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.cloudsek.com

IN A

Response

www.cloudsek.com

IN A

104.26.14.226

www.cloudsek.com

IN A

104.26.15.226

www.cloudsek.com

IN A

172.67.72.49
DNS

www.cloudsek.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.cloudsek.com

IN AAAA

Response

www.cloudsek.com

IN AAAA

2606:4700:20::ac43:4831

www.cloudsek.com

IN AAAA

2606:4700:20::681a:fe2

www.cloudsek.com

IN AAAA

2606:4700:20::681a:ee2
DNS

cdn.prod.website-files.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.prod.website-files.com

IN A

Response

cdn.prod.website-files.com

IN A

104.18.160.117

cdn.prod.website-files.com

IN A

104.18.161.117
DNS

bc047102.sibforms.com

firefox.exe

Remote address:

8.8.8.8:53

Request

bc047102.sibforms.com

IN A

Response

bc047102.sibforms.com

IN A

104.16.248.109

bc047102.sibforms.com

IN A

104.16.249.109
DNS

bc047102.sibforms.com

firefox.exe

Remote address:

8.8.8.8:53

Request

bc047102.sibforms.com

IN A

Response

bc047102.sibforms.com

IN A

104.16.248.109

bc047102.sibforms.com

IN A

104.16.249.109
DNS

pxl.sprouts.ai

firefox.exe

Remote address:

8.8.8.8:53

Request

pxl.sprouts.ai

IN A

Response

pxl.sprouts.ai

IN CNAME

d2ix2amdl5rrlc.cloudfront.net

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.90

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.21

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.97

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.58
DNS

pxl.sprouts.ai

firefox.exe

Remote address:

8.8.8.8:53

Request

pxl.sprouts.ai

IN A

Response

pxl.sprouts.ai

IN CNAME

d2ix2amdl5rrlc.cloudfront.net

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.58

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.21

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.90

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.97
DNS

cdn.jsdelivr.net

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.jsdelivr.net

IN A

Response

cdn.jsdelivr.net

IN CNAME

jsdelivr.map.fastly.net

jsdelivr.map.fastly.net

IN A

151.101.193.229

jsdelivr.map.fastly.net

IN A

151.101.129.229

jsdelivr.map.fastly.net

IN A

151.101.65.229

jsdelivr.map.fastly.net

IN A

151.101.1.229
DNS

tools.virtual-entity.de

firefox.exe

Remote address:

8.8.8.8:53

Request

tools.virtual-entity.de

IN A

Response

tools.virtual-entity.de

IN CNAME

virtual-entity.b-cdn.net

virtual-entity.b-cdn.net

IN A

207.211.214.145
DNS

d3e54v103j8qbb.cloudfront.net

firefox.exe

Remote address:

8.8.8.8:53

Request

d3e54v103j8qbb.cloudfront.net

IN A

Response

d3e54v103j8qbb.cloudfront.net

IN A

18.245.246.151

d3e54v103j8qbb.cloudfront.net

IN A

18.245.246.114

d3e54v103j8qbb.cloudfront.net

IN A

18.245.246.158

d3e54v103j8qbb.cloudfront.net

IN A

18.245.246.167
DNS

js.hs-scripts.com

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-scripts.com

IN A

Response

js.hs-scripts.com

IN A

104.16.138.209

js.hs-scripts.com

IN A

104.16.137.209

js.hs-scripts.com

IN A

104.16.139.209

js.hs-scripts.com

IN A

104.16.141.209

js.hs-scripts.com

IN A

104.16.140.209
DNS

s7.addthis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

s7.addthis.com

IN A

Response
DNS

hubspotonwebflow.com

firefox.exe

Remote address:

8.8.8.8:53

Request

hubspotonwebflow.com

IN A

Response

hubspotonwebflow.com

IN A

76.76.21.142

hubspotonwebflow.com

IN A

76.76.21.123
DNS

cdn.prod.website-files.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.prod.website-files.com

IN A

Response

cdn.prod.website-files.com

IN A

104.18.161.117

cdn.prod.website-files.com

IN A

104.18.160.117
GET

https://cdn.prod.website-files.com/634fc5026f66af518e897c77/css/cloudsek-website.webflow.d154e17e8.css

firefox.exe

Remote address:

104.18.160.117:443

Request

GET /634fc5026f66af518e897c77/css/cloudsek-website.webflow.d154e17e8.css HTTP/2.0
host: cdn.prod.website-files.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:19 GMT
content-type: text/css
content-length: 97958
x-amz-id-2: diI+6Q/xS4/1lcueXpHe8qQi8yP5H2ftau/sTMDj+N8XBUTB3+XtXsm0jqhIzWuNRFsDvKt7m87TUE6LtxfDCa39tvAMZZ4MXZg6loIwfn0=
x-amz-request-id: XYYW1DJG8DR7165E
last-modified: Thu, 27 Mar 2025 14:30:24 GMT
etag: "205218959e422c431251c2411498ea90"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-amz-version-id: 4OJ8renohM8pDtf6IzLwsZGaJYDGLO7L
cf-cache-status: HIT
age: 12501
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 9270c7e94851ef23-LHR
alt-svc: h3=":443"; ma=86400
GET

https://cdn.prod.website-files.com/634fc5026f66af518e897c77/js/webflow.3ed2dcdf.f0a45d32760549a0.js

firefox.exe

Remote address:

104.18.160.117:443

Request

GET /634fc5026f66af518e897c77/js/webflow.3ed2dcdf.f0a45d32760549a0.js HTTP/2.0
host: cdn.prod.website-files.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:19 GMT
content-type: text/javascript
x-amz-id-2: pjMN18gL2p8oMiNdCw0elfOOS60gKkQDVhjjXFeXZu8UQaKnxBT8Fk3KswiKKKC28hPltXdb8t7XJ9Uh+FYHUcrVsUvFkAbUOK6/0vJRTDA=
x-amz-request-id: RTNHWAA4QC6AZE1N
last-modified: Mon, 24 Mar 2025 11:33:09 GMT
etag: W/"301c0b28850e3687cf205ad7ac67c71a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000, immutable
x-amz-version-id: .07ymcVi_EjWw6FctY.Ry4zWYXZECgqV
cf-cache-status: HIT
age: 215122
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 9270c7e94855ef23-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn.prod.website-files.com/634fc5026f66af518e897c77/js/webflow.schunk.4a394eb5af8156f2.js

firefox.exe

Remote address:

104.18.160.117:443

Request

GET /634fc5026f66af518e897c77/js/webflow.schunk.4a394eb5af8156f2.js HTTP/2.0
host: cdn.prod.website-files.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:19 GMT
content-type: text/javascript
x-amz-id-2: ijXRf/QMhFEIidvOhLCoY11TjpHgy/KcPakQs0VbYraPI0ffSG8SMNEnXfGSvHhbu1MjJQHDtStL67pucCV475icqI9C3O/D
x-amz-request-id: S5QA765R739RHCER
last-modified: Mon, 24 Mar 2025 09:07:46 GMT
etag: W/"5154e20a9d412ca0eb2175c9e8adbc17"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000, immutable
x-amz-version-id: Ih2932psmBmVQA3tYQ9mw0Qdkns9sIPg
cf-cache-status: HIT
age: 291068
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 9270c7e94857ef23-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn.prod.website-files.com/634fc5026f66af518e897c77/js/webflow.schunk.64a7cb4b4fd9b8bb.js

firefox.exe

Remote address:

104.18.160.117:443

Request

GET /634fc5026f66af518e897c77/js/webflow.schunk.64a7cb4b4fd9b8bb.js HTTP/2.0
host: cdn.prod.website-files.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:19 GMT
content-type: text/javascript
x-amz-id-2: boifEP4VKMGziCZkc8ZURLX+G+NviU+KfHtvlEpJN7sZ1TBx6n5fKSAoNvEXE+BhwxVewyrXIqJYjKfSa4VnLkhbZzswmO3K8UwqZKdmadk=
x-amz-request-id: Q69TNKG3FX95Q9C6
last-modified: Mon, 24 Mar 2025 11:33:09 GMT
etag: W/"b03838eb80f18008c70383e03e3d61a0"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000, immutable
x-amz-version-id: r9IicAMNwLGDrCJBWcwgnrhmIHyH.K_N
cf-cache-status: HIT
age: 281623
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 9270c7e94859ef23-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn.jsdelivr.net/npm/@finsweet/attributes-codehighlight@1/codehighlight.js

firefox.exe

Remote address:

151.101.193.229:443

Request

GET /npm/@finsweet/attributes-codehighlight@1/codehighlight.js HTTP/2.0
host: cdn.jsdelivr.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.5.2
x-jsd-version-type: version
etag: W/"1182-meaOv3e3adqfyT4jIRjTa76pxz4"
content-encoding: br
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:59:19 GMT
age: 18286
x-served-by: cache-fra-eddf8230089-FRA, cache-lon4260-LON
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2031
DNS

jsdelivr.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

jsdelivr.map.fastly.net

IN A

Response

jsdelivr.map.fastly.net

IN A

151.101.65.229

jsdelivr.map.fastly.net

IN A

151.101.129.229

jsdelivr.map.fastly.net

IN A

151.101.193.229

jsdelivr.map.fastly.net

IN A

151.101.1.229
GET

https://tools.virtual-entity.de/toc-generator/v1.0.1.js

firefox.exe

Remote address:

207.211.214.145:443

Request

GET /toc-generator/v1.0.1.js HTTP/2.0
host: tools.virtual-entity.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:19 GMT
content-type: application/javascript
server: BunnyCDN-BE1-1161
cdn-pullzone: 1570213
cdn-uid: 098cefe4-8ac6-4552-8f6e-9c34af1d9f55
cdn-requestcountrycode: GB
vary: Accept-Encoding
cache-control: public, max-age=2592000
content-encoding: br
etag: "64ec87fa-c82"
last-modified: Mon, 28 Aug 2023 11:41:46 GMT
cdn-storageserver: DE-51
cdn-fileserver: 600
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/24/2024 19:12:42
cdn-edgestorageid: 1161
cdn-requestid: 1ff49d54ab4b4f574958c2ee9d47d578
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 1
DNS

virtual-entity.b-cdn.net

firefox.exe

Remote address:

8.8.8.8:53

Request

virtual-entity.b-cdn.net

IN A

Response

virtual-entity.b-cdn.net

IN A

207.211.214.145
GET

https://pxl.sprouts.ai/latest/pixelV3.js?id=de4742baf9ae0326740152eb49dea10c

firefox.exe

Remote address:

3.166.49.90:443

Request

GET /latest/pixelV3.js?id=de4742baf9ae0326740152eb49dea10c HTTP/2.0
host: pxl.sprouts.ai
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
last-modified: Tue, 11 Mar 2025 04:57:13 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: kHMVz5Su.05Hs3JyVewjVR8lHer.ZEqS
server: AmazonS3
date: Thu, 27 Mar 2025 09:28:38 GMT
etag: W/"fd218e10eced6dbe38889b07db770bfa"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 58566f6d2bd797485f27f6dce7643e34.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-P1
x-amz-cf-id: 01Gtf0WQ_lNwE6WHBPizgzr3MRbanu_aTosrpfeWHKnmAmJxQG08Tg==
age: 30647
vary: Origin
DNS

d2ix2amdl5rrlc.cloudfront.net

firefox.exe

Remote address:

8.8.8.8:53

Request

d2ix2amdl5rrlc.cloudfront.net

IN A

Response

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.97

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.21

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.90

d2ix2amdl5rrlc.cloudfront.net

IN A

3.166.49.58
GET

https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=634fc5026f66af518e897c77

firefox.exe

Remote address:

18.245.246.151:443

Request

GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=634fc5026f66af518e897c77 HTTP/2.0
host: d3e54v103j8qbb.cloudfront.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.cloudsek.com
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: br
date: Thu, 27 Mar 2025 09:22:25 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: accept-encoding
via: 1.1 6bb8eb5712512d0233fdbd1d8dcf84b6.cloudfront.net (CloudFront)
age: 31015
x-cache: Hit from cloudfront
x-amz-cf-pop: LHR5-P5
x-amz-cf-id: bDGpZuEZHQb22ZLGw3EPB4TO50_6uD1XdwWN65HFp5hLShFcn2c0dw==
DNS

d3e54v103j8qbb.cloudfront.net

firefox.exe

Remote address:

8.8.8.8:53

Request

d3e54v103j8qbb.cloudfront.net

IN A

Response

d3e54v103j8qbb.cloudfront.net

IN A

18.245.246.114

d3e54v103j8qbb.cloudfront.net

IN A

18.245.246.151

d3e54v103j8qbb.cloudfront.net

IN A

18.245.246.167

d3e54v103j8qbb.cloudfront.net

IN A

18.245.246.158
DNS

js.hs-scripts.com

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-scripts.com

IN A

Response

js.hs-scripts.com

IN A

104.16.141.209

js.hs-scripts.com

IN A

104.16.137.209

js.hs-scripts.com

IN A

104.16.139.209

js.hs-scripts.com

IN A

104.16.140.209

js.hs-scripts.com

IN A

104.16.138.209
GET

https://hubspotonwebflow.com/assets/js/form-124.js

firefox.exe

Remote address:

76.76.21.142:443

Request

GET /assets/js/form-124.js HTTP/2.0
host: hubspotonwebflow.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.cloudsek.com
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: *
age: 1165095
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="form-124.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 27 Mar 2025 17:59:19 GMT
etag: W/"392ca1f460caa2aa9439969a89f31c13"
last-modified: Thu, 13 Mar 2025 18:24:25 GMT
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /assets/js/form-124.js
x-vercel-cache: HIT
x-vercel-id: fra1::w985b-1743098359345-5a462465c44e
GET

https://hubspotonwebflow.com/assets/js/blockedDomains.json

firefox.exe

Remote address:

76.76.21.142:443

Request

GET /assets/js/blockedDomains.json HTTP/2.0
host: hubspotonwebflow.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
origin: https://www.cloudsek.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=4
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: *
age: 1162249
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="blockedDomains.json"
content-encoding: br
content-type: application/json; charset=utf-8
date: Thu, 27 Mar 2025 17:59:22 GMT
etag: W/"04708d47dd194d37b8231a65de7a66f1"
last-modified: Thu, 13 Mar 2025 18:30:17 GMT
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /assets/js/blockedDomains.json
x-vercel-cache: HIT
x-vercel-id: fra1::979sn-1743098362736-e206c36ae662
DNS

hubspotonwebflow.com

firefox.exe

Remote address:

8.8.8.8:53

Request

hubspotonwebflow.com

IN A

Response

hubspotonwebflow.com

IN A

76.76.21.61

hubspotonwebflow.com

IN A

76.76.21.22
DNS

cdn.prod.website-files.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.prod.website-files.com

IN AAAA

Response

cdn.prod.website-files.com

IN AAAA

2606:4700::6812:a175

cdn.prod.website-files.com

IN AAAA

2606:4700::6812:a075
DNS

jsdelivr.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

jsdelivr.map.fastly.net

IN AAAA

Response

jsdelivr.map.fastly.net

IN AAAA

2a04:4e42:600::485

jsdelivr.map.fastly.net

IN AAAA

2a04:4e42:200::485

jsdelivr.map.fastly.net

IN AAAA

2a04:4e42::485

jsdelivr.map.fastly.net

IN AAAA

2a04:4e42:400::485
DNS

virtual-entity.b-cdn.net

firefox.exe

Remote address:

8.8.8.8:53

Request

virtual-entity.b-cdn.net

IN AAAA

Response

virtual-entity.b-cdn.net

IN AAAA

2400:52e0:1e07::1161:1
DNS

d2ix2amdl5rrlc.cloudfront.net

firefox.exe

Remote address:

8.8.8.8:53

Request

d2ix2amdl5rrlc.cloudfront.net

IN AAAA

Response

d2ix2amdl5rrlc.cloudfront.net

IN AAAA

2600:9000:276c:1a00:12:9cab:5c00:93a1

d2ix2amdl5rrlc.cloudfront.net

IN AAAA

2600:9000:276c:4800:12:9cab:5c00:93a1

d2ix2amdl5rrlc.cloudfront.net

IN AAAA

2600:9000:276c:2400:12:9cab:5c00:93a1

d2ix2amdl5rrlc.cloudfront.net

IN AAAA

2600:9000:276c:600:12:9cab:5c00:93a1

d2ix2amdl5rrlc.cloudfront.net

IN AAAA

2600:9000:276c:8a00:12:9cab:5c00:93a1

d2ix2amdl5rrlc.cloudfront.net

IN AAAA

2600:9000:276c:b400:12:9cab:5c00:93a1

d2ix2amdl5rrlc.cloudfront.net

IN AAAA

2600:9000:276c:3e00:12:9cab:5c00:93a1

d2ix2amdl5rrlc.cloudfront.net

IN AAAA

2600:9000:276c:a00:12:9cab:5c00:93a1
DNS

hubspotonwebflow.com

firefox.exe

Remote address:

8.8.8.8:53

Request

hubspotonwebflow.com

IN AAAA

Response
DNS

d3e54v103j8qbb.cloudfront.net

firefox.exe

Remote address:

8.8.8.8:53

Request

d3e54v103j8qbb.cloudfront.net

IN AAAA

Response
DNS

js.hs-scripts.com

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-scripts.com

IN AAAA

Response

js.hs-scripts.com

IN AAAA

2606:4700::6810:8cd1

js.hs-scripts.com

IN AAAA

2606:4700::6810:8bd1

js.hs-scripts.com

IN AAAA

2606:4700::6810:89d1

js.hs-scripts.com

IN AAAA

2606:4700::6810:8ad1

js.hs-scripts.com

IN AAAA

2606:4700::6810:8dd1
DNS

www.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

www.clarity.ms

IN A

Response

www.clarity.ms

IN CNAME

clarity.azurefd.net

clarity.azurefd.net

IN CNAME

azurefd-t-prod.trafficmanager.net

azurefd-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

www.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

www.clarity.ms

IN A

Response

www.clarity.ms

IN CNAME

clarity.azurefd.net

clarity.azurefd.net

IN CNAME

azurefd-t-prod.trafficmanager.net

azurefd-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

s-part-0036.t-0009.t-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

s-part-0036.t-0009.t-msedge.net

IN A

Response

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
GET

https://pxl.sprouts.ai/config/de4742baf9ae0326740152eb49dea10c.json

firefox.exe

Remote address:

3.166.49.90:443

Request

GET /config/de4742baf9ae0326740152eb49dea10c.json HTTP/2.0
host: pxl.sprouts.ai
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
origin: https://www.cloudsek.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=4
te: trailers

Response

HTTP/2.0 200

content-type: application/json
content-length: 25
last-modified: Tue, 08 Oct 2024 06:07:00 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y9JtfcVJUxrrXWd9tNAPXVDddDszWhAU
accept-ranges: bytes
server: AmazonS3
date: Thu, 27 Mar 2025 05:11:13 GMT
etag: "95acb64f8fbc3e9b3be5ddf23046c93c"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 0dcf542ed626174da2ab96cbb2e0ea8a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-P1
x-amz-cf-id: tfmAZ1Z3R49bhG94OVsL85mgzPy0wJ1DLCTCsCU7vSI5ruOIBmbF9g==
age: 46285
access-control-allow-origin: *
access-control-expose-headers: *
DNS

s-part-0036.t-0009.t-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

s-part-0036.t-0009.t-msedge.net

IN AAAA

Response

s-part-0036.t-0009.t-msedge.net

IN AAAA

2620:1ec:bdf::64
DNS

s-part-0036.t-0009.t-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

s-part-0036.t-0009.t-msedge.net

IN AAAA

Response

s-part-0036.t-0009.t-msedge.net

IN AAAA

2620:1ec:bdf::64
DNS

bc047102.sibforms.com

firefox.exe

Remote address:

8.8.8.8:53

Request

bc047102.sibforms.com

IN A

Response

bc047102.sibforms.com

IN A

104.16.248.109

bc047102.sibforms.com

IN A

104.16.249.109
GET

https://bc047102.sibforms.com/serve/MUIEAPtEdnFwgNiNf3xW4hk07Y4THowhdDNs_B6MTWneVmcg08tj213Hcxfq-EE7ToLhU3qIL9hwO1IedPcCdOllTbRmUSpvX3hgz_UcmRcqpl4F9nGjodY8JVct_LdIJoIYFLUoDz4tlKzMRDvltQtHpEyFOKrjATMxZi5SNQtRfQZyi8eZmzcN_eOr-BAe51w7SIs360UpxPDp

firefox.exe

Remote address:

104.16.248.109:443

Request

GET /serve/MUIEAPtEdnFwgNiNf3xW4hk07Y4THowhdDNs_B6MTWneVmcg08tj213Hcxfq-EE7ToLhU3qIL9hwO1IedPcCdOllTbRmUSpvX3hgz_UcmRcqpl4F9nGjodY8JVct_LdIJoIYFLUoDz4tlKzMRDvltQtHpEyFOKrjATMxZi5SNQtRfQZyi8eZmzcN_eOr-BAe51w7SIs360UpxPDp HTTP/2.0
host: bc047102.sibforms.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: text/html; charset=UTF-8
cache-control: public, s-maxage=300
vary: Origin, Accept-Encoding
last-modified: Thu, 27 Mar 2025 15:33:22 GMT
cf-cache-status: HIT
age: 4246
set-cookie: __cfruid=b4b5f723c22047591f6e727cb61af8f4f7a83e55-1743098360; path=/; domain=.sibforms.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9270c7ee3dc99408-LHR
content-encoding: gzip
GET

https://bc047102.sibforms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

firefox.exe

Remote address:

104.16.248.109:443

Request

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/2.0
host: bc047102.sibforms.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://bc047102.sibforms.com/serve/MUIEAPtEdnFwgNiNf3xW4hk07Y4THowhdDNs_B6MTWneVmcg08tj213Hcxfq-EE7ToLhU3qIL9hwO1IedPcCdOllTbRmUSpvX3hgz_UcmRcqpl4F9nGjodY8JVct_LdIJoIYFLUoDz4tlKzMRDvltQtHpEyFOKrjATMxZi5SNQtRfQZyi8eZmzcN_eOr-BAe51w7SIs360UpxPDp
cookie: __cfruid=b4b5f723c22047591f6e727cb61af8f4f7a83e55-1743098360
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:24:18 GMT
etag: W/"67d49e82-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 9270c7ef0eb19408-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 29 Mar 2025 17:59:20 GMT
cache-control: max-age=172800
cache-control: public
content-encoding: gzip
GET

https://sibforms.com/forms/end-form/build/sib-styles.css

firefox.exe

Remote address:

104.16.248.109:443

Request

GET /forms/end-form/build/sib-styles.css HTTP/2.0
host: sibforms.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://bc047102.sibforms.com/
cookie: __cfruid=b4b5f723c22047591f6e727cb61af8f4f7a83e55-1743098360
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: application/javascript
last-modified: Fri, 07 Mar 2025 13:05:02 GMT
etag: W/"67caeefe-708f2"
content-encoding: gzip
cf-cache-status: HIT
age: 2419
expires: Thu, 27 Mar 2025 21:59:20 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 9270c7f078749408-LHR
GET

https://sibforms.com/forms/end-form/build/main.js

firefox.exe

Remote address:

104.16.248.109:443

Request

GET /forms/end-form/build/main.js HTTP/2.0
host: sibforms.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://bc047102.sibforms.com/
cookie: __cfruid=b4b5f723c22047591f6e727cb61af8f4f7a83e55-1743098360
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: text/css
last-modified: Fri, 07 Mar 2025 13:05:02 GMT
etag: W/"67caeefe-e63e"
content-encoding: gzip
cf-cache-status: HIT
age: 1223
expires: Thu, 27 Mar 2025 21:59:20 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 9270c7f078719408-LHR
GET

https://sibforms.com/forms/end-form/elastic-apm-rum.umd.min.js

firefox.exe

Remote address:

104.16.248.109:443

Request

GET /forms/end-form/elastic-apm-rum.umd.min.js HTTP/2.0
host: sibforms.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://bc047102.sibforms.com/
cookie: __cfruid=b4b5f723c22047591f6e727cb61af8f4f7a83e55-1743098360
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: application/javascript
last-modified: Wed, 08 Jan 2025 23:19:47 GMT
etag: W/"677f0813-e6c5"
content-encoding: gzip
cf-cache-status: HIT
age: 4584
expires: Thu, 27 Mar 2025 21:59:20 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 9270c7f159899408-LHR
DNS

bc047102.sibforms.com

firefox.exe

Remote address:

8.8.8.8:53

Request

bc047102.sibforms.com

IN AAAA

Response

bc047102.sibforms.com

IN AAAA

2606:4700::6810:f86d

bc047102.sibforms.com

IN AAAA

2606:4700::6810:f96d
DNS

bc047102.sibforms.com

firefox.exe

Remote address:

8.8.8.8:53

Request

bc047102.sibforms.com

IN AAAA

Response

bc047102.sibforms.com

IN AAAA

2606:4700::6810:f86d

bc047102.sibforms.com

IN AAAA

2606:4700::6810:f96d
DNS

sibforms.com

firefox.exe

Remote address:

8.8.8.8:53

Request

sibforms.com

IN A

Response

sibforms.com

IN A

104.16.248.109

sibforms.com

IN A

104.16.249.109
GET

https://js.hs-scripts.com/7140541.js

firefox.exe

Remote address:

104.16.138.209:443

Request

GET /7140541.js HTTP/2.0
host: js.hs-scripts.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: application/javascript;charset=utf-8
content-length: 583
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 5beccc7b-a4c5-463a-9291-34e9f5d8cf9e
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-max-age: 3600
access-control-allow-origin: https://www.cloudsek.com
last-modified: Thu, 27 Mar 2025 17:57:13 GMT
cf-cache-status: HIT
age: 42
expires: Thu, 27 Mar 2025 18:00:50 GMT
cache-control: public, max-age=90
accept-ranges: bytes
set-cookie: __cf_bm=EGtqS1g3H8ijuuDFKFCYFlWEmi.CwkQjxKQZgj0XyrQ-1743098360-1.0.1.1-pzTLc.aHh92FfbsPfb5NubJk1b.wbClX_jofIA.IKdf4R7TJ03hmIai8nUitR4pYK5QPK0Om_JB1NvovnEj6tpWdRMoR0CSH3kaycfyhRmk; path=/; expires=Thu, 27-Mar-25 18:29:20 GMT; domain=.hs-scripts.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9270c7f11b3d60fe-LHR
GET

https://www.clarity.ms/tag/frgg3qg64j

firefox.exe

Remote address:

13.107.246.64:443

Request

GET /tag/frgg3qg64j HTTP/2.0
host: www.clarity.ms
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: application/x-javascript
content-length: 1060
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=36115dfc3cd546869851c4cd24720870.20250327.20260327; expires=Fri, 27 Mar 2026 17:59:20 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-azure-ref: 20250327T175920Z-157d97d486c5q8b6hC1LONqpkn00000013d0000000010upb
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
GET

https://www.clarity.ms/s/0.8.1/clarity.js

firefox.exe

Remote address:

13.107.246.64:443

Request

GET /s/0.8.1/clarity.js HTTP/2.0
host: www.clarity.ms
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 19 Mar 2025 20:16:05 GMT
etag: W/"0x8DD6722E0B7F6F4"
x-ms-request-id: 3a6e808c-c01e-0066-0d26-9961fb000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
x-azure-ref: 20250327T175920Z-157d97d486c5q8b6hC1LONqpkn00000013d0000000010uqp
cache-control: public, max-age=86400
x-fd-int-roxy-purgeid: 79034942
x-cache: TCP_HIT
content-encoding: br
GET

https://www.clarity.ms/tag/frgezfwt0f?ref=bwt

firefox.exe

Remote address:

13.107.246.64:443

Request

GET /tag/frgezfwt0f?ref=bwt HTTP/2.0
host: www.clarity.ms
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:21 GMT
content-type: application/x-javascript
content-length: 1060
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=7c638c7674f54f49a3e9bb20b19ffcf4.20250327.20260327; expires=Fri, 27 Mar 2026 17:59:21 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
x-azure-ref: 20250327T175921Z-157d97d486c5q8b6hC1LONqpkn00000013d0000000010uxs
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
GET

https://www.clarity.ms/tag/frgg3qg64j?ref=gtm2

firefox.exe

Remote address:

13.107.246.64:443

Request

GET /tag/frgg3qg64j?ref=gtm2 HTTP/2.0
host: www.clarity.ms
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:21 GMT
content-type: application/x-javascript
content-length: 674
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=ae0ebaae909f4f7b9a0ed8108b5d5dbe.20250327.20260327; expires=Fri, 27 Mar 2026 17:59:21 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-azure-ref: 20250327T175921Z-157d97d486c5q8b6hC1LONqpkn00000013d0000000010uxr
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
DNS

sibforms.com

firefox.exe

Remote address:

8.8.8.8:53

Request

sibforms.com

IN A

Response

sibforms.com

IN A

104.16.248.109

sibforms.com

IN A

104.16.249.109
DNS

sibforms.com

firefox.exe

Remote address:

8.8.8.8:53

Request

sibforms.com

IN AAAA

Response

sibforms.com

IN AAAA

2606:4700::6810:f86d

sibforms.com

IN AAAA

2606:4700::6810:f96d
DNS

js.hs-analytics.net

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-analytics.net

IN A

Response

js.hs-analytics.net

IN A

104.17.175.201

js.hs-analytics.net

IN A

104.16.160.168
DNS

js.hs-banner.com

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-banner.com

IN A

Response

js.hs-banner.com

IN A

104.18.40.240

js.hs-banner.com

IN A

172.64.147.16
DNS

js.hs-banner.com

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-banner.com

IN A

Response

js.hs-banner.com

IN A

172.64.147.16

js.hs-banner.com

IN A

104.18.40.240
DNS

js.hsadspixel.net

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hsadspixel.net

IN A

Response

js.hsadspixel.net

IN A

104.17.128.172

js.hsadspixel.net

IN A

104.17.223.152
DNS

assets.brevo.com

firefox.exe

Remote address:

8.8.8.8:53

Request

assets.brevo.com

IN A

Response

assets.brevo.com

IN A

104.18.37.40

assets.brevo.com

IN A

172.64.150.216
GET

https://js.hsadspixel.net/fb.js

firefox.exe

Remote address:

104.17.128.172:443

Request

GET /fb.js HTTP/2.0
host: js.hsadspixel.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Mar 2025 18:46:42 UTC
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: hyWUAxM5yUZcBkLqz5eNCJDNyAjVANL.
etag: W/"2fa19b3d303f4c1a77d3725bfbeb9256"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: LSbAezBxAL0vw_ilhzf8xRQ8IQmZ8cb0-DA7YVrqk7Hs7p7YqazmlQ==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.1635/bundles/pixels-release.js&cfRay=9268dec29e164141-MAD
cache-control: max-age=600
x-hs-target-asset: adsscriptloaderstatic/static-1.1635/bundles/pixels-release.js
x-content-type-options: nosniff
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 6d96acaf-b5aa-4008-b52a-0caa6e2483c6
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-554d564d77-t9hj2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6d96acaf-b5aa-4008-b52a-0caa6e2483c6
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 12
set-cookie: __cf_bm=CKE6ZusDWFsWuXbLiEZ_MA58gcPDvOAPfh5Y6h1eNWE-1743098360-1.0.1.1-9hCGTtPtlvFoq5FC2Uk3qgiCUMozDdqGn5rMfyiHRFHvDNayaepE1Gqg7KZKD.tqgy9wg2eulJQeRvvUfGgUhSipz48hXAZv7eEouMokeG8; path=/; expires=Thu, 27-Mar-25 18:29:20 GMT; domain=.hsadspixel.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9270c7f2adf663ad-LHR
DNS

js.hsadspixel.net

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hsadspixel.net

IN A

Response

js.hsadspixel.net

IN A

104.17.223.152

js.hsadspixel.net

IN A

104.17.128.172
GET

https://js.hs-analytics.net/analytics/1743098100000/7140541.js

firefox.exe

Remote address:

104.17.175.201:443

Request

GET /analytics/1743098100000/7140541.js HTTP/2.0
host: js.hs-analytics.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: text/javascript
x-amz-id-2: YJNvwUYZTtn3yB60cMIZrKSos0Qpucbkey6PfhkRZCYzFYF3F7S/FtssE0SSe3mo3ObBzQOAAps=
x-amz-request-id: VR3TRRZW829P8AG8
last-modified: Mon, 24 Mar 2025 04:01:40 GMT
etag: W/"6f3db8dcad0e2ac93a915bfc016143d3"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Thu, 27 Mar 2025 18:00:11 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 26
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: a55d3ff9-b6ca-4850-a368-0e9e5c5885a0
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fbbff5ddb-dr2zd
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: a55d3ff9-b6ca-4850-a368-0e9e5c5885a0
cf-cache-status: HIT
age: 168
set-cookie: __cf_bm=g8RBXL1l5qgIGFK4YSJfvq9DxFq7xJ0KI897XhG9RrY-1743098360-1.0.1.1-uTO7SBglKQdHBT72oAi6FI1L0TkHANQ8Clj.aIy7EOa5Qs8xG1F7TYcMK36s.Zh_tfaRHKxJ4tVBmaP9pOn.YL67TgzQUXTSsJmwns86IvA; path=/; expires=Thu, 27-Mar-25 18:29:20 GMT; domain=.hs-analytics.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9270c7f2ccf125c5-LHR
DNS

js.hs-analytics.net

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-analytics.net

IN A

Response

js.hs-analytics.net

IN A

104.16.160.168

js.hs-analytics.net

IN A

104.17.175.201
DNS

region1.analytics.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN A

Response

region1.analytics.google.com

IN A

216.239.34.36

region1.analytics.google.com

IN A

216.239.32.36
DNS

region1.analytics.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN A

Response

region1.analytics.google.com

IN A

216.239.32.36

region1.analytics.google.com

IN A

216.239.34.36
DNS

stats.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

74.125.133.156

stats.g.doubleclick.net

IN A

74.125.133.157

stats.g.doubleclick.net

IN A

74.125.133.155

stats.g.doubleclick.net

IN A

74.125.133.154
GET

https://js.hs-banner.com/v2/7140541/banner.js

firefox.exe

Remote address:

104.18.40.240:443

Request

GET /v2/7140541/banner.js HTTP/2.0
host: js.hs-banner.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: UJ4JX1bO1RL6jDX+i6k2tT8vDryr2dVOqo0HBRI2Gh26xxC7xkl5FOCI3Hs/CIc2+wpwJT8bVrA=
x-amz-request-id: FTXNS3RCFYY9W2EE
last-modified: Mon, 24 Mar 2025 04:01:36 GMT
etag: W/"3ff5dcbaddb31b2963a83d152c063a4a"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: fiU0mQhDBsLusEH4IxfdlLRS.LiNtTmR
access-control-allow-origin: https://www.cloudsek.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Thu, 27 Mar 2025 17:57:31 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 43
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 242db611-c52d-4be5-80d9-427020f5b8bf
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fbbff5ddb-nhv77
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 242db611-c52d-4be5-80d9-427020f5b8bf
cf-cache-status: HIT
age: 297
set-cookie: __cf_bm=uGyf4FZwrgGizI5R6cyg9JDaUVPqLkmX97JOEHla1oU-1743098360-1.0.1.1-uOLt8338z47EF2wWgrVnZkWHOjcOub6JhiPKYJfrbQ7Qah7W8esN6Dazplsip3KpmHNN.K1cZ3Z3mb2iY30Q6XsdyGLz99MdAwR0vw44nsA; path=/; expires=Thu, 27-Mar-25 18:29:20 GMT; domain=.hs-banner.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9270c7f2ebb648c2-LHR
DNS

www.google.co.uk

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN A

Response

www.google.co.uk

IN A

142.250.187.227
DNS

js.hs-banner.com

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-banner.com

IN A

Response

js.hs-banner.com

IN A

172.64.147.16

js.hs-banner.com

IN A

104.18.40.240
GET

https://assets.brevo.com/font/Roboto/Latin/normal/normal/7529907e9eaf8ebb5220c5f9850e3811.woff2

firefox.exe

Remote address:

104.18.37.40:443

Request

GET /font/Roboto/Latin/normal/normal/7529907e9eaf8ebb5220c5f9850e3811.woff2 HTTP/2.0
host: assets.brevo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://bc047102.sibforms.com
referer: https://bc047102.sibforms.com/
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: font/woff2
content-length: 14752
x-amz-id-2: dEtpMiWk3U+g6N81K2B8H4nRPvn75ZTpL7UmU5rmDcXvUjA74LCFXSbtlG7cqXrgAPIcIplp7GU=
x-amz-request-id: 71NPANRD0FGCXB94
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 01 Feb 2023 09:28:53 GMT
etag: "7529907e9eaf8ebb5220c5f9850e3811"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=315360000
expires: Sun, 25 Mar 2035 17:59:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 3568904
accept-ranges: bytes
server: cloudflare
cf-ray: 9270c7f2fb75cd89-LHR
POST

https://www.google.com/ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=922024938.1743098359&dt=No%20Honour%20Among%20Thieves%3A%20Uncovering%20a%20Trojanized%20XWorm%20RAT%20Builder%20Propagated%20by%20Threat%20Actors%20and%20Disrupting%20Its%20Operations%20%7C%20CloudSEK&auid=312064482.1743098359&navt=n&npa=0&gtm=45He53q0v830341218za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102482433~102509683~102788824~102803279~102813109~102887799~102926062&tft=1743098359197&tfd=2179&apve=1

firefox.exe

Remote address:

172.217.169.36:443

Request

POST /ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=922024938.1743098359&dt=No%20Honour%20Among%20Thieves%3A%20Uncovering%20a%20Trojanized%20XWorm%20RAT%20Builder%20Propagated%20by%20Threat%20Actors%20and%20Disrupting%20Its%20Operations%20%7C%20CloudSEK&auid=312064482.1743098359&navt=n&npa=0&gtm=45He53q0v830341218za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102482433~102509683~102788824~102803279~102813109~102887799~102926062&tft=1743098359197&tfd=2179&apve=1 HTTP/2.0
host: www.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.cloudsek.com
referer: https://www.cloudsek.com/
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6
content-length: 0
te: trailers
DNS

assets.brevo.com

firefox.exe

Remote address:

8.8.8.8:53

Request

assets.brevo.com

IN A

Response

assets.brevo.com

IN A

104.18.37.40

assets.brevo.com

IN A

172.64.150.216
DNS

snap.licdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

snap.licdn.com

IN A

Response

snap.licdn.com

IN CNAME

od.linkedin.edgesuite.net

od.linkedin.edgesuite.net

IN CNAME

a1916.dscg2.akamai.net

a1916.dscg2.akamai.net

IN A

2.19.252.133

a1916.dscg2.akamai.net

IN A

2.19.252.143
DNS

www.redditstatic.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.redditstatic.com

IN A

Response

www.redditstatic.com

IN CNAME

dualstack.reddit.map.fastly.net

dualstack.reddit.map.fastly.net

IN A

151.101.193.140

dualstack.reddit.map.fastly.net

IN A

151.101.1.140

dualstack.reddit.map.fastly.net

IN A

151.101.129.140

dualstack.reddit.map.fastly.net

IN A

151.101.65.140
DNS

cdn-cookieyes.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn-cookieyes.com

IN A

Response

cdn-cookieyes.com

IN A

172.67.20.8

cdn-cookieyes.com

IN A

104.22.59.91

cdn-cookieyes.com

IN A

104.22.58.91
DNS

js.hsadspixel.net

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hsadspixel.net

IN AAAA

Response

js.hsadspixel.net

IN AAAA

2606:4700::6811:df98

js.hsadspixel.net

IN AAAA

2606:4700::6811:80ac
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.180.10
GET

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CVBS2RDPRJ&cid=975017464.1743098359&gtm=45je53q0v887596358za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&z=1708599423

firefox.exe

Remote address:

142.250.187.227:443

Request

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CVBS2RDPRJ&cid=975017464.1743098359&gtm=45je53q0v887596358za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&z=1708599423 HTTP/2.0
host: www.google.co.uk
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers
DNS

js.hs-banner.com

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-banner.com

IN AAAA

Response

js.hs-banner.com

IN AAAA

2606:4700:4400::6812:28f0

js.hs-banner.com

IN AAAA

2606:4700:4400::ac40:9310
DNS

www.google.co.uk

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN A

Response

www.google.co.uk

IN A

142.250.187.227
DNS

js.hs-analytics.net

firefox.exe

Remote address:

8.8.8.8:53

Request

js.hs-analytics.net

IN AAAA

Response

js.hs-analytics.net

IN AAAA

2606:4700::6810:a0a8

js.hs-analytics.net

IN AAAA

2606:4700::6811:afc9
DNS

stats.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

74.125.133.156

stats.g.doubleclick.net

IN A

74.125.133.154

stats.g.doubleclick.net

IN A

74.125.133.155

stats.g.doubleclick.net

IN A

74.125.133.157
DNS

a1916.dscg2.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a1916.dscg2.akamai.net

IN A

Response

a1916.dscg2.akamai.net

IN A

2.19.252.133

a1916.dscg2.akamai.net

IN A

2.19.252.143
GET

https://cdn-cookieyes.com/client_data/18125550f3691a0126bcd541/script.js

firefox.exe

Remote address:

172.67.20.8:443

Request

GET /client_data/18125550f3691a0126bcd541/script.js HTTP/2.0
host: cdn-cookieyes.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:20 GMT
content-type: application/javascript
content-length: 5236
last-modified: Wed, 19 Mar 2025 00:04:10 GMT
etag: "3b09-630a6c2c82300-gzip"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-cache-status: HIT
age: 148624
accept-ranges: bytes
server: cloudflare
cf-ray: 9270c7f3b8a09568-LHR
DNS

assets.brevo.com

firefox.exe

Remote address:

8.8.8.8:53

Request

assets.brevo.com

IN AAAA

Response

assets.brevo.com

IN AAAA

2606:4700:4400::ac40:96d8

assets.brevo.com

IN AAAA

2606:4700:4400::6812:2528
DNS

cdn-cookieyes.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn-cookieyes.com

IN A

Response

cdn-cookieyes.com

IN A

104.22.58.91

cdn-cookieyes.com

IN A

104.22.59.91

cdn-cookieyes.com

IN A

172.67.20.8
DNS

dualstack.reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dualstack.reddit.map.fastly.net

IN A

Response

dualstack.reddit.map.fastly.net

IN A

151.101.1.140

dualstack.reddit.map.fastly.net

IN A

151.101.65.140

dualstack.reddit.map.fastly.net

IN A

151.101.129.140

dualstack.reddit.map.fastly.net

IN A

151.101.193.140
GET

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

firefox.exe

Remote address:

142.250.180.10:443

Request

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

region1.analytics.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN A

Response

region1.analytics.google.com

IN A

216.239.32.36

region1.analytics.google.com

IN A

216.239.34.36
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.180.10
DNS

api.hubapi.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.hubapi.com

IN A

Response

api.hubapi.com

IN A

104.18.243.108

api.hubapi.com

IN A

104.18.244.108

api.hubapi.com

IN A

104.18.242.108

api.hubapi.com

IN A

104.18.241.108

api.hubapi.com

IN A

104.18.240.108
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN AAAA

Response

ajax.googleapis.com

IN AAAA

2a00:1450:4009:827::200a
DNS

region1.analytics.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN AAAA

Response

region1.analytics.google.com

IN AAAA

2001:4860:4802:34::36

region1.analytics.google.com

IN AAAA

2001:4860:4802:32::36
DNS

region1.analytics.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN AAAA

Response

region1.analytics.google.com

IN AAAA

2001:4860:4802:34::36

region1.analytics.google.com

IN AAAA

2001:4860:4802:32::36
DNS

stats.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN AAAA

Response

stats.g.doubleclick.net

IN AAAA

2a00:1450:400c:c07::9a

stats.g.doubleclick.net

IN AAAA

2a00:1450:400c:c07::9c

stats.g.doubleclick.net

IN AAAA

2a00:1450:400c:c07::9b

stats.g.doubleclick.net

IN AAAA

2a00:1450:400c:c07::9d
DNS

www.google.co.uk

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN AAAA

Response

www.google.co.uk

IN AAAA

2a00:1450:4009:820::2003
DNS

www.google.co.uk

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN AAAA

Response

www.google.co.uk

IN AAAA

2a00:1450:4009:820::2003
DNS

cdn-cookieyes.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn-cookieyes.com

IN AAAA

Response

cdn-cookieyes.com

IN AAAA

2606:4700:10::6816:3b5b

cdn-cookieyes.com

IN AAAA

2606:4700:10::6816:3a5b

cdn-cookieyes.com

IN AAAA

2606:4700:10::ac43:1408
DNS

dualstack.reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dualstack.reddit.map.fastly.net

IN AAAA

Response

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42:400::396

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42:200::396

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42:600::396

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42::396
DNS

dualstack.reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dualstack.reddit.map.fastly.net

IN AAAA

Response

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42:200::396

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42::396

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42:600::396

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42:400::396
DNS

a1916.dscg2.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a1916.dscg2.akamai.net

IN AAAA

Response

a1916.dscg2.akamai.net

IN AAAA

2a02:26f0:1c80:4::212:be4f

a1916.dscg2.akamai.net

IN AAAA

2a02:26f0:1c80:4::212:be48
DNS

o.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

o.clarity.ms

IN A

Response

o.clarity.ms

IN CNAME

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

IN A

52.152.143.207
GET

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7140541

firefox.exe

Remote address:

104.18.243.108:443

Request

GET /hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7140541 HTTP/2.0
host: api.hubapi.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.cloudsek.com
referer: https://www.cloudsek.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:21 GMT
content-type: application/json;charset=utf-8
cf-ray: 9270c7f4ec95951a-LHR
cf-cache-status: DYNAMIC
access-control-allow-origin: https://www.cloudsek.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-content-type-options: nosniff
x-hubspot-correlation-id: 7dbdc39b-ef41-4224-94b2-ef1403e970c1
set-cookie: __cf_bm=itj6.Y_QG6NtaNVAIS6IKkivOORXH7mqjW75.fZfIRE-1743098361-1.0.1.1-4.Sh3CzNthKK4_H61MDv4HrqUUG23lYglN7lINvhnHYAESJPsMNW7AeIgA2xkTI..92ykIZNZ2_eXr3SCxJO8X_Ie4wdIOcDYgUkCaHSriI; path=/; expires=Thu, 27-Mar-25 18:29:21 GMT; domain=.hubapi.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FTcX7qnUBECRq4mhc3R3c50n%2Fw8mf%2FyAsDB%2B9IIXRXiM9DVDkbi%2FIPcFIvu6Nsw5PyxewWG%2BtK03MSkFtLS%2F8wgS1LLam0m5qHU1y4gGnVs3QSkf5U8uohg%2FJ%2BYpQM12"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
DNS

api.hubapi.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.hubapi.com

IN A

Response

api.hubapi.com

IN A

104.18.240.108

api.hubapi.com

IN A

104.18.243.108

api.hubapi.com

IN A

104.18.241.108

api.hubapi.com

IN A

104.18.242.108

api.hubapi.com

IN A

104.18.244.108
DNS

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

IN A

Response

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

IN A

52.152.143.207
POST

https://o.clarity.ms/collect

firefox.exe

Remote address:

52.152.143.207:443

Request

POST /collect HTTP/1.1
Host: o.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Content-Length: 601
Origin: https://www.cloudsek.com
Connection: keep-alive
Referer: https://www.cloudsek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 27 Mar 2025 17:59:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.cloudsek.com
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
POST

https://o.clarity.ms/collect

firefox.exe

Remote address:

52.152.143.207:443

Request

POST /collect HTTP/1.1
Host: o.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
Accept: application/x-clarity-gzip
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Content-Length: 45046
Origin: https://www.cloudsek.com
Connection: keep-alive
Referer: https://www.cloudsek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 27 Mar 2025 17:59:22 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.cloudsek.com
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
POST

https://o.clarity.ms/collect

firefox.exe

Remote address:

52.152.143.207:443

Request

POST /collect HTTP/1.1
Host: o.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Content-Type: text/plain;charset=UTF-8
Content-Length: 4712
Origin: https://www.cloudsek.com
Connection: keep-alive
Referer: https://www.cloudsek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Priority: u=6

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 27 Mar 2025 17:59:24 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.cloudsek.com
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
DNS

api.hubapi.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.hubapi.com

IN AAAA

Response

api.hubapi.com

IN AAAA

2606:4700::6812:f06c

api.hubapi.com

IN AAAA

2606:4700::6812:f26c

api.hubapi.com

IN AAAA

2606:4700::6812:f36c

api.hubapi.com

IN AAAA

2606:4700::6812:f16c

api.hubapi.com

IN AAAA

2606:4700::6812:f46c
DNS

api.ipify.org

firefox.exe

Remote address:

8.8.8.8:53

Request

api.ipify.org

IN A

Response

api.ipify.org

IN A

104.26.13.205

api.ipify.org

IN A

172.67.74.152

api.ipify.org

IN A

104.26.12.205
DNS

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

IN AAAA

Response
DNS

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

firefox.exe

Remote address:

8.8.8.8:53

Request

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

IN AAAA

Response
GET

https://api.ipify.org/?format=json

firefox.exe

Remote address:

104.26.13.205:443

Request

GET /?format=json HTTP/2.0
host: api.ipify.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json, text/javascript, */*; q=0.01
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.cloudsek.com
referer: https://www.cloudsek.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:21 GMT
content-type: application/json
content-length: 23
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9270c7f5b8aaedf3-LHR
server-timing: cfL4;desc="?proto=TCP&rtt=47795&min_rtt=47483&rtt_var=13839&sent=9&recv=10&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2402&delivery_rate=81847&cwnd=254&unsent_bytes=0&cid=e589b0e2d77d23d2&ts=141&x=0"
DNS

api.ipify.org

firefox.exe

Remote address:

8.8.8.8:53

Request

api.ipify.org

IN A

Response

api.ipify.org

IN A

104.26.12.205

api.ipify.org

IN A

104.26.13.205

api.ipify.org

IN A

172.67.74.152
DNS

api.ipify.org

firefox.exe

Remote address:

8.8.8.8:53

Request

api.ipify.org

IN AAAA

Response
POST

https://region1.analytics.google.com/g/collect?v=2&tid=G-CVBS2RDPRJ&gtm=45je53q0v887596358za200&_p=1743098357976&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&gdid=dZGVlNj&cid=975017464.1743098359&ul=en-us&sr=1280x720&lps=1&frm=0&pscdl=noapi&_s=1&sid=1743098359&sct=1&seg=0&dl=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&dr=https%3A%2F%2Fwww.google.com%2F&dt=No%20Honour%20Among%20Thieves%3A%20Uncovering%20a%20Trojanized%20XWorm%20RAT%20Builder%20Propagated%20by%20Threat%20Actors%20and%20Disrupting%20Its%20Operations%20%7C%20CloudSEK&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-P8TZM5T&tfd=2159

firefox.exe

Remote address:

216.239.34.36:443

Request

POST /g/collect?v=2&tid=G-CVBS2RDPRJ&gtm=45je53q0v887596358za200&_p=1743098357976&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&gdid=dZGVlNj&cid=975017464.1743098359&ul=en-us&sr=1280x720&lps=1&frm=0&pscdl=noapi&_s=1&sid=1743098359&sct=1&seg=0&dl=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&dr=https%3A%2F%2Fwww.google.com%2F&dt=No%20Honour%20Among%20Thieves%3A%20Uncovering%20a%20Trojanized%20XWorm%20RAT%20Builder%20Propagated%20by%20Threat%20Actors%20and%20Disrupting%20Its%20Operations%20%7C%20CloudSEK&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-P8TZM5T&tfd=2159 HTTP/2.0
host: region1.analytics.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
origin: https://www.cloudsek.com
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6
pragma: no-cache
cache-control: no-cache
content-length: 0
te: trailers
POST

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CVBS2RDPRJ&cid=975017464.1743098359&gtm=45je53q0v887596358za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062

firefox.exe

Remote address:

74.125.133.156:443

Request

POST /g/collect?v=2&tid=G-CVBS2RDPRJ&cid=975017464.1743098359&gtm=45je53q0v887596358za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062 HTTP/2.0
host: stats.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.cloudsek.com
referer: https://www.cloudsek.com/
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6
content-length: 0
te: trailers
DNS

596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io

firefox.exe

Remote address:

8.8.8.8:53

Request

596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io

IN A

Response

596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io

IN CNAME

proxy.eu-west-1.aws.found.io

proxy.eu-west-1.aws.found.io

IN CNAME

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

IN A

34.253.3.7

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

IN A

63.33.254.192

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

IN A

108.129.63.17
GET

https://snap.licdn.com/li.lms-analytics/insight.min.js

firefox.exe

Remote address:

2.19.252.133:443

Request

GET /li.lms-analytics/insight.min.js HTTP/2.0
host: snap.licdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

last-modified: Wed, 22 Jan 2025 19:47:17 GMT
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
accept-ranges: bytes
content-type: application/javascript;charset=utf-8
content-encoding: gzip
content-length: 14637
date: Thu, 27 Mar 2025 17:59:21 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
vary: Accept-Encoding
x-cdn-proto: HTTP2
x-content-type-options: nosniff
x-cdn: AKAM
GET

https://www.redditstatic.com/ads/pixel.js

firefox.exe

Remote address:

151.101.193.140:443

Request

GET /ads/pixel.js HTTP/2.0
host: www.redditstatic.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

last-modified: Wed, 26 Mar 2025 18:01:33 GMT
etag: "6c7282bbffcdf94e6bdca2515cb078e4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:59:21 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 18688
OPTIONS

https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events

firefox.exe

Remote address:

34.253.3.7:443

Request

OPTIONS /intake/v2/rum/events HTTP/2.0
host: 596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
access-control-request-method: POST
access-control-request-headers: content-encoding,content-type
referer: https://bc047102.sibforms.com/
origin: https://bc047102.sibforms.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
priority: u=4
te: trailers

Response

HTTP/2.0 200

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://bc047102.sibforms.com
access-control-expose-headers: Etag
access-control-max-age: 3600
date: Thu, 27 Mar 2025 17:59:21 GMT
vary: Origin
x-cloud-request-id: J7-gwZUtQxWvaW2RdK4fFQ
x-content-type-options: nosniff
x-found-handling-cluster: 596808a16dec4fc39413bf34b0a70240
x-found-handling-instance: instance-0000000035
content-length: 0
POST

https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events

firefox.exe

Remote address:

34.253.3.7:443

Request

POST /intake/v2/rum/events HTTP/2.0
host: 596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
content-type: application/x-ndjson
content-encoding: gzip
content-length: 1298
origin: https://bc047102.sibforms.com
referer: https://bc047102.sibforms.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 202

access-control-allow-origin: https://bc047102.sibforms.com
date: Thu, 27 Mar 2025 17:59:21 GMT
x-cloud-request-id: ICpuW-R1QE-Mu5JvV9ITtQ
x-content-type-options: nosniff
x-found-handling-cluster: 596808a16dec4fc39413bf34b0a70240
x-found-handling-instance: instance-0000000028
content-length: 0
DNS

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

IN A

Response

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

IN A

34.253.3.7

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

IN A

108.129.63.17

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

IN A

63.33.254.192
DNS

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

IN AAAA

Response
DNS

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

IN AAAA

Response
DNS

wa.sprouts.ai

firefox.exe

Remote address:

8.8.8.8:53

Request

wa.sprouts.ai

IN A

Response

wa.sprouts.ai

IN A

34.74.151.231
DNS

wa.sprouts.ai

firefox.exe

Remote address:

8.8.8.8:53

Request

wa.sprouts.ai

IN A

Response

wa.sprouts.ai

IN A

34.74.151.231
OPTIONS

https://wa.sprouts.ai:3000/v1/iplookups?k=de4742baf9ae0326740152eb49dea10c

firefox.exe

Remote address:

34.74.151.231:3000

Request

OPTIONS /v1/iplookups?k=de4742baf9ae0326740152eb49dea10c HTTP/1.1
Host: wa.sprouts.ai:3000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cloudsek.com/
Origin: https://www.cloudsek.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Priority: u=4

Response

HTTP/1.1 200

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PATCH, PUT
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: x-requested-with, content-type, Authorization, Cache-Control, X-XSRF-TOKEN, X-FORWARDED-FOR, clientId, X-TEMP-PASSWORD, X-RE-CAPTCHA-TOKEN, secretKey, X-Login-Email, X-CUSTOMER-ID, X-DEMO-ENV
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Disposition
Content-Length: 0
Date: Thu, 27 Mar 2025 17:59:22 GMT
Keep-Alive: timeout=60
Connection: keep-alive
POST

https://wa.sprouts.ai:3000/v1/iplookups?k=de4742baf9ae0326740152eb49dea10c

firefox.exe

Remote address:

34.74.151.231:3000

Request

POST /v1/iplookups?k=de4742baf9ae0326740152eb49dea10c HTTP/1.1
Host: wa.sprouts.ai:3000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Content-Type: application/json; charset=utf-8
Content-Length: 23
Origin: https://www.cloudsek.com
Connection: keep-alive
Referer: https://www.cloudsek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 404

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PATCH, PUT
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: x-requested-with, content-type, Authorization, Cache-Control, X-XSRF-TOKEN, X-FORWARDED-FOR, clientId, X-TEMP-PASSWORD, X-RE-CAPTCHA-TOKEN, secretKey, X-Login-Email, X-CUSTOMER-ID, X-DEMO-ENV
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Disposition
Content-Type: application/json
Transfer-Encoding: chunked
Date: Thu, 27 Mar 2025 17:59:22 GMT
Keep-Alive: timeout=60
Connection: keep-alive
DNS

wa.sprouts.ai

firefox.exe

Remote address:

8.8.8.8:53

Request

wa.sprouts.ai

IN A

Response

wa.sprouts.ai

IN A

34.74.151.231
DNS

px.ads.linkedin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

px.ads.linkedin.com

IN A

Response

px.ads.linkedin.com

IN CNAME

afd-lnkd.www.linkedin.com

afd-lnkd.www.linkedin.com

IN CNAME

www-linkedin-com.l-0005.l-msedge.net

www-linkedin-com.l-0005.l-msedge.net

IN CNAME

l-0005.l-msedge.net

l-0005.l-msedge.net

IN A

13.107.42.14
DNS

wa.sprouts.ai

firefox.exe

Remote address:

8.8.8.8:53

Request

wa.sprouts.ai

IN AAAA

Response
DNS

pixel-config.reddit.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pixel-config.reddit.com

IN A

Response

pixel-config.reddit.com

IN CNAME

reddit.map.fastly.net

reddit.map.fastly.net

IN A

151.101.193.140

reddit.map.fastly.net

IN A

151.101.1.140

reddit.map.fastly.net

IN A

151.101.129.140

reddit.map.fastly.net

IN A

151.101.65.140
GET

https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_ehgeu6bodaqs_telemetry

firefox.exe

Remote address:

151.101.193.140:443

Request

GET /ads/conversions-config/v1/pixel/config/a2_ehgeu6bodaqs_telemetry HTTP/2.0
host: www.redditstatic.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.cloudsek.com
referer: https://www.cloudsek.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: *
cache-control: max-age=300
content-type: application/json
content-encoding: gzip
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:59:21 GMT
via: 1.1 varnish
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 98
DNS

alb.reddit.com

firefox.exe

Remote address:

8.8.8.8:53

Request

alb.reddit.com

IN A

Response

alb.reddit.com

IN CNAME

reddit.map.fastly.net

reddit.map.fastly.net

IN A

151.101.1.140

reddit.map.fastly.net

IN A

151.101.65.140

reddit.map.fastly.net

IN A

151.101.193.140

reddit.map.fastly.net

IN A

151.101.129.140
POST

https://px.ads.linkedin.com/wa/

firefox.exe

Remote address:

13.107.42.14:443

Request

POST /wa/ HTTP/2.0
host: px.ads.linkedin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: *
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
content-type: text/plain;charset=UTF-8
content-length: 583
origin: https://www.cloudsek.com
referer: https://www.cloudsek.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 204

vary: Origin
set-cookie: bcookie="v=2&19bba5e3-adbd-462d-80b1-011811a3d4b6"; Domain=.linkedin.com; Expires=Fri, 27-Mar-2026 17:59:22 GMT; Path=/; Secure; SameSite=None
set-cookie: li_gc=MTswOzE3NDMwOTgzNjI7MjswMjFqusp5U41nVworStABubpdCO0xwNGCCYpChOmGcV0pQA==; Domain=.linkedin.com; Expires=Tue, 23 Sep 2025 17:59:22 GMT; Path=/; Secure; SameSite=None
set-cookie: lidc="b=OGST07:s=O:r=O:a=O:p=O:g=3149:u=1:x=1:i=1743098362:t=1743184762:v=2:sig=AQF6Zt7WkTliB7gWAd-Ywy-0DX9hIcO-"; Expires=Fri, 28 Mar 2025 17:59:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
access-control-allow-origin: https://www.cloudsek.com
access-control-allow-credentials: true
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYxVratc9Ea4Lis3z0ikg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 979F64A37D414D7D9CE7A3C343807EEB Ref B: LON04EDGE1116 Ref C: 2025-03-27T17:59:21Z
date: Thu, 27 Mar 2025 17:59:21 GMT
GET

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=676963&time=1743098360355&url=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&tm=gtmv2

firefox.exe

Remote address:

13.107.42.14:443

Request

GET /collect?v=2&fmt=js&pid=676963&time=1743098360355&url=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&tm=gtmv2 HTTP/2.0
host: px.ads.linkedin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6, i
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
set-cookie: bcookie="v=2&b4802a4b-9622-49fb-89a1-fd5b74674ffe"; Domain=.linkedin.com; Expires=Fri, 27-Mar-2026 17:59:22 GMT; Path=/; Secure; SameSite=None
set-cookie: li_gc=MTswOzE3NDMwOTgzNjI7MjswMjF5ZqgQvj/toll5HLY/bP8vAvSmk5iEH9Ev28kPgRSnEA==; Domain=.linkedin.com; Expires=Tue, 23 Sep 2025 17:59:22 GMT; Path=/; Secure; SameSite=None
set-cookie: lidc="b=OGST07:s=O:r=O:a=O:p=O:g=3149:u=1:x=1:i=1743098362:t=1743184762:v=2:sig=AQF6Zt7WkTliB7gWAd-Ywy-0DX9hIcO-"; Expires=Fri, 28 Mar 2025 17:59:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYxVra0ycKfML61ovRIDw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 318190D44DE44414BFEF6C4F60E8312F Ref B: LON04EDGE1116 Ref C: 2025-03-27T17:59:22Z
date: Thu, 27 Mar 2025 17:59:22 GMT
content-length: 0
DNS

l-0005.l-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

l-0005.l-msedge.net

IN A

Response

l-0005.l-msedge.net

IN A

13.107.42.14
DNS

attachments.prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.107.152.202
DNS

reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

reddit.map.fastly.net

IN A

Response

reddit.map.fastly.net

IN A

151.101.193.140

reddit.map.fastly.net

IN A

151.101.129.140

reddit.map.fastly.net

IN A

151.101.1.140

reddit.map.fastly.net

IN A

151.101.65.140
DNS

133.252.19.2.in-addr.arpa

firefox.exe

Remote address:

8.8.8.8:53

Request

133.252.19.2.in-addr.arpa

IN PTR

Response

133.252.19.2.in-addr.arpa

IN PTR

a2-19-252-133deploystaticakamaitechnologiescom
GET

https://pixel-config.reddit.com/pixels/a2_ehgeu6bodaqs/config

firefox.exe

Remote address:

151.101.193.140:443

Request

GET /pixels/a2_ehgeu6bodaqs/config HTTP/2.0
host: pixel-config.reddit.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.cloudsek.com
referer: https://www.cloudsek.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: *
cache-control: max-age=14400
content-encoding: gzip
content-type: application/json
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:59:21 GMT
via: 1.1 varnish
server: snooserv
content-length: 48
DNS

l-0005.l-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

l-0005.l-msedge.net

IN AAAA

Response

l-0005.l-msedge.net

IN AAAA

2620:1ec:21::14
DNS

reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

reddit.map.fastly.net

IN AAAA

Response
GET

https://alb.reddit.com/rp.gif?ts=1743098360336&id=a2_ehgeu6bodaqs&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=037017c5-90b2-40b8-aefd-2eb9b159985d&aaid=&em=&pn=&external_id=&idfa=&integration=gtm&partner=&opt_out=0&sh=1280&sw=720&v=rdt_d9500dd4&dpm=&dpcc=&dprc=

firefox.exe

Remote address:

151.101.1.140:443

Request

GET /rp.gif?ts=1743098360336&id=a2_ehgeu6bodaqs&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=037017c5-90b2-40b8-aefd-2eb9b159985d&aaid=&em=&pn=&external_id=&idfa=&integration=gtm&partner=&opt_out=0&sh=1280&sw=720&v=rdt_d9500dd4&dpm=&dpcc=&dprc= HTTP/2.0
host: alb.reddit.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6, i
te: trailers

Response

HTTP/2.0 200

server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 27 Mar 2025 17:59:22 GMT
via: 1.1 varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
content-length: 42
DNS

track.hubspot.com

firefox.exe

Remote address:

8.8.8.8:53

Request

track.hubspot.com

IN A

Response

track.hubspot.com

IN A

104.16.117.116

track.hubspot.com

IN A

104.16.118.116
DNS

c.clarity.ms

firefox.exe

Remote address:

8.8.8.8:53

Request

c.clarity.ms

IN A

Response

c.clarity.ms

IN CNAME

c.msn.com

c.msn.com

IN CNAME

c-msn-pme.trafficmanager.net

c-msn-pme.trafficmanager.net

IN A

13.74.129.1
GET

https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3642202416&v=1.1&a=7140541&rcu=https%3A%2F%2Fcloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&r=https%3A%2F%2Fwww.google.com%2F&pu=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&t=No+Honour+Among+Thieves%3A+Uncovering+a+Trojanized+XWorm+RAT+Builder+Propagated+by+Threat+Actors+and+Disrupting+Its+Operations+%7C+CloudSEK&cts=1743098361224&vi=567bbd90027f9603548cce37b6868b26&nc=true&u=109845722.567bbd90027f9603548cce37b6868b26.1743098361222.1743098361222.1743098361222.1&b=109845722.1.1743098361222&cc=15

firefox.exe

Remote address:

104.16.117.116:443

Request

GET /__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3642202416&v=1.1&a=7140541&rcu=https%3A%2F%2Fcloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&r=https%3A%2F%2Fwww.google.com%2F&pu=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&t=No+Honour+Among+Thieves%3A+Uncovering+a+Trojanized+XWorm+RAT+Builder+Propagated+by+Threat+Actors+and+Disrupting+Its+Operations+%7C+CloudSEK&cts=1743098361224&vi=567bbd90027f9603548cce37b6868b26&nc=true&u=109845722.567bbd90027f9603548cce37b6868b26.1743098361222.1743098361222.1743098361222.1&b=109845722.1.1743098361222&cc=15 HTTP/2.0
host: track.hubspot.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:23 GMT
content-type: image/gif
content-length: 45
cf-ray: 9270c7ffea08ef51-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
x-envoy-upstream-service-time: 9
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-645465b78c-rpzwr
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 93fa6e90-0084-4cf6-ba3a-fb0206b1e7ee
x-request-id: 93fa6e90-0084-4cf6-ba3a-fb0206b1e7ee
x-robots-tag: none
set-cookie: __cf_bm=1WSUbbkRq9UWmX6FpQzu95yVysUbOaPfcjdVY4CZuv0-1743098363-1.0.1.1-YaDA3yczrr7HL_V8LqUSH7gmHDJKQaRjf2gjSmzZY6nDkz.1ZRtaDNsDqaSXk8mnMb72vcrDcVGYbUPLx9dqS8Os.yKJCHpjK6fOqNyBZmQ; path=/; expires=Thu, 27-Mar-25 18:29:23 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfICwXrFpaQpcbDtpxK4L8NL14VIxTXsIUTpM%2F5C7HkzyvVnBvZPTv5HTUe1UijMI8L166pzNA896EL2hc6cuP6xFZ4or1yezRqKxHA9Zmk7l%2BaD1aS7OrRSFa8GeDeiGVZ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=3w4Z2t7IApJ15_ElB2OZVX6bVyDHp2yfHcASTPKH49k-1743098363006-0.0.1.1-604800000; path=/; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
DNS

track.hubspot.com

firefox.exe

Remote address:

8.8.8.8:53

Request

track.hubspot.com

IN A

Response

track.hubspot.com

IN A

104.16.118.116

track.hubspot.com

IN A

104.16.117.116
DNS

c-msn-pme.trafficmanager.net

firefox.exe

Remote address:

8.8.8.8:53

Request

c-msn-pme.trafficmanager.net

IN A

Response

c-msn-pme.trafficmanager.net

IN A

13.74.129.1
GET

https://c.clarity.ms/c.gif

firefox.exe

Remote address:

13.74.129.1:443

Request

GET /c.gif HTTP/2.0
host: c.clarity.ms
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6, i
te: trailers

Response

HTTP/2.0 302

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&RedC=c.clarity.ms&MXFR=0F960B6060D46BCA23001EDC64D465D4
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
set-cookie: MUID=0F960B6060D46BCA23001EDC64D465D4; domain=.clarity.ms; expires=Tue, 21-Apr-2026 17:59:22 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 27 Mar 2025 17:59:22 GMT
content-length: 0
GET

https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&MUID=2154BDE948C56E223D18A85549256FF1

firefox.exe

Remote address:

13.74.129.1:443

Request

GET /c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&MUID=2154BDE948C56E223D18A85549256FF1 HTTP/2.0
host: c.clarity.ms
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6, i
te: trailers

Response

HTTP/2.0 200

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Mon, 17 Mar 2025 17:05:06 GMT
accept-ranges: bytes
etag: "69895dbb5e97db1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 27-Mar-2025 18:09:23 GMT; path=/; SameSite=None; Secure;
date: Thu, 27 Mar 2025 17:59:22 GMT
content-length: 42
DNS

track.hubspot.com

firefox.exe

Remote address:

8.8.8.8:53

Request

track.hubspot.com

IN AAAA

Response

track.hubspot.com

IN AAAA

2606:4700::6810:7674

track.hubspot.com

IN AAAA

2606:4700::6810:7574
DNS

c-msn-pme.trafficmanager.net

firefox.exe

Remote address:

8.8.8.8:53

Request

c-msn-pme.trafficmanager.net

IN AAAA

Response
DNS

c.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

c.bing.com

IN A

Response

c.bing.com

IN CNAME

c-bing-com.ax-0001.ax-msedge.net

c-bing-com.ax-0001.ax-msedge.net

IN CNAME

ax-0001.ax-msedge.net

ax-0001.ax-msedge.net

IN A

150.171.27.10

ax-0001.ax-msedge.net

IN A

150.171.28.10
GET

https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&RedC=c.clarity.ms&MXFR=0F960B6060D46BCA23001EDC64D465D4

firefox.exe

Remote address:

150.171.27.10:443

Request

GET /c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&RedC=c.clarity.ms&MXFR=0F960B6060D46BCA23001EDC64D465D4 HTTP/2.0
host: c.bing.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cloudsek.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6, i
te: trailers

Response

HTTP/2.0 302

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&MUID=2154BDE948C56E223D18A85549256FF1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=2154BDE948C56E223D18A85549256FF1; domain=.bing.com; expires=Tue, 21-Apr-2026 17:59:23 GMT; path=/; SameSite=None; Secure; Priority=High;
set-cookie: MR=0; domain=c.bing.com; expires=Thu, 03-Apr-2025 17:59:23 GMT; path=/; SameSite=None; Secure;
set-cookie: SRM_B=2154BDE948C56E223D18A85549256FF1; domain=c.bing.com; expires=Tue, 21-Apr-2026 17:59:23 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B106351639F848B19EECED5DC4B51E0C Ref B: LON04EDGE1217 Ref C: 2025-03-27T17:59:23Z
date: Thu, 27 Mar 2025 17:59:22 GMT
content-length: 0
DNS

ax-0001.ax-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ax-0001.ax-msedge.net

IN A

Response

ax-0001.ax-msedge.net

IN A

150.171.27.10

ax-0001.ax-msedge.net

IN A

150.171.28.10
DNS

ax-0001.ax-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ax-0001.ax-msedge.net

IN AAAA

Response

ax-0001.ax-msedge.net

IN AAAA

2620:1ec:33:1::10

ax-0001.ax-msedge.net

IN AAAA

2620:1ec:33::10
DNS

any.run

firefox.exe

Remote address:

8.8.8.8:53

Request

any.run

IN A

Response

any.run

IN A

104.22.49.74

any.run

IN A

172.67.20.89

any.run

IN A

104.22.48.74
DNS

any.run

firefox.exe

Remote address:

8.8.8.8:53

Request

any.run

IN A
DNS

any.run

firefox.exe

Remote address:

8.8.8.8:53

Request

any.run

IN A
DNS

any.run

firefox.exe

Remote address:

8.8.8.8:53

Request

any.run

IN A

Response

any.run

IN A

172.67.20.89

any.run

IN A

104.22.49.74

any.run

IN A

104.22.48.74
DNS

any.run

firefox.exe

Remote address:

8.8.8.8:53

Request

any.run

IN AAAA

Response

any.run

IN AAAA

2606:4700:10::ac43:1459

any.run

IN AAAA

2606:4700:10::6816:314a

any.run

IN AAAA

2606:4700:10::6816:304a
DNS

www.joesandbox.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.joesandbox.com

IN A

Response

www.joesandbox.com

IN A

172.67.73.202

www.joesandbox.com

IN A

104.26.11.56

www.joesandbox.com

IN A

104.26.10.56
GET

https://www.joesandbox.com/analysis/801211/0/html

firefox.exe

Remote address:

172.67.73.202:443

Request

GET /analysis/801211/0/html HTTP/2.0
host: www.joesandbox.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
sec-fetch-user: ?1
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:30 GMT
content-type: text/html;charset=UTF-8
x-content-type-options: nosniff
set-cookie: PHPSESSID=49ciejshnldor8ccp7o0b6tk71; path=/; secure; HttpOnly; SameSite=lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-disposition: filename="report-775ff5af83a841cd38d17f0e89850d31.html";
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
server-timing: cfCacheStatus;desc="DYNAMIC"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VuJJywymfbOy0T0lNr06ux4bOlVSD%2F8gWbY1ZcKNuv5twTf4dasZwd14%2FBX1BTstA94tPxpqwce31MjWCGjHrIQlUzzeyFR7Nec6%2F8cnBMdzJQT6z8ClVe2XcgOKBMGfnUtVPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9270c82cea836527-LHR
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=47123&min_rtt=43243&rtt_var=11922&sent=9&recv=10&lost=0&retrans=0&sent_bytes=4011&recv_bytes=2459&delivery_rate=84270&cwnd=244&unsent_bytes=0&cid=12d314b63d982fea&ts=352&x=0"
GET

https://www.joesandbox.com/reportlist?analysisid=801211&run=0

firefox.exe

Remote address:

172.67.73.202:443

Request

GET /reportlist?analysisid=801211&run=0 HTTP/2.0
host: www.joesandbox.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
x-requested-with: XMLHttpRequest
referer: https://www.joesandbox.com/analysis/801211/0/html
cookie: PHPSESSID=49ciejshnldor8ccp7o0b6tk71
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:59:32 GMT
access-control-allow-origin: https://www.joesandbox.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 9270c83dbf9e6527-LHR
x-frame-options: DENY
x-content-type-options: nosniff
POST

https://www.joesandbox.com/cdn-cgi/rum?

firefox.exe

Remote address:

172.67.73.202:443

Request

POST /cdn-cgi/rum? HTTP/2.0
host: www.joesandbox.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
content-type: application/json
content-length: 1429
origin: https://www.joesandbox.com
referer: https://www.joesandbox.com/analysis/801211/0/html
cookie: PHPSESSID=49ciejshnldor8ccp7o0b6tk71
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:33 GMT
content-type: application/json
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'nonce-Vl/1lHlWGXMb+Ph9hPdqUOyx' https://*.joesecurity.org wss://*.joesecurity.org:* https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ wss://www.joesandbox.com:* https://*.getresponse.com https://*.gr-cdn.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com wss://*.google-analytics.com wss://*.analytics.google.com; img-src 'self' data: blob: *; font-src 'self' data:; base-uri 'none'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-Vl/1lHlWGXMb+Ph9hPdqUOyx' https://*.joesecurity.org wss://*.joesecurity.org:* https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ wss://www.joesandbox.com:* https://*.getresponse.com https://*.gr-cdn.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com wss://*.google-analytics.com wss://*.analytics.google.com; style-src 'self' 'unsafe-inline' https://*.joesecurity.org wss://*.joesecurity.org:* https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ wss://www.joesandbox.com:* https://*.getresponse.com https://*.gr-cdn.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com wss://*.google-analytics.com wss://*.analytics.google.com; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'nonce-Vl/1lHlWGXMb+Ph9hPdqUOyx' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-DQkto1YLMojQMpngbn54aQkn4NeSKZVG732Kkk0EDrM=' 'sha256-idFLoxeUxvvEelYRkHv+ecCM1NFDFNjInf1IVOZVrQE=' 'sha256-sA0hymKbXmMTpnYi15KmDw4u6uRdLXqHyoYIaORFtjU=' 'sha256-JxGePvcXojgw6oyM7DjecYGHHYJ+cjx44JPnL40VRP8=' 'sha256-NZLQvdTTZtrktFDkzPeufcUBlW9EwQVrDp/YV7nMphM=' https://*.joesecurity.org wss://*.joesecurity.org:* https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ wss://www.joesandbox.com:* https://*.getresponse.com https://*.gr-cdn.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com wss://*.google-analytics.com wss://*.analytics.google.com; frame-ancestors 'self'; report-uri /reports
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKEAwFtCnqlJxc05oVWNhQHXPVk%2BN4gLPeSNp1bdRQl96GFV%2B4U3oyNJP79ujfgAWA%2FCurJbVFnrnwJcZD39JmlzAJIq8wx8O0qJtF%2Bjacb0Am37JeADnZh6SFxeERRB1wY6sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9270c83d0f226527-LHR
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=101262&min_rtt=43020&rtt_var=14579&sent=3094&recv=844&lost=0&retrans=75&sent_bytes=3893459&recv_bytes=4244&delivery_rate=10190887&cwnd=996&unsent_bytes=0&cid=12d314b63d982fea&ts=3288&x=0"
POST

https://www.joesandbox.com/cdn-cgi/rum?

firefox.exe

Remote address:

172.67.73.202:443

Request

POST /cdn-cgi/rum? HTTP/2.0
host: www.joesandbox.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
content-type: application/json
content-length: 1016
origin: https://www.joesandbox.com
referer: https://www.joesandbox.com/analysis/801211/0/html
cookie: PHPSESSID=49ciejshnldor8ccp7o0b6tk71
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 17:59:46 GMT
access-control-allow-origin: https://www.joesandbox.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 9270c895ca876527-LHR
x-frame-options: DENY
x-content-type-options: nosniff
DNS

www.joesandbox.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.joesandbox.com

IN A

Response

www.joesandbox.com

IN A

172.67.73.202

www.joesandbox.com

IN A

104.26.11.56

www.joesandbox.com

IN A

104.26.10.56
DNS

www.joesandbox.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.joesandbox.com

IN AAAA

Response

www.joesandbox.com

IN AAAA

2606:4700:20::681a:a38

www.joesandbox.com

IN AAAA

2606:4700:20::ac43:49ca

www.joesandbox.com

IN AAAA

2606:4700:20::681a:b38
DNS

static.cloudflareinsights.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.cloudflareinsights.com

IN A

Response

static.cloudflareinsights.com

IN A

104.16.80.73

static.cloudflareinsights.com

IN A

104.16.79.73
GET

https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

firefox.exe

Remote address:

104.16.80.73:443

Request

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/2.0
host: static.cloudflareinsights.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.joesandbox.com
referer: https://www.joesandbox.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 17:59:31 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 9270c834b99f6fac-CDG
content-encoding: gzip
DNS

static.cloudflareinsights.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.cloudflareinsights.com

IN AAAA

Response

static.cloudflareinsights.com

IN AAAA

2606:4700::6810:5049

static.cloudflareinsights.com

IN AAAA

2606:4700::6810:4f49
DNS

www.cyber.nj.gov

firefox.exe

Remote address:

8.8.8.8:53

Request

www.cyber.nj.gov

IN A

Response

www.cyber.nj.gov

IN CNAME

h5sxsjl.x.incapdns.net

h5sxsjl.x.incapdns.net

IN A

45.60.124.188
GET

https://www.cyber.nj.gov/Home/Components/News/News/1586/214

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Home/Components/News/News/1586/214 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
sec-fetch-user: ?1
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
last-modified: Thu, 27 Mar 2025 18:00:04 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
expect-ct: max-age=31536000
last-published: Thu, 06 Feb 2025 15:36:29 GMT
edge-cache-tag: 132CBD79.G,132CBD79.P431,132CBD79.CMENU,132CBD79.CL5-1586,132CBD79.CL2
granicusserver: mse2p-viscmsab6
x-akamai-transformed: 9 - 0 pmb=mRUM,1
content-encoding: gzip
cache-control: public, max-age=86332
expires: Fri, 28 Mar 2025 17:58:57 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf; path=/; secure; HttpOnly; SameSite=Lax
set-cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf; path=/; secure; HttpOnly; SameSite=Lax
set-cookie: ShowTopTips=True; expires=Fri, 28-Mar-2025 14:00:04 GMT; path=/; secure; HttpOnly
set-cookie: ShowTopTipsPublishDate=638454229428400000; expires=Fri, 28-Mar-2025 14:00:04 GMT; path=/; secure; HttpOnly
set-cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1; path=/; HttpOnly
set-cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=; path=/; Httponly; Secure
set-cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca; Path=/; Secure; HTTPOnly
server-timing: cdn-cache; desc=MISS
server-timing: edge; dur=1633
server-timing: origin; dur=692
server-timing: ak_p; desc="1743098402711_34654046_845409724_232509_14209_1_428_-";dur=1
set-cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ; expires=Fri, 27 Mar 2026 15:30:26 GMT; HttpOnly; path=/; Domain=.cyber.nj.gov; Secure; SameSite=None
set-cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa; HttpOnly; path=/; Domain=.cyber.nj.gov; Secure; SameSite=None
set-cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==; path=/; Domain=.cyber.nj.gov; Secure; SameSite=None
x-cdn: Imperva
x-iinfo: 18-98444870-98444910 NNNN CT(1 428 0) RT(1743098401958 193) q(0 0 4 1) r(4 28) U12
GET

https://www.cyber.nj.gov/t-you-stance-Exeunt-had-Hous-Foolength-Cast-be-s

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /t-you-stance-Exeunt-had-Hous-Foolength-Cast-be-s HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

etag: 638757298170593125
last-modified: Fri, 21 Feb 2025 10:16:57 GMT
content-type: text/css
content-length: 17764
content-encoding: br
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:05 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 3228) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/DefaultContent/Default/bootstrap.v3.4.1.min.css

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /DefaultContent/Default/bootstrap.v3.4.1.min.css HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

last-modified: Sat, 23 Nov 2024 06:29:40 GMT
content-type: text/css; charset=utf-8
content-length: 47992
content-encoding: br
cache-control: max-age=150727, public
expires: Sat, 29 Mar 2025 11:52:12 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 3237) q(0 -1 -1 -1) r(1 -1)
GET

https://www.cyber.nj.gov/DefaultContent/Default/StyleBundleDesignTheme.cssbnd?v=VWOqjwtVEIsOlLOO6OsbfgU_dxrQE7HIack0i3iIJJk1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /DefaultContent/Default/StyleBundleDesignTheme.cssbnd?v=VWOqjwtVEIsOlLOO6OsbfgU_dxrQE7HIack0i3iIJJk1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

etag: 638375720980000000
last-modified: Thu, 07 Dec 2023 18:54:58 GMT
content-type: text/css
content-length: 94
content-encoding: br
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:05 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 3250) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

last-modified: Fri, 21 Feb 2025 12:18:31 GMT
content-type: text/javascript; charset=utf-8
content-length: 961455
content-encoding: br
cache-control: max-age=501528, public
expires: Wed, 02 Apr 2025 13:18:53 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-98425425 2CNN RT(1743098401958 3249) q(0 0 0 -1) r(0 0)
GET

https://www.cyber.nj.gov/Areas/Admin/Content/StyleBundleFrontendExtra.cssbnd?v=nqlce7hzdo9LIG8VjJmT54anvfgjYa7U1e0fCFkn8EQ1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Areas/Admin/Content/StyleBundleFrontendExtra.cssbnd?v=nqlce7hzdo9LIG8VjJmT54anvfgjYa7U1e0fCFkn8EQ1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

last-modified: Sat, 23 Nov 2024 06:29:41 GMT
content-type: text/css; charset=utf-8
content-length: 2823
content-encoding: br
cache-control: max-age=501619, public
expires: Wed, 02 Apr 2025 13:20:24 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 3254) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Scripts/ScriptBundleFAllInOne.jsbnd?v=AGE2E_EQyf7VUFEW2Yh6q6KJ-x6Y-_YeIbDneWrbpoo1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Scripts/ScriptBundleFAllInOne.jsbnd?v=AGE2E_EQyf7VUFEW2Yh6q6KJ-x6Y-_YeIbDneWrbpoo1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

last-modified: Sat, 23 Nov 2024 06:29:41 GMT
content-type: text/javascript; charset=utf-8
content-length: 143553
content-encoding: br
cache-control: max-age=27021, public
expires: Fri, 28 Mar 2025 01:30:26 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 3256) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/Main/x-small.css

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/Main/x-small.css HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

last-modified: Sun, 24 Nov 2024 13:43:53 GMT
content-type: text/css; charset=utf-8
content-length: 32901
content-encoding: br
cache-control: max-age=501684, public
expires: Wed, 02 Apr 2025 13:21:29 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 3243) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/home/showcustomcontent?id=42

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /home/showcustomcontent?id=42 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

last-modified: Wed, 08 Jan 2025 08:48:38 GMT
content-type: text/css; charset=utf-8
content-length: 6473
content-encoding: br
cache-control: max-age=458882, public
expires: Wed, 02 Apr 2025 01:28:07 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 3247) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/home/showcustomcontent?id=44

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /home/showcustomcontent?id=44 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

last-modified: Mon, 25 Nov 2024 15:09:11 GMT
content-type: text/css; charset=utf-8
content-length: 1433
content-encoding: br
cache-control: max-age=205321, public
expires: Sun, 30 Mar 2025 03:02:06 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 3352) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/home/showcustomcontent?id=40

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /home/showcustomcontent?id=40 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

last-modified: Sun, 24 Nov 2024 13:43:53 GMT
content-type: text/css; charset=utf-8
content-length: 3274
content-encoding: br
cache-control: max-age=501524, public
expires: Wed, 02 Apr 2025 13:18:49 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 3354) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/DefaultContent/Default/StyleBundleAngularLib.cssbnd?v=sED2Qjf38ysQJYZW_ZvZj-7IGXKm4NOJhdA51oOtG5A1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /DefaultContent/Default/StyleBundleAngularLib.cssbnd?v=sED2Qjf38ysQJYZW_ZvZj-7IGXKm4NOJhdA51oOtG5A1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

content-type: text/javascript
cache-control: max-age=300
content-encoding: gzip
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-origin: *
server-timing: bon, total;dur=12.653189000000001
content-length: 80689
server: bon
date: Thu, 27 Mar 2025 18:00:05 GMT
set-cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb; HttpOnly; path=/; Domain=.cyber.nj.gov; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-98445347 NNNN CT(8 10 0) RT(1743098401958 3223) q(0 0 1 -1) r(1 5)
GET

https://www.cyber.nj.gov/Scripts/ScriptBundleAngularLib.jsbnd?v=51dgUZfnzDnTMyMnsTI1GEUiMZVWRaf1cSj6ZlF2Bbo1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Scripts/ScriptBundleAngularLib.jsbnd?v=51dgUZfnzDnTMyMnsTI1GEUiMZVWRaf1cSj6ZlF2Bbo1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

etag: 42
last-modified: Mon, 02 Dec 2024 16:40:54 GMT
content-type: text/css; charset=utf-8
content-length: 69
content-encoding: br
cache-control: max-age=56651, public
expires: Fri, 28 Mar 2025 09:44:16 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-98437067 2CNN RT(1743098401958 3251) q(0 0 0 -1) r(4 4)
GET

https://www.cyber.nj.gov/Scripts/frontendCoreBundle.jsbnd?v=fQmhOGOi9KlMgWMsmMP1iCReVlw_-Yf6TVYbGAFu6sM1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Scripts/frontendCoreBundle.jsbnd?v=fQmhOGOi9KlMgWMsmMP1iCReVlw_-Yf6TVYbGAFu6sM1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

etag: 44
last-modified: Thu, 16 May 2024 19:18:43 GMT
content-type: text/css; charset=utf-8
content-length: 92
content-encoding: br
cache-control: max-age=14131, public
expires: Thu, 27 Mar 2025 21:55:36 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-98436031 2CNN RT(1743098401958 3252) q(0 0 0 -1) r(4 4)
GET

https://www.cyber.nj.gov/DefaultContent/Default/StyleBundleMegaMenuDropDown.cssbnd?v=CD_eN-fYJU8KKPigt6x-Ey-z8_WTsoZ7bqx2pLTZtXU1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /DefaultContent/Default/StyleBundleMegaMenuDropDown.cssbnd?v=CD_eN-fYJU8KKPigt6x-Ey-z8_WTsoZ7bqx2pLTZtXU1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

etag: 40
last-modified: Thu, 16 May 2024 19:08:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 41
content-encoding: br
cache-control: max-age=65916, public
expires: Fri, 28 Mar 2025 12:18:41 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-98400181 2CNN RT(1743098401958 3253) q(0 0 0 -1) r(4 4)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleMegaMenuDropDown.cssbnd?v=EcKYqIZ_KaJbcwj7SP4gK8x5QUP6OKAmtbMBFLo-Qcg1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/StyleBundleMegaMenuDropDown.cssbnd?v=EcKYqIZ_KaJbcwj7SP4gK8x5QUP6OKAmtbMBFLo-Qcg1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=2
te: trailers

Response

HTTP/2.0 200

last-modified: Fri, 21 Feb 2025 10:53:16 GMT
content-type: text/javascript; charset=utf-8
content-length: 24379
content-encoding: br
cache-control: max-age=516624, public
expires: Wed, 02 Apr 2025 17:30:29 GMT
date: Thu, 27 Mar 2025 18:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-98436875 2CNN RT(1743098401958 3257) q(0 5 5 -1) r(5 5)
GET

https://www.cyber.nj.gov/home/showpublishedimage/434/638332554311470000

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /home/showpublishedimage/434/638332554311470000 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

etag: FE-6F-55-E4-B0-55-4C-1F-6E-B6-9F-9F-6F-A1-FB-8F
last-modified: Wed, 18 Oct 2023 23:50:31 GMT
content-type: image/svg+xml
content-length: 299
content-encoding: br
cache-control: max-age=27024, public
expires: Fri, 28 Mar 2025 01:30:30 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 4353) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/home/showpublishedimage/436/638332554317230000

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /home/showpublishedimage/436/638332554317230000 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

etag: 638375720950000000
last-modified: Thu, 07 Dec 2023 18:54:55 GMT
content-type: text/javascript
content-length: 4990
content-encoding: br
cache-control: max-age=86400, public
expires: Fri, 28 Mar 2025 18:00:06 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0cNN RT(1743098401958 4363) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/home/showpublishedimage/440/638332554328870000

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /home/showpublishedimage/440/638332554328870000 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

etag: BE-CB-CA-39-59-20-85-F1-F3-B2-25-16-FD-47-89-1F
last-modified: Wed, 18 Oct 2023 23:50:31 GMT
content-type: image/svg+xml
content-length: 217
content-encoding: br
cache-control: max-age=27013, public
expires: Fri, 28 Mar 2025 01:30:19 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 4356) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/home/showpublishedimage/442/638332554334970000

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /home/showpublishedimage/442/638332554334970000 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

etag: 638375720960000000
last-modified: Thu, 07 Dec 2023 18:54:56 GMT
content-type: text/javascript
content-length: 1116
content-encoding: br
cache-control: max-age=86400, public
expires: Fri, 28 Mar 2025 18:00:06 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0cNN RT(1743098401958 4365) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/Main/mobile_nav_scripts.js

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/Main/mobile_nav_scripts.js HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

etag: FF-73-40-68-10-AA-2E-5C-0A-FF-E3-46-2A-8D-44-C2
last-modified: Wed, 18 Oct 2023 23:50:32 GMT
content-type: image/svg+xml
content-length: 327
content-encoding: br
cache-control: max-age=26974, public
expires: Fri, 28 Mar 2025 01:29:40 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 4358) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/Main/scripts/zoomEvents.js

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/Main/scripts/zoomEvents.js HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

etag: 8D-32-9D-B6-0E-D4-DD-51-FD-10-7B-9D-86-22-AE-18
last-modified: Wed, 18 Oct 2023 23:50:33 GMT
content-type: image/svg+xml
content-length: 268
content-encoding: br
cache-control: max-age=26988, public
expires: Fri, 28 Mar 2025 01:29:54 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 4360) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/Main/sitelayout_scripts-nj.js

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/Main/sitelayout_scripts-nj.js HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

etag: 638375720960000000
last-modified: Thu, 07 Dec 2023 18:54:56 GMT
content-type: text/javascript
content-length: 2352
content-encoding: br
cache-control: max-age=86400, public
expires: Fri, 28 Mar 2025 18:00:06 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0cNN RT(1743098401958 4366) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Scripts/ScriptBundleVisionFrontend.jsbnd?v=fYuyj89f9MLQYIg98kvnKGAfZZAZTKNL4BxAr6L1Tyk1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Scripts/ScriptBundleVisionFrontend.jsbnd?v=fYuyj89f9MLQYIg98kvnKGAfZZAZTKNL4BxAr6L1Tyk1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

last-modified: Sat, 23 Nov 2024 06:29:42 GMT
content-type: text/javascript; charset=utf-8
content-length: 48067
content-encoding: br
cache-control: max-age=218452, public
expires: Sun, 30 Mar 2025 06:40:58 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 4367) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Scripts/Components/ScriptsFEBundle.jsbnd?v=1GquWamO-1yFawhg-EPdqWJj3BSpuEsyv1Hz5iRvi0M1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Scripts/Components/ScriptsFEBundle.jsbnd?v=1GquWamO-1yFawhg-EPdqWJj3BSpuEsyv1Hz5iRvi0M1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

last-modified: Sat, 23 Nov 2024 06:29:42 GMT
content-type: text/javascript; charset=utf-8
content-length: 8484
content-encoding: br
cache-control: max-age=78066, public
expires: Fri, 28 Mar 2025 15:41:12 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 4369) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/Print.cssbnd?v=jfhfKsMmxQr_xKAfv9Fj6qRlRX7gMoxJTHKVE6DLWuo1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/Print.cssbnd?v=jfhfKsMmxQr_xKAfv9Fj6qRlRX7gMoxJTHKVE6DLWuo1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

last-modified: Sat, 23 Nov 2024 15:11:51 GMT
content-type: text/css; charset=utf-8
content-length: 1769
content-encoding: br
cache-control: max-age=505289, public
expires: Wed, 02 Apr 2025 14:21:35 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 4370) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/DefaultContent/Default/Print.cssbnd?v=-3T1oJ_z89pR7QkdJGfMpghXZyPybqptlohcPz3eK0w1

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /DefaultContent/Default/Print.cssbnd?v=-3T1oJ_z89pR7QkdJGfMpghXZyPybqptlohcPz3eK0w1 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

last-modified: Mon, 25 Nov 2024 15:29:25 GMT
content-type: text/css; charset=utf-8
content-length: 2042
content-encoding: br
cache-control: max-age=530316, public
expires: Wed, 02 Apr 2025 21:18:42 GMT
date: Thu, 27 Mar 2025 18:00:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-98425425 2CNN RT(1743098401958 4372) q(0 0 0 -1) r(0 0)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/alert_arrow.png

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/_gfx/cmn/alert_arrow.png HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638375721160000000
last-modified: Thu, 07 Dec 2023 18:55:16 GMT
content-type: image/png
content-length: 225
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5296) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/logo.png

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/_gfx/cmn/logo.png HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638375721160000000
last-modified: Thu, 07 Dec 2023 18:55:16 GMT
content-type: image/png
content-length: 17198
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5299) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/state-seal.png

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/_gfx/cmn/state-seal.png HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638375721210000000
last-modified: Thu, 07 Dec 2023 18:55:21 GMT
content-type: image/png
content-length: 2243
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5302) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/ui-search.svg

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/_gfx/cmn/ui-search.svg HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638375721210000000
last-modified: Thu, 07 Dec 2023 18:55:21 GMT
content-type: image/svg+xml
content-length: 206
content-encoding: br
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5306) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/ui-button-arrow.svg

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/_gfx/cmn/ui-button-arrow.svg HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638375721210000000
last-modified: Thu, 07 Dec 2023 18:55:21 GMT
content-type: image/svg+xml
content-length: 319
content-encoding: br
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5317) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/servicefinder-dropdown.svg

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/_gfx/cmn/servicefinder-dropdown.svg HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638375721210000000
last-modified: Thu, 07 Dec 2023 18:55:21 GMT
content-type: image/svg+xml
content-length: 229
content-encoding: br
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5320) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/ui-close.svg

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/_gfx/cmn/ui-close.svg HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638375721210000000
last-modified: Thu, 07 Dec 2023 18:55:21 GMT
content-type: image/svg+xml
content-length: 237
content-encoding: br
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5322) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/interior-sidenav-bg.jpg

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/_gfx/cmn/interior-sidenav-bg.jpg HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638459501620000000
last-modified: Wed, 13 Mar 2024 18:09:22 GMT
content-type: image/jpeg
content-length: 395488
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5334) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/DefaultContent/Default/_gfx/int/title_icons.png

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /DefaultContent/Default/_gfx/int/title_icons.png HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/DefaultContent/Default/StyleBundleDesignTheme.cssbnd?v=VWOqjwtVEIsOlLOO6OsbfgU_dxrQE7HIack0i3iIJJk1
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638757298336885194
last-modified: Fri, 21 Feb 2025 10:17:13 GMT
content-type: image/png
content-length: 567
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5338) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/fonts/glyphicons-halflings-regular.woff2

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/fonts/glyphicons-halflings-regular.woff2 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleMegaMenuDropDown.cssbnd?v=EcKYqIZ_KaJbcwj7SP4gK8x5QUP6OKAmtbMBFLo-Qcg1
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

etag: 638375721570000000
last-modified: Thu, 07 Dec 2023 18:55:57 GMT
content-type: application/font-woff2
content-length: 18028
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 5349) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/favicon.ico

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /favicon.ico HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=6
te: trailers

Response

HTTP/2.0 200

etag: 638375720940000000
last-modified: Thu, 07 Dec 2023 18:54:54 GMT
content-type: image/x-icon
content-length: 5222
content-encoding: br
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:07 GMT
date: Thu, 27 Mar 2025 18:00:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 6012) q(0 -1 -1 -1) r(0 -1)
GET

https://www.cyber.nj.gov/Shared/GetFontSizeCookie?_=1743098406156

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Shared/GetFontSizeCookie?_=1743098406156 HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
x-requested-with: XMLHttpRequest
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

cache-control: private
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-xss-protection: 1; mode=block
expect-ct: max-age=31536000
granicusserver: mse2p-viscmsab6
date: Thu, 27 Mar 2025 18:00:13 GMT
server-timing: cdn-cache; desc=MISS
server-timing: edge; dur=896
server-timing: origin; dur=22
server-timing: ak_p; desc="1743098412478_34654046_845413737_91764_15839_0_0_-";dur=1
x-cdn: Imperva
content-encoding: br
x-iinfo: 18-98444870-98444910 PNYN RT(1743098401958 9850) q(0 0 0 -1) r(10 10) U2
POST

https://www.cyber.nj.gov/t-you-stance-Exeunt-had-Hous-Foolength-Cast-be-s?d=www.cyber.nj.gov

firefox.exe

Remote address:

45.60.124.188:443

Request

POST /t-you-stance-Exeunt-had-Hous-Foolength-Cast-be-s?d=www.cyber.nj.gov HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json; charset=utf-8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Home/Components/News/News/1586/214
content-type: text/plain; charset=utf-8
content-length: 24639
origin: https://www.cyber.nj.gov
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=gTnJPkjsfn7i0j9224UReAAAAADTBZ36/6c9PvkmJHv2qEjb
cookie: RT="z=1&dm=www.cyber.nj.gov&si=f3b34f74-9102-4fe1-a05b-779b63091ddb&ss=m8rns5zk&sl=1&tt=4tc&rl=1&ld=a1t"
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

content-type: application/json
cache-control: no-cache, no-store
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-origin: *
server-timing: bon, total;dur=187.789106
server: bon
date: Thu, 27 Mar 2025 18:00:15 GMT
set-cookie: nlbi_1613844_2147483392=VKQ+DvmY2S0spjWA24UReAAAAAB1s/r/OljWAfi0bnLN6Ue/; HttpOnly; path=/; Domain=.cyber.nj.gov; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-encoding: br
x-iinfo: 18-98444870-98445347 PNYN RT(1743098401958 13359) q(0 0 0 -1) r(2 2) U6
GET

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/logo-sticky.png

firefox.exe

Remote address:

45.60.124.188:443

Request

GET /Project/Contents/NJCCIC/_gfx/cmn/logo-sticky.png HTTP/2.0
host: www.cyber.nj.gov
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01
cookie: ASP.NET_SessionId=my4w5kan1viynpzen2wpv3vf
cookie: ShowTopTips=True
cookie: ShowTopTipsPublishDate=638454229428400000
cookie: __RequestVerificationToken=6cpdJt2OlkaAy7KeIzmgqRT_aItz8yNwdC_l-B61cM1dD_MhOh_EdUWecjDfq5c9fptey3DdKKo1MZhLKWKEn4hPaOzAEB3N1GGkxL7D1Sk1
cookie: BIGipServer~AUTO-VISION~visionlive~www.cyber.nj.gov_443=!D7SPoJ9N3VKwJrzI5ZDjarq416UVTlW9jW+XiTprjRdpsowUruTfwyGugh/2RViWrD51pFaOuCuzd6I=
cookie: TS01af151e=0106cf681b4a7bc5a10194fe4fd6687055abfa29d734de02727568dbf30bbcd98f8cee9f7229bc178b29818ee23e3ea0c6626da36cf4f25ef9693da932812c3b878163d8f64cd2d564ab49bc52075fe5b350548def26658ed2131bafcdf0ad401d761f65be4d52fc6f9753a36d2ddd434daa8ce61c66b6ec3cc0e77aff444d5035a05cd25ba83e26ff2548746d8d00d0e04a4ef3ca
cookie: visid_incap_1613844=dcg3Uoa1SGellRXub1VpJCKS5WcAAAAAQUIPAAAAAAB0h6V5ODIYFcNa/tSSrElZ
cookie: nlbi_1613844=i5SlPzIvA39qBpoQ24UReAAAAADrOds4Njyf1cW367olcwMa
cookie: incap_ses_6553_1613844=rlmPJpynyDcBWUu8G+/wWiSS5WcAAAAA84vsgGeqFlmBAGig2UvTVQ==
cookie: nlbi_1613844_2147483392=VKQ+DvmY2S0spjWA24UReAAAAAB1s/r/OljWAfi0bnLN6Ue/
cookie: RT="z=1&dm=www.cyber.nj.gov&si=f3b34f74-9102-4fe1-a05b-779b63091ddb&ss=m8rns5zk&sl=1&tt=4tc&rl=1&ld=a1t"
cookie: reese84=3:EMWpbGpi8QTjou7AFk64vQ==:lYa4LHvZgwkKrJ7vghDZH2gj6bUIDJtDclCpMttwFCaFjC4USes0vJy3FyKW3sCHSxQRDp0EuhmG0sPh/BYs6AQ4cXqYzpllsmL7KfqwNQoSHQYbDfu98AQm9bauuJ2T/UyWDMnemgEt//LhQBp1F+DXlsDaAI2MM0D9DajJelw8HGci7baZyqJ4dAcCHxY7bVvGEQurNTbdwVQjf5un+bPORyGSGYSbnMvNrUfzrzieWsLzCPlinVT5mmKrmyCBu/T1q03jbz8g50mRQbNANJBSX1ksjNsxuzJCa/BZURPYotJ+sU1NebtqIHySAsbbaAN1Huv0AdfCLFs/t0psyDk8XCeRPPPfUFGy1yeCxpypEGY2vvy6LlY3yrocqwLuIK3Gx6tUMMJtjazSdpCig1bNLdSA9DBCRyhwhh5JmZ0OdA3nN4uIEwJxi+J7e+Bc9kqdBvF/Eq/1fODDUgltOAcTbXONGaFpqJ9gV5aFcnc=:L6Va8tHI+RqivP0pFxzh61lGkMey0m8u0pcUv5L62n4=
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

etag: 638375721160000000
last-modified: Thu, 07 Dec 2023 18:55:16 GMT
content-type: image/png
content-length: 11875
cache-control: max-age=604800, public
expires: Thu, 03 Apr 2025 18:00:31 GMT
date: Thu, 27 Mar 2025 18:00:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 18-98444870-0 0CNN RT(1743098401958 29461) q(0 -1 -1 -1) r(0 -1)
DNS

h5sxsjl.x.incapdns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

h5sxsjl.x.incapdns.net

IN A

Response

h5sxsjl.x.incapdns.net

IN A

45.60.124.188
DNS

h5sxsjl.x.incapdns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

h5sxsjl.x.incapdns.net

IN AAAA

Response
DNS

h5sxsjl.x.incapdns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

h5sxsjl.x.incapdns.net

IN AAAA
DNS

h5sxsjl.x.incapdns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

h5sxsjl.x.incapdns.net

IN AAAA
DNS

t.me

firefox.exe

Remote address:

8.8.8.8:53

Request

t.me

IN A

Response

t.me

IN A

149.154.167.99
GET

https://t.me/+WZWpIEXeQbhmNjYy

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /+WZWpIEXeQbhmNjYy HTTP/2.0
host: t.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:04 GMT
content-type: text/html; charset=utf-8
content-length: 4050
set-cookie: stel_ssid=4f5f078cd0af5c10b4_3465177773528166672; expires=Fri, 28 Mar 2025 18:00:04 GMT; path=/; samesite=None; secure; HttpOnly
pragma: no-cache
cache-control: no-store
x-frame-options: ALLOW-FROM https://web.telegram.org
content-security-policy: frame-ancestors https://web.telegram.org
content-encoding: gzip
strict-transport-security: max-age=35768000
DNS

t.me

firefox.exe

Remote address:

8.8.8.8:53

Request

t.me

IN AAAA

Response

t.me

IN AAAA

2001:67c:4e8:f004::9
DNS

telegram.org

firefox.exe

Remote address:

8.8.8.8:53

Request

telegram.org

IN A

Response

telegram.org

IN A

149.154.167.99
GET

https://telegram.org/css/font-roboto.css?1

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /css/font-roboto.css?1 HTTP/2.0
host: telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://t.me/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:05 GMT
content-type: text/css
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
etag: W/"63512b7d-1816"
expires: Mon, 31 Mar 2025 18:00:05 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
GET

https://telegram.org/js/tgwallpaper.min.js?3

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /js/tgwallpaper.min.js?3 HTTP/2.0
host: telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://t.me/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:05 GMT
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
etag: W/"62211da5-ba3"
expires: Mon, 31 Mar 2025 18:00:05 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
GET

https://telegram.org/css/bootstrap.min.css?3

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /css/bootstrap.min.css?3 HTTP/2.0
host: telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://t.me/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:05 GMT
content-type: text/css
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
etag: W/"5a05e7c6-a61b"
expires: Mon, 31 Mar 2025 18:00:05 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
GET

https://telegram.org/css/telegram.css?244

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /css/telegram.css?244 HTTP/2.0
host: telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://t.me/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=2
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:05 GMT
content-type: text/css
last-modified: Thu, 23 Jan 2025 23:18:00 GMT
etag: W/"6792ce28-1d5de"
expires: Mon, 31 Mar 2025 18:00:05 GMT
cache-control: max-age=345600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
GET

https://telegram.org/img/tgme/pattern.svg?1

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /img/tgme/pattern.svg?1 HTTP/2.0
host: telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://telegram.org/css/telegram.css?244
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=4, i
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:05 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Jan 2023 17:52:04 GMT
etag: W/"63b70e44-3891a"
expires: Mon, 31 Mar 2025 18:00:05 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
GET

https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/2.0
host: telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://t.me
referer: https://telegram.org/css/font-roboto.css?1
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:05 GMT
content-type: application/octet-stream
content-length: 11028
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
etag: "63512b7d-2b14"
expires: Mon, 31 Mar 2025 18:00:05 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
GET

https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/2.0
host: telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://t.me
referer: https://telegram.org/css/font-roboto.css?1
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:05 GMT
content-type: application/octet-stream
content-length: 11040
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
etag: "63512b7d-2b20"
expires: Mon, 31 Mar 2025 18:00:05 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
GET

https://telegram.org/img/apple-touch-icon.png

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /img/apple-touch-icon.png HTTP/2.0
host: telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://t.me/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:05 GMT
content-type: image/png
content-length: 5644
last-modified: Thu, 21 Apr 2022 13:47:47 GMT
etag: "62616083-160c"
expires: Mon, 31 Mar 2025 18:00:05 GMT
cache-control: max-age=345600
access-control-allow-origin: *
accept-ranges: bytes
GET

https://telegram.org/img/website_icon.svg?4

firefox.exe

Remote address:

149.154.167.99:443

Request

GET /img/website_icon.svg?4 HTTP/2.0
host: telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://t.me/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=6
te: trailers

Response

HTTP/2.0 200

server: nginx/1.18.0
date: Thu, 27 Mar 2025 18:00:05 GMT
content-type: image/svg+xml
last-modified: Mon, 20 Jul 2020 20:41:37 GMT
etag: W/"5f160181-768"
expires: Mon, 31 Mar 2025 18:00:05 GMT
cache-control: max-age=345600
access-control-allow-origin: *
content-encoding: gzip
DNS

telegram.org

firefox.exe

Remote address:

8.8.8.8:53

Request

telegram.org

IN A

Response

telegram.org

IN A

149.154.167.99
DNS

cdn4.cdn-telegram.org

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn4.cdn-telegram.org

IN A

Response

cdn4.cdn-telegram.org

IN A

34.111.35.152
GET

https://cdn4.cdn-telegram.org/file/dnh9gEvP9D-DlSLh-qlogIyLGOT2Ke_kj0RgjuwWLBrp-RRLR-5RSgPAitbLLWcd38kPC3YlMCZrSQzTElMqvOduqC2_hXWUJMiD9PB7jWUlK_ffef1cFqXccUgmZTToULPPMBgMngSELt7zVaI7odwxwXa7ObuXdjnpdBq65kERy-HWtNM9GlsGdetT5MXDQ2l6pgdFxHqRYQNU9lBg5lOP6Zm2dCzo9eINhHnUwX8fuNcteQb8PqDyQ_jHkdc_t65qoPUcudaHo-kK_yJ0bwW8KXwFQMiBKxNUY3wN54q-m0wOrhBwr7VEJ3v2lY82Z7f0QTjIe856AkdfcDCFLg.jpg

firefox.exe

Remote address:

34.111.35.152:443

Request

GET /file/dnh9gEvP9D-DlSLh-qlogIyLGOT2Ke_kj0RgjuwWLBrp-RRLR-5RSgPAitbLLWcd38kPC3YlMCZrSQzTElMqvOduqC2_hXWUJMiD9PB7jWUlK_ffef1cFqXccUgmZTToULPPMBgMngSELt7zVaI7odwxwXa7ObuXdjnpdBq65kERy-HWtNM9GlsGdetT5MXDQ2l6pgdFxHqRYQNU9lBg5lOP6Zm2dCzo9eINhHnUwX8fuNcteQb8PqDyQ_jHkdc_t65qoPUcudaHo-kK_yJ0bwW8KXwFQMiBKxNUY3wN54q-m0wOrhBwr7VEJ3v2lY82Z7f0QTjIe856AkdfcDCFLg.jpg HTTP/2.0
host: cdn4.cdn-telegram.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://t.me/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=5, i
te: trailers
DNS

telegram.org

firefox.exe

Remote address:

8.8.8.8:53

Request

telegram.org

IN AAAA

Response

telegram.org

IN AAAA

2001:67c:4e8:f004::9
DNS

cdn4.cdn-telegram.org

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn4.cdn-telegram.org

IN AAAA

Response
DNS

s.go-mpulse.net

firefox.exe

Remote address:

8.8.8.8:53

Request

s.go-mpulse.net

IN A

Response

s.go-mpulse.net

IN CNAME

ip46.go-mpulse.net.edgekey.net

ip46.go-mpulse.net.edgekey.net

IN CNAME

e4518.dscx.akamaiedge.net

e4518.dscx.akamaiedge.net

IN A

95.100.244.132
GET

https://s.go-mpulse.net/boomerang/4XEJ8-NY6J4-UX99W-8JVHF-G6LEN

firefox.exe

Remote address:

95.100.244.132:443

Request

GET /boomerang/4XEJ8-NY6J4-UX99W-8JVHF-G6LEN HTTP/2.0
host: s.go-mpulse.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.cyber.nj.gov/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
priority: u=1
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Sun, 16 Jun 2024 04:21:29 GMT
timing-allow-origin: *
vary: Accept-Encoding
content-length: 50393
date: Thu, 27 Mar 2025 18:00:07 GMT
DNS

e4518.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e4518.dscx.akamaiedge.net

IN A

Response

e4518.dscx.akamaiedge.net

IN A

95.100.244.132
DNS

e4518.dscx.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e4518.dscx.akamaiedge.net

IN AAAA

Response

e4518.dscx.akamaiedge.net

IN AAAA

2a02:26f0:fd00:d90::11a6

e4518.dscx.akamaiedge.net

IN AAAA

2a02:26f0:fd00:da1::11a6

e4518.dscx.akamaiedge.net

IN AAAA

2a02:26f0:fd00:d9c::11a6
DNS

c.go-mpulse.net

firefox.exe

Remote address:

8.8.8.8:53

Request

c.go-mpulse.net

IN A

Response

c.go-mpulse.net

IN CNAME

wildcard46.go-mpulse.net.edgekey.net

wildcard46.go-mpulse.net.edgekey.net

IN CNAME

e4518.dscapi7.akamaiedge.net

e4518.dscapi7.akamaiedge.net

IN A

2.18.84.142
DNS

e4518.dscapi7.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e4518.dscapi7.akamaiedge.net

IN A

Response

e4518.dscapi7.akamaiedge.net

IN A

2.18.84.142
GET

https://c.go-mpulse.net/api/config.json?key=4XEJ8-NY6J4-UX99W-8JVHF-G6LEN&d=www.cyber.nj.gov&t=5810328&v=1.720.0&sl=0&si=f3b34f74-9102-4fe1-a05b-779b63091ddb-stsnc1&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=671595

firefox.exe

Remote address:

2.18.84.142:443

Request

GET /api/config.json?key=4XEJ8-NY6J4-UX99W-8JVHF-G6LEN&d=www.cyber.nj.gov&t=5810328&v=1.720.0&sl=0&si=f3b34f74-9102-4fe1-a05b-779b63091ddb-stsnc1&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=671595 HTTP/2.0
host: c.go-mpulse.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
origin: https://www.cyber.nj.gov
referer: https://www.cyber.nj.gov/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: *
cache-control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
content-length: 51
date: Thu, 27 Mar 2025 18:00:13 GMT
alt-svc: h3=":443"; ma=93600
content-type: application/json
DNS

e4518.dscapi7.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e4518.dscapi7.akamaiedge.net

IN AAAA

Response

e4518.dscapi7.akamaiedge.net

IN AAAA

2a02:26f0:1c80:2af::11a6

e4518.dscapi7.akamaiedge.net

IN AAAA

2a02:26f0:1c80:2bd::11a6
DNS

www.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

172.217.169.36
DNS

play.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

216.58.204.78
DNS

play.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

216.58.204.78
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
if-none-match: W/"ec34e07da29646b51b76b76a14fe021a"
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:44 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"93feeebdf129372bb98e49561e68e499"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: 0971:2C8182:B49F2A:DCC2E7:67E5924C
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/latest-commit/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/latest-commit/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
if-none-match: W/"6f77cfd8503da0743473118f7ac05966"
priority: u=4
te: trailers

Response

HTTP/2.0 304

date: Thu, 27 Mar 2025 18:00:46 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"57dd3ff551f8b3d10b3856a048bab63c"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: 0971:2C8182:B4A02D:DCC412:67E5924E
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/tree-commit-info/main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/tree-commit-info/main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
if-none-match: W/"55c8eec8e2f6cffeda3bb4db925ed4e0"
priority: u=4
te: trailers

Response

HTTP/2.0 304

date: Thu, 27 Mar 2025 18:00:46 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"6f77cfd8503da0743473118f7ac05966"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: 0971:2C8182:B4A02C:DCC40F:67E5924C
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/branch-and-tag-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/branch-and-tag-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
if-none-match: W/"57dd3ff551f8b3d10b3856a048bab63c"
priority: u=4
te: trailers

Response

HTTP/2.0 304

date: Thu, 27 Mar 2025 18:00:46 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"55c8eec8e2f6cffeda3bb4db925ed4e0"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: 0971:2C8182:B4A02C:DCC410:67E5924E
GET

https://github.com/lexisxs/njRAT-All-Versions

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /lexisxs/njRAT-All-Versions HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://www.google.com/
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:47 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"9998dec0e02fe8e66c8b5fedaa57be9b"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: 0971:2C8182:B4A09F:DCC4A2:67E5924E
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/security/overall-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/security/overall-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:47 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 0971:2C8182:B4A110:DCC51C:67E5924F
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/hovercards/citation/sidebar_partial?tree_name=main

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/hovercards/citation/sidebar_partial?tree_name=main HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:47 GMT
content-type: text/plain; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
accept-ranges: bytes
x-github-request-id: 0971:2C8182:B4A110:DCC51D:67E5924F
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/used_by_list

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/used_by_list HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 404

date: Thu, 27 Mar 2025 18:00:47 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
server: github.com
x-github-request-id: 0971:2C8182:B4A138:DCC54D:67E5924F
GET

https://github.com/De-eloper/Image-Storage/raw/main/allrats.gif

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /De-eloper/Image-Storage/raw/main/allrats.gif HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 404

date: Thu, 27 Mar 2025 18:00:47 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
server: github.com
x-github-request-id: 0971:2C8182:B4A139:DCC54F:67E5924F
GET

https://github.com/De-eloper/Image-Storage/raw/main/danger.jpg

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /De-eloper/Image-Storage/raw/main/danger.jpg HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 404

date: Thu, 27 Mar 2025 18:00:47 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
server: github.com
content-length: 124533
x-github-request-id: 0971:2C8182:B4A1BC:DCC5EF:67E5924F
GET

https://github.com/De-eloper/Image-Storage/raw/main/allrats.gif

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /De-eloper/Image-Storage/raw/main/allrats.gif HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 404

date: Thu, 27 Mar 2025 18:00:47 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
server: github.com
content-length: 124545
x-github-request-id: 0971:2C8182:B4A1BE:DCC5F0:67E59250
GET

https://github.com/De-eloper/Image-Storage/raw/main/danger.jpg

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /De-eloper/Image-Storage/raw/main/danger.jpg HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 404

date: Thu, 27 Mar 2025 18:00:47 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
server: github.com
content-length: 124533
x-github-request-id: 0971:2C8182:B4A1E2:DCC61B:67E59250
GET

https://github.com/De-eloper/Image-Storage/raw/main/allrats.gif

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /De-eloper/Image-Storage/raw/main/allrats.gif HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:49 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"390276837002da81b24123cd73818ecf"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 85
x-github-request-id: 0971:2C8182:B4A245:DCC68E:67E59250
GET

https://github.com/lexisxs/njRAT-All-Versions/latest-commit/master

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /lexisxs/njRAT-All-Versions/latest-commit/master HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:49 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"2db3556a3b84a7e0d38af36400df6b42"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 454
x-github-request-id: 0971:2C8182:B4A245:DCC68D:67E59250
GET

https://github.com/lexisxs/njRAT-All-Versions/refs?type=branch

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /lexisxs/njRAT-All-Versions/refs?type=branch HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:49 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"32d51217b3c21d6242ea4847af3b24a9"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 165
x-github-request-id: 0971:2C8182:B4A246:DCC690:67E59250
GET

https://github.com/lexisxs/njRAT-All-Versions/branch-infobar/master

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /lexisxs/njRAT-All-Versions/branch-infobar/master HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:49 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"2ac58d1b16c51bed0f7d29846ada3939"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 53
x-github-request-id: 0971:2C8182:B4A249:DCC695:67E59250
GET

https://github.com/lexisxs/njRAT-All-Versions/tree-commit-info/master

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /lexisxs/njRAT-All-Versions/tree-commit-info/master HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:49 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
etag: W/"5b9cc03f29d6bfb2ae9fc1e25ea5593a"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
content-length: 2351
x-github-request-id: 0971:2C8182:B4A246:DCC691:67E59250
GET

https://github.com/lexisxs/njRAT-All-Versions/branch-and-tag-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /lexisxs/njRAT-All-Versions/branch-and-tag-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: application/json
github-verified-fetch: true
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 404

date: Thu, 27 Mar 2025 18:00:47 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
server: github.com
content-length: 124533
x-github-request-id: 0971:2C8182:B4A2CF:DCC727:67E59250
GET

https://github.com/De-eloper/Image-Storage/raw/main/allrats.gif

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /De-eloper/Image-Storage/raw/main/allrats.gif HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
priority: u=5, i
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:50 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 0971:2C8182:B4A337:DCC7A2:67E59252
GET

https://github.com/lexisxs/njRAT-All-Versions/security/overall-count

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /lexisxs/njRAT-All-Versions/security/overall-count HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/fragment+html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:50 GMT
content-type: text/fragment+html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
accept-ranges: bytes
x-github-request-id: 0971:2C8182:B4A337:DCC7A1:67E59251
GET

https://github.com/lexisxs/njRAT-All-Versions/hovercards/citation/sidebar_partial?tree_name=master

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /lexisxs/njRAT-All-Versions/hovercards/citation/sidebar_partial?tree_name=master HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
x-requested-with: XMLHttpRequest
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
priority: u=4
te: trailers

Response

HTTP/2.0 302

date: Thu, 27 Mar 2025 18:00:53 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
location: https://codeload.github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/zip/refs/heads/main
cache-control: max-age=0, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 0971:2C8182:B4A575:DCCA6E:67E59252
GET

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/archive/refs/heads/main.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/archive/refs/heads/main.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-origin
sec-fetch-user: ?1
priority: u=0, i
te: trailers

Response

HTTP/2.0 302

date: Thu, 27 Mar 2025 18:01:03 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
location: https://codeload.github.com/lexisxs/njRAT-All-Versions/zip/refs/heads/master
cache-control: max-age=0, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 0971:2C8182:B4ABC0:DCD1F8:67E59255
GET

https://github.com/lexisxs/njRAT-All-Versions/archive/refs/heads/master.zip

firefox.exe

Remote address:

20.26.156.215:443

Request

GET /lexisxs/njRAT-All-Versions/archive/refs/heads/master.zip HTTP/2.0
host: github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
cookie: _gh_sess=ucPzVxE0aNbNFPj1HekigVGAE%2FQpuNslxZGE5TQdDrm2XwEa7g0V4VoJs6pD3JZuj%2FUSKSTQo9Kf8nw7sZx7JL0FtdHaZatg4QyflE31dgl86Fp%2F5s6vZuu3e9%2BxXd%2BOWJRCV2N6XS8qkmyw%2BT5BDOT8BrCxo9XXke4wttO5lWwRTXDXs4H%2BjLb8pBCiCzy4su5wbSdL4qHEz7qvkAT3umRcYgMAVggfB%2Fz8gcekP9POsnIzYBV2DsTYi5%2Br3B99EgQ%2BGfGOYR2jWppJFPUCwg%3D%3D--3%2BEA5qax4hPHEYfN--4m%2BAUmhAM26gyOERS%2FBh6Q%3D%3D
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-origin
sec-fetch-user: ?1
priority: u=0, i
te: trailers
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
DNS

github-cloud.s3.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

52.217.126.137

s3-w.us-east-1.amazonaws.com

IN A

16.15.200.72

s3-w.us-east-1.amazonaws.com

IN A

52.216.107.124

s3-w.us-east-1.amazonaws.com

IN A

52.216.29.156

s3-w.us-east-1.amazonaws.com

IN A

52.217.199.89

s3-w.us-east-1.amazonaws.com

IN A

3.5.21.80

s3-w.us-east-1.amazonaws.com

IN A

3.5.28.92

s3-w.us-east-1.amazonaws.com

IN A

3.5.21.172
DNS

s3-w.us-east-1.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

s3-w.us-east-1.amazonaws.com

IN A

Response

s3-w.us-east-1.amazonaws.com

IN A

54.231.203.9

s3-w.us-east-1.amazonaws.com

IN A

52.217.33.188

s3-w.us-east-1.amazonaws.com

IN A

52.217.94.12

s3-w.us-east-1.amazonaws.com

IN A

52.216.186.203

s3-w.us-east-1.amazonaws.com

IN A

16.15.201.127

s3-w.us-east-1.amazonaws.com

IN A

52.217.228.73

s3-w.us-east-1.amazonaws.com

IN A

52.216.137.116

s3-w.us-east-1.amazonaws.com

IN A

3.5.28.239
DNS

s3-w.us-east-1.amazonaws.com

firefox.exe

Remote address:

8.8.8.8:53

Request

s3-w.us-east-1.amazonaws.com

IN AAAA

Response
DNS

collector.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.114.22
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.113.22
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.114.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: text/plain;charset=UTF-8
content-length: 1076
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:46 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002215
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6605:14D41:1B252E4:2048137:67E5924E
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.114.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: text/plain;charset=UTF-8
content-length: 2638
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:48 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002796
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6605:14D41:1B25800:204875E:67E5924E
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.114.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: text/plain;charset=UTF-8
content-length: 1122
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:49 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002041
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6605:14D41:1B2596C:204892E:67E59250
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.114.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: text/plain;charset=UTF-8
content-length: 1127
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:49 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002595
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6605:14D41:1B25B0F:2048B23:67E59251
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.114.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: text/plain;charset=UTF-8
content-length: 1149
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:50 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002888
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6605:14D41:1B25BF3:2048C3D:67E59251
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.114.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: text/plain;charset=UTF-8
content-length: 1247
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:53 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003133
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6605:14D41:1B26522:20497B7:67E59252
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.114.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: text/plain;charset=UTF-8
content-length: 2684
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:54 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002664
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6605:14D41:1B26713:20499E0:67E59255
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.114.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: text/plain;charset=UTF-8
content-length: 1195
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:00:59 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003804
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6605:14D41:1B273C7:204A91F:67E59256
POST

https://collector.github.com/github/collect

firefox.exe

Remote address:

140.82.114.22:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: text/plain;charset=UTF-8
content-length: 1274
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 204

date: Thu, 27 Mar 2025 18:01:03 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003043
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: 6605:14D41:1B27E37:204B5C4:67E5925B
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
content-type: text/plain;charset=UTF-8
content-length: 328
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:48 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1743102048
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: F91B:163A18:753A82:940072:67E59250
POST

https://api.github.com/_private/browser/stats

firefox.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
content-type: text/plain;charset=UTF-8
content-length: 1177
origin: https://github.com
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: same-site
priority: u=6
te: trailers

Response

HTTP/2.0 200

date: Thu, 27 Mar 2025 18:00:53 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1743102053
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: F91B:163A18:753C6E:9402CD:67E59250
DNS

api.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN AAAA

Response
DNS

github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

github.com

IN AAAA

Response
DNS

codeload.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

codeload.github.com

IN A

Response

codeload.github.com

IN A

20.26.156.216
DNS

codeload.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

codeload.github.com

IN AAAA

Response
GET

https://codeload.github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/zip/refs/heads/main

firefox.exe

Remote address:

20.26.156.216:443

Request

GET /Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/zip/refs/heads/main HTTP/2.0
host: codeload.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-site
sec-fetch-user: ?1
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: https://render.githubusercontent.com
content-disposition: attachment; filename=SOURCE-CODE-njRAT-0.7d-Horror-Edition-main.zip
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
cross-origin-resource-policy: cross-origin
etag: W/"70aca620c86a2bec13b2fba87b248a81c17811a6677678d98c4131abf3b8eaf6"
strict-transport-security: max-age=31536000
vary: Authorization,Accept-Encoding,Origin
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
date: Thu, 27 Mar 2025 18:00:54 GMT
x-github-request-id: A805:3AD4B:4BB6F:E3153:67E59255
GET

https://codeload.github.com/lexisxs/njRAT-All-Versions/zip/refs/heads/master

firefox.exe

Remote address:

20.26.156.216:443

Request

GET /lexisxs/njRAT-All-Versions/zip/refs/heads/master HTTP/2.0
host: codeload.github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
referer: https://github.com/lexisxs/njRAT-All-Versions
cookie: _octo=GH1.1.683991019.1743098249
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: same-site
sec-fetch-user: ?1
priority: u=0, i
te: trailers

Response

HTTP/2.0 200

access-control-allow-origin: https://render.githubusercontent.com
content-disposition: attachment; filename=njRAT-All-Versions-master.zip
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
cross-origin-resource-policy: cross-origin
etag: W/"e2bed281272ac45e2329c68692d42e8ee1bf55faa1ae19efc487da5715ca0c78"
strict-transport-security: max-age=31536000
vary: Authorization,Accept-Encoding,Origin
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
date: Thu, 27 Mar 2025 18:01:03 GMT
x-github-request-id: A805:3AD4B:4BB89:E31AD:67E5925C
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN A

Response

glb-db52c2cf8be544.github.com

IN A

140.82.112.21
DNS

glb-db52c2cf8be544.github.com

firefox.exe

Remote address:

8.8.8.8:53

Request

glb-db52c2cf8be544.github.com

IN AAAA

Response
DNS

pastebin.com

CobianRAT v1.0.40.7.exe

Remote address:

8.8.8.8:53

Request

pastebin.com

IN A

Response

pastebin.com

IN A

104.20.4.235

pastebin.com

IN A

172.67.19.24

pastebin.com

IN A

104.20.3.235
DNS

pastebin.com

CobianRAT v1.0.40.7.exe

Remote address:

8.8.8.8:53

Request

pastebin.com

IN A
GET

http://pastebin.com/raw/0WjUtaep

CobianRAT v1.0.40.7.exe

Remote address:

104.20.4.235:80

Request

GET /raw/0WjUtaep HTTP/1.1
Host: pastebin.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 27 Mar 2025 18:05:58 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 27 Mar 2025 19:05:58 GMT
Location: https://pastebin.com/raw/0WjUtaep
Server: cloudflare
CF-RAY: 9270d1a8aa24889d-LHR
GET

http://pastebin.com/raw/G22qkgYa

CobianRAT v1.0.40.7.exe

Remote address:

104.20.4.235:80

Request

GET /raw/G22qkgYa HTTP/1.1
Host: pastebin.com

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 27 Mar 2025 18:05:58 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 27 Mar 2025 19:05:58 GMT
Location: https://pastebin.com/raw/G22qkgYa
Server: cloudflare
CF-RAY: 9270d1ab6b6f889d-LHR
GET

http://pastebin.com/raw/0WjUtaep

CobianRAT v1.0.40.7.exe

Remote address:

104.20.4.235:80

Request

GET /raw/0WjUtaep HTTP/1.1
Host: pastebin.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 27 Mar 2025 18:05:58 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 27 Mar 2025 19:05:58 GMT
Location: https://pastebin.com/raw/0WjUtaep
Server: cloudflare
CF-RAY: 9270d1a8a98fbedd-LHR
GET

http://pastebin.com/raw/G22qkgYa

CobianRAT v1.0.40.7.exe

Remote address:

104.20.4.235:80

Request

GET /raw/G22qkgYa HTTP/1.1
Host: pastebin.com

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 27 Mar 2025 18:05:58 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 27 Mar 2025 19:05:58 GMT
Location: https://pastebin.com/raw/G22qkgYa
Server: cloudflare
CF-RAY: 9270d1ab6ce8bedd-LHR
GET

https://pastebin.com/raw/0WjUtaep

CobianRAT v1.0.40.7.exe

Remote address:

104.20.4.235:443

Request

GET /raw/0WjUtaep HTTP/1.1
Host: pastebin.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Date: Thu, 27 Mar 2025 18:05:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-frame-options: DENY
x-frame-options: DENY
x-content-type-options: nosniff
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
x-xss-protection: 1;mode=block
cache-control: public, max-age=1801
CF-Cache-Status: HIT
Age: 0
Server: cloudflare
CF-RAY: 9270d1aa0f9f946d-LHR
GET

https://pastebin.com/raw/G22qkgYa

CobianRAT v1.0.40.7.exe

Remote address:

104.20.4.235:443

Request

GET /raw/G22qkgYa HTTP/1.1
Host: pastebin.com

Response

HTTP/1.1 404 Not Found

Date: Thu, 27 Mar 2025 18:05:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-frame-options: DENY
x-frame-options: DENY
x-content-type-options: nosniff
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
x-xss-protection: 1;mode=block
cache-control: public, max-age=1801
CF-Cache-Status: EXPIRED
Server: cloudflare
CF-RAY: 9270d1abba58946d-LHR
GET

https://pastebin.com/raw/0WjUtaep

CobianRAT v1.0.40.7.exe

Remote address:

104.20.4.235:443

Request

GET /raw/0WjUtaep HTTP/1.1
Host: pastebin.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Date: Thu, 27 Mar 2025 18:05:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-frame-options: DENY
x-frame-options: DENY
x-content-type-options: nosniff
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
x-xss-protection: 1;mode=block
cache-control: public, max-age=1801
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 9270d1aa0d1794cd-LHR
GET

https://pastebin.com/raw/G22qkgYa

CobianRAT v1.0.40.7.exe

Remote address:

104.20.4.235:443

Request

GET /raw/G22qkgYa HTTP/1.1
Host: pastebin.com

Response

HTTP/1.1 404 Not Found

Date: Thu, 27 Mar 2025 18:05:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-frame-options: DENY
x-frame-options: DENY
x-content-type-options: nosniff
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
x-xss-protection: 1;mode=block
cache-control: public, max-age=1801
CF-Cache-Status: EXPIRED
Server: cloudflare
CF-RAY: 9270d1abbf1d94cd-LHR
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:c47c::
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

firefox-settings-attachments.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox-settings-attachments.cdn.mozilla.net

IN A

Response

firefox-settings-attachments.cdn.mozilla.net

IN CNAME

attachments.prod.remote-settings.prod.webservices.mozgcp.net

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.107.152.202
GET

https://firefox-settings-attachments.cdn.mozilla.net/bundles/security-state--intermediates.zip

firefox.exe

Remote address:

34.107.152.202:443

Request

GET /bundles/security-state--intermediates.zip HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br, zstd
te: trailers
DNS

attachments.prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:712f::

172.165.61.93:443

https://checkappexec.microsoft.com/windows/shell/actions

tls, http2

3.2kB
9.7kB
23
18

HTTP Request

POST https://checkappexec.microsoft.com/windows/shell/actions

HTTP Response

200
127.0.0.1:49875

firefox.exe
127.0.0.1:49888

firefox.exe
34.107.221.82:80

http://detectportal.firefox.com/success.txt?ipv4

http

firefox.exe

1.1kB
960 B
17
15

HTTP Request

GET http://detectportal.firefox.com/success.txt?ipv4

HTTP Response

200
172.217.169.36:443

https://www.google.com/search?client=firefox-b-d&channel=entpr&q=njrat+blood+editcohe

tls, http2

firefox.exe

3.6kB
51.0kB
23
48

HTTP Request

GET https://www.google.com/search?client=firefox-b-d&channel=entpr&q=njrat+blood+editcohe
142.250.200.49:443

csp.withgoogle.com

firefox.exe

52 B
1
142.250.200.49:443

https://csp.withgoogle.com/csp/gws/fff

tls, http2

firefox.exe

5.6kB
9.5kB
21
27

HTTP Request

POST https://csp.withgoogle.com/csp/gws/fff

HTTP Request

POST https://csp.withgoogle.com/csp/gws/fff
216.58.204.78:443

https://play.google.com/log?format=json&hasfast=true

tls, http2

firefox.exe

3.9kB
9.9kB
18
24

HTTP Request

POST https://play.google.com/log?format=json&hasfast=true
216.58.204.78:443

https://play.google.com/log?format=json&hasfast=true

tls, http2

firefox.exe

3.6kB
9.7kB
21
22

HTTP Request

OPTIONS https://play.google.com/log?format=json&hasfast=true
142.250.200.14:443

https://consent.google.com/save?continue=https://www.google.com/search?client%3Dfirefox-b-d%26channel%3Dentpr%26q%3Dnjrat%2Bblood%2Beditcohe%26sei%3DdJHlZ6yQN7PBhbIP8LbuwA8&gl=UK&m=0&pc=srp&x=5&src=2&hl=en&bl=gws_20250324-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true

tls, http2

firefox.exe

3.7kB
11.1kB
17
22

HTTP Request

POST https://consent.google.com/save?continue=https://www.google.com/search?client%3Dfirefox-b-d%26channel%3Dentpr%26q%3Dnjrat%2Bblood%2Beditcohe%26sei%3DdJHlZ6yQN7PBhbIP8LbuwA8&gl=UK&m=0&pc=srp&x=5&src=2&hl=en&bl=gws_20250324-0_RC1&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
35.190.72.216:443

location.services.mozilla.com

tls, http2

firefox.exe

3.0kB
4.4kB
17
14
151.101.195.19:443

https://archive.mozilla.org/pub/system-addons/hotfix-intermediate-2018/hotfix-intermediate-2018-1.0.0-build1/hotfix-intermediate-2018.xpi

tls, http2

firefox.exe

1.6kB
17.4kB
18
29

HTTP Request

GET https://archive.mozilla.org/pub/system-addons/hotfix-intermediate-2018/hotfix-intermediate-2018-1.0.0-build1/hotfix-intermediate-2018.xpi

HTTP Response

200
23.200.87.12:80

http://ciscobinary.openh264.org/openh264-win64-652bdb7719f30b52b08e506645a7322ff1b2cc6f.zip

http

firefox.exe

4.3kB
530.5kB
87
394

HTTP Request

GET http://ciscobinary.openh264.org/openh264-win64-652bdb7719f30b52b08e506645a7322ff1b2cc6f.zip

HTTP Response

200
34.104.35.123:443

https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/mfnf4w4aaa2rporuqgtjqv35v4_4.10.2891.0/oimompecagnajdejgnnjijobebaeigek_4.10.2891.0_win64_acwxtxt2znguar3w2o252umtomsq.crx3

tls, http2

firefox.exe

556.0kB
15.5MB
7818
11102

HTTP Request

GET https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/mfnf4w4aaa2rporuqgtjqv35v4_4.10.2891.0/oimompecagnajdejgnnjijobebaeigek_4.10.2891.0_win64_acwxtxt2znguar3w2o252umtomsq.crx3

HTTP Response

200
142.250.187.195:443

https://id.google.com/verify/AH5-l65c0CWVOy9dAS1t1xvtQrlaxPf11oislDjGs6VEUNAwGHGzY69TY46qhSW2BJcYTMowmfPyBLTwUgfnAqfedsC3YM0q_Gw1j_8BUR4GXXap

tls, http2

firefox.exe

3.6kB
10.4kB
16
22

HTTP Request

GET https://id.google.com/verify/AH5-l65c0CWVOy9dAS1t1xvtQrlaxPf11oislDjGs6VEUNAwGHGzY69TY46qhSW2BJcYTMowmfPyBLTwUgfnAqfedsC3YM0q_Gw1j_8BUR4GXXap
20.26.156.215:443

https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/used_by_list

tls, http2

firefox.exe

5.9kB
124.7kB
38
113

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition

HTTP Response

200

HTTP Request

GET https://github.com/fluidicon.png

HTTP Response

200

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/latest-commit/main

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/refs?type=branch

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/tree-commit-info/main

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/branch-and-tag-count

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/security/overall-count

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/hovercards/citation/sidebar_partial?tree_name=main

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/used_by_list

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

200
20.26.156.215:443

github.com

firefox.exe

98 B
52 B
2
1
185.199.109.154:443

https://github.githubassets.com/images/gravatars/gravatar-user-420.png?size=40

tls, http2

firefox.exe

25.2kB
1.1MB
238
952

HTTP Request

GET https://github.githubassets.com/assets/light-74231a1f3bbb.css

HTTP Request

GET https://github.githubassets.com/assets/staff-7d691607ec07.css

HTTP Request

GET https://github.githubassets.com/assets/devtools-ed3c56d5f6b2.css

HTTP Request

GET https://github.githubassets.com/assets/repository-4fce88777fa8.css

HTTP Request

GET https://github.githubassets.com/assets/code-0210be90f4d3.css

HTTP Request

GET https://github.githubassets.com/assets/wp-runtime-98ba33526bb7.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-46b9f4874d95.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-75968cfb5298.js

HTTP Request

GET https://github.githubassets.com/assets/environment-f04cb2a9fc8c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-0dbb79f97f8f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-62d275b7ddd9.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a90ac05d2469.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-efa32db3a345.js

HTTP Request

GET https://github.githubassets.com/assets/github-elements-394f8eb34f19.js

HTTP Request

GET https://github.githubassets.com/assets/element-registry-8206a1f1fc89.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-2906d7-2a07a295af40.js

HTTP Request

GET https://github.githubassets.com/assets/dark-8a995f0bacd4.css

HTTP Request

GET https://github.githubassets.com/assets/primer-aaa714e5674d.css

HTTP Request

GET https://github.githubassets.com/assets/github-ea73c9cb5377.css

HTTP Request

GET https://github.githubassets.com/assets/primer-primitives-225433424a87.css

HTTP Request

GET https://github.githubassets.com/assets/global-7eaba1d4847c.css

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-a03ee12d659a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-b6294cf703b7.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-947061-e7a6c4a19f98.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-2a55124d5c52.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-768abe60b1f8.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-3e000c5d31a9.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-87a4ae-b8865f653f6b.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-e429cff6ceb1.js

HTTP Request

GET https://github.githubassets.com/assets/behaviors-c1f5beceda17.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-global-01e85cd1be94.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-94dc7a2157c1.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-70450e-4b93df70b903.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_ref-selector_ts-3e9d848bab5f.js

HTTP Request

GET https://github.githubassets.com/assets/codespaces-c3bcacfe317c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-3eebbd-0763620ad7bf.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-9d41fb1b6c9e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--3c9c82-b71ef90fbdc7.js

HTTP Request

GET https://github.githubassets.com/assets/repositories-7a0dbaa42c57.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js

HTTP Request

GET https://github.githubassets.com/assets/code-menu-1c0aedc134b1.js

HTTP Request

GET https://github.githubassets.com/assets/primer-react-dee7fde768ad.js

HTTP Request

GET https://github.githubassets.com/assets/react-core-a18127980111.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/react-lib-f1bca44e0926.js

HTTP Request

GET https://github.githubassets.com/assets/octicons-react-cf2f2ab8dab4.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-62da9f-2df2f32ec596.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-9a233856b02c.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu-58a0c58bfee4.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/primer-react.2a23faf8f7c3da694407.module.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-2ea4e93613c0.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/keyboard-shortcuts-dialog-33dfb803e078.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-4898d1bf4b51.js

HTTP Request

GET https://github.githubassets.com/assets/sessions-730dca81d0a2.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_es_mjs-dd1d3ea6a436.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryObserver_js-node_modules_tanstack_-defd52-843b41414e0e.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-17c672-34345cb18aac.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_paths_index_ts-1b92c4b9d0a5.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-7496afc3784d.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-7094d4-15017f02e61c.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_verified-fetch_verified-fetch_ts-u-4672d1-96a19eaeffb7.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-d63960-3cb8cae9e2d0.js

HTTP Request

GET https://github.githubassets.com/assets/repos-overview-520cf5801570.js

HTTP Request

GET https://github.githubassets.com/assets/repos-overview.0ee7cac3ab511a65d9f9.module.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-dbc875e76b97.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-670c71d392c6.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-abc100eaa2cb.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-b492d6900d5e.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-91468a3354f9.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-880f27a93f7b.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-cf531d29cf91.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-8ca582ddd98a.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-04338159da93.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-37a12a0ee62c.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-c4e5a9b4f95a.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/favicons/favicon.svg

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_code-view-shared_components_files-search_FileResultsList_tsx-ef1fa1f779f7.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/images/gravatars/gravatar-user-420.png?size=40

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-a03ee12d659a.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-62da9f-2df2f32ec596.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-d63960-3cb8cae9e2d0.js

HTTP Request

GET https://github.githubassets.com/assets/code-menu-1c0aedc134b1.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-37a12a0ee62c.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-c4e5a9b4f95a.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_hydro-analytics-c-35f15c-30ba527ded25.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_accessibility_animated-image-element_ts-3813856f440e.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/images/gravatars/gravatar-user-420.png?size=40
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

2.7kB
6.5kB
14
15
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

2.7kB
6.5kB
14
14
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

2.7kB
6.5kB
14
14
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

2.7kB
6.5kB
14
14
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

2.7kB
6.5kB
14
14
185.199.108.133:443

https://camo.githubusercontent.com/9a3a096e576eacb703344fda1c137b3865e1e6ad8cd795395cacdaf2b9052cab/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f7265706f2d73697a652f44652d656c6f7065722f6e6a5241542d416c6c2d56657273696f6e73

tls, http2

firefox.exe

7.2kB
94.3kB
46
103

HTTP Request

GET https://private-user-images.githubusercontent.com/138373919/283999837-be96d782-19f3-49e6-b8f2-64bba00f7905.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NDMwOTg1ODcsIm5iZiI6MTc0MzA5ODI4NywicGF0aCI6Ii8xMzgzNzM5MTkvMjgzOTk5ODM3LWJlOTZkNzgyLTE5ZjMtNDllNi1iOGYyLTY0YmJhMDBmNzkwNS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjUwMzI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI1MDMyN1QxNzU4MDdaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT0yNjBlNzI2MmI0OTg3OTQxOTI3NjhkMjcxOGExZGFmM2M2ODAzNmU5MmQwNGZlYzczNDFjY2M1NjhhNWVkMWZkJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCJ9.nZH5mnw_4-uXADu8FNBZgazCz_-pIkCDI4F9-DK-pyU

HTTP Request

GET https://camo.githubusercontent.com/9a7ebb6f4070d26e002fda7d4db60bd138809a0faa543763ec661763734106b1/68747470733a2f2f63646e2e73656c6c69782e696f2f73746f726566726f6e742f336563336333653035646662323264363931666264643666666633323032363266393238626136312f3638373437343730373333613266326636393265363936323632326536333666326637393538333537383333373133313266353636393634363536663265363736393636

HTTP Response

200

HTTP Response

404

HTTP Request

GET https://camo.githubusercontent.com/9a7ebb6f4070d26e002fda7d4db60bd138809a0faa543763ec661763734106b1/68747470733a2f2f63646e2e73656c6c69782e696f2f73746f726566726f6e742f336563336333653035646662323264363931666264643666666633323032363266393238626136312f3638373437343730373333613266326636393265363936323632326536333666326637393538333537383333373133313266353636393634363536663265363736393636

HTTP Response

404

HTTP Request

GET https://private-user-images.githubusercontent.com/138373919/283999837-be96d782-19f3-49e6-b8f2-64bba00f7905.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NDMwOTg1OTAsIm5iZiI6MTc0MzA5ODI5MCwicGF0aCI6Ii8xMzgzNzM5MTkvMjgzOTk5ODM3LWJlOTZkNzgyLTE5ZjMtNDllNi1iOGYyLTY0YmJhMDBmNzkwNS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjUwMzI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI1MDMyN1QxNzU4MTBaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT04MGFiOTYxY2ZkZGE1NDRlMWQ1OWQ3MWQxYWI4MWIxZWZkM2MyMmE0MjdmNTdlYTBkOGFlYjM3MDgzYzEwZjYyJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCJ9.B8LO3aWL2QSJ6CCZfOGhgEFx2kcADep8-aycZ8UVp40

HTTP Request

GET https://camo.githubusercontent.com/9a7ebb6f4070d26e002fda7d4db60bd138809a0faa543763ec661763734106b1/68747470733a2f2f63646e2e73656c6c69782e696f2f73746f726566726f6e742f336563336333653035646662323264363931666264643666666633323032363266393238626136312f3638373437343730373333613266326636393265363936323632326536333666326637393538333537383333373133313266353636393634363536663265363736393636

HTTP Response

200

HTTP Request

GET https://avatars.githubusercontent.com/u/202700267?s=64&v=4

HTTP Response

200

HTTP Response

404

HTTP Request

GET https://camo.githubusercontent.com/9a3a096e576eacb703344fda1c137b3865e1e6ad8cd795395cacdaf2b9052cab/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f7265706f2d73697a652f44652d656c6f7065722f6e6a5241542d416c6c2d56657273696f6e73

HTTP Response

200
140.82.112.21:443

https://collector.github.com/github/collect

tls, http2

firefox.exe

13.4kB
9.1kB
39
37

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

firefox.exe

5.5kB
6.7kB
20
22

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
216.58.201.110:443

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQOT39LXabBW8stOJ5gD_GtunVyneRz-rwzkQWtaWevao1FiQBkdd4pBte7aQ&s=10

tls, http2

firefox.exe

4.5kB
40.1kB
32
40

HTTP Request

GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRbbRQTTLNvD7gFAxyqupCRNpqu0g8f1y_zt4sF5e3-Ng&s=10

HTTP Request

GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTNBAX8Mdrzpj86r_W5xIRVIVNy07Et-EaBDEMsWzzwlQ&s=10

HTTP Request

GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRpfHskCP5D8YEb-uJXYvy4ZEbDzmGpjoHlNG3PyIOPopC_7Y9OZUrRfHFMYA&s=10

HTTP Request

GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ1tmAyEs3d5YsiP8cE2VYchTMVDM_8GnPr2MUyGNaxwtVEbhvtP7rQkJe6IA&s=10

HTTP Request

GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQOT39LXabBW8stOJ5gD_GtunVyneRz-rwzkQWtaWevao1FiQBkdd4pBte7aQ&s=10
216.58.201.110:443

encrypted-tbn0.gstatic.com

tls, http2

firefox.exe

2.6kB
6.3kB
12
11
216.58.201.110:443

encrypted-tbn0.gstatic.com

tls, http2

firefox.exe

3.0kB
6.6kB
17
15
142.250.179.227:80

http://c.pki.goog/r/r1.crl

http

476 B
395 B
6
4

HTTP Request

GET http://c.pki.goog/r/r1.crl

HTTP Response

304
172.64.147.112:443

https://tria.ge/static/svg/icons/chevron_right.svg

tls, http2

firefox.exe

9.0kB
179.8kB
81
210

HTTP Request

GET https://tria.ge/240411-lhs8xagf79

HTTP Response

200

HTTP Request

GET https://tria.ge/static/css/common.css?c=764d282

HTTP Request

GET https://tria.ge/static/css/report.css?c=764d282

HTTP Request

GET https://tria.ge/static/css/report_overview.css?c=764d282

HTTP Request

GET https://tria.ge/static/js/ui.version.js?c=764d282

HTTP Request

GET https://tria.ge/static/svg/platforms/windows11.svg

HTTP Request

GET https://tria.ge/static/svg/platforms/android.svg

HTTP Request

GET https://tria.ge/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

HTTP Request

GET https://tria.ge/static/js/ui.common.js?c=764d282

HTTP Request

GET https://tria.ge/static/js/ui.report_overview.js?c=764d282

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tria.ge/static/js/chunk-EJP5W3SV.js

HTTP Request

GET https://tria.ge/static/js/chunk-IBP4GVZ5.js

HTTP Request

GET https://tria.ge/static/js/chunk-6SP6SDFH.js

HTTP Request

GET https://tria.ge/static/js/chunk-SJ2ZBNP7.js

HTTP Request

GET https://tria.ge/static/js/chunk-UI5PTGA5.js

HTTP Request

GET https://tria.ge/static/js/chunk-LWNJDMXF.js

HTTP Request

GET https://tria.ge/static/js/chunk-X62GPJC2.js

HTTP Request

GET https://tria.ge/static/js/chunk-FW4363Y4.js

HTTP Request

GET https://tria.ge/static/fonts/inter/inter-v11-latin-regular.woff2

HTTP Request

GET https://tria.ge/static/fonts/inter/inter-v11-latin-600.woff2

HTTP Request

GET https://tria.ge/static/svg/icons/expand_less.svg

HTTP Request

GET https://tria.ge/static/fonts/inter/inter-v11-latin-700.woff2

HTTP Request

GET https://tria.ge/static/fonts/inter/inter-v11-latin-500.woff2

HTTP Request

GET https://tria.ge/static/js/chunk-W6Q6E5RQ.js

HTTP Request

GET https://tria.ge/static/js/chunk-Z2Q4BDK7.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tria.ge/static/icons/apple-touch-icon.png

HTTP Request

GET https://tria.ge/static/icons/favicon_triage.ico

HTTP Request

GET https://tria.ge/static/svg/icons/chevron_right.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200
172.64.147.112:443

tria.ge

firefox.exe

98 B
52 B
2
1
185.199.109.154:443

github.githubassets.com

tls, http2

firefox.exe

3.0kB
6.9kB
18
21
20.26.156.215:443

https://github.com/USDTC/XWorm-V5.6-Source/archive/refs/heads/main.zip

tls, http2

firefox.exe

6.8kB
124.1kB
43
123

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source

HTTP Response

200

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/latest-commit/main

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/refs?type=branch

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/tree-commit-info/main

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/overview-files/main

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/branch-and-tag-count

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/sponsor_button

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/security/overall-count

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/hovercards/citation/sidebar_partial?tree_name=main

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/sponsors_list?block_button=false&current_repository=XWorm-V5.6-Source

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/used_by_list

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/contributors_list?count=3&current_repository=XWorm-V5.6-Source&items_to_show=3

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/USDTC/XWorm-V5.6-Source/archive/refs/heads/main.zip

HTTP Response

302
185.199.109.133:443

private-user-images.githubusercontent.com

tls, http2

firefox.exe

2.7kB
6.6kB
14
14
185.199.109.133:443

camo.githubusercontent.com

tls, http2

firefox.exe

2.7kB
6.6kB
14
14
104.237.136.127:443

https://cyberpress.org/x-worm-malware-github/

tls, http2

firefox.exe

4.0kB
66.2kB
25
61

HTTP Request

GET https://cyberpress.org/x-worm-malware-github/

HTTP Response

200
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

firefox.exe

4.6kB
6.7kB
19
22

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Response

200
192.0.77.2:443

i0.wp.com

tls, http2

firefox.exe

2.9kB
4.3kB
17
20
192.0.77.2:443

i1.wp.com

tls, http2

firefox.exe

2.8kB
4.2kB
15
18
192.0.77.2:443

i3.wp.com

tls, http2

firefox.exe

2.9kB
4.2kB
16
19
192.0.77.2:443

i2.wp.com

tls, http2

firefox.exe

2.9kB
4.2kB
17
19
192.0.76.3:443

https://stats.wp.com/e-202513.js

tls, http2

firefox.exe

3.1kB
7.3kB
15
21

HTTP Request

GET https://stats.wp.com/e-202513.js

HTTP Response

200
192.0.77.2:443

https://i3.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLVUimwZLDKUKLwf_AVQeP5U2JpsE2dI_IucgDPw7-I_Q5S-QhuY71KHhw5TUxudEs6Z7gJlM32yUsGhVBW81Gv6vVt99HZ_RaEW5augfAhUDMaHPO9bWeiBiAAJyOdWfDmQWh6EXxAKEq23baOCMg1q0KTzAB69WOD6M270YIRcufvgIlU4tmqKLcrsY/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(19)%20(1).webp?w=1200&resize=1200,0&ssl=1

tls, http2

firefox.exe

3.3kB
4.5kB
14
17

HTTP Request

GET https://i3.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLVUimwZLDKUKLwf_AVQeP5U2JpsE2dI_IucgDPw7-I_Q5S-QhuY71KHhw5TUxudEs6Z7gJlM32yUsGhVBW81Gv6vVt99HZ_RaEW5augfAhUDMaHPO9bWeiBiAAJyOdWfDmQWh6EXxAKEq23baOCMg1q0KTzAB69WOD6M270YIRcufvgIlU4tmqKLcrsY/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(19)%20(1).webp?w=1200&resize=1200,0&ssl=1

HTTP Response

302
216.239.34.36:443

https://region1.google-analytics.com/g/collect?v=2&tid=G-5WHMJGXKJ2&gtm=45Pe53q0v9189186384za200&_p=1743098290494&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109~102887799~102926062~102964103&gdid=dZTNiMT&cid=840664561.1743098291&ul=en-us&sr=1280x720&lps=1&frm=0&pscdl=noapi&_s=1&sid=1743098290&sct=1&seg=0&dl=https%3A%2F%2Fcyberpress.org%2Fx-worm-malware-github%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=X-Worm%20Malware%20Found%20on%20GitHub&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3331

tls, http2

firefox.exe

3.6kB
7.9kB
16
19

HTTP Request

POST https://region1.google-analytics.com/g/collect?v=2&tid=G-5WHMJGXKJ2&gtm=45Pe53q0v9189186384za200&_p=1743098290494&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109~102887799~102926062~102964103&gdid=dZTNiMT&cid=840664561.1743098291&ul=en-us&sr=1280x720&lps=1&frm=0&pscdl=noapi&_s=1&sid=1743098290&sct=1&seg=0&dl=https%3A%2F%2Fcyberpress.org%2Fx-worm-malware-github%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=X-Worm%20Malware%20Found%20on%20GitHub&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3331
192.0.73.2:443

https://secure.gravatar.com/avatar/23539cd900deff0dff176af545c010c0?s=96&d=mm&r=g

tls, http2

firefox.exe

3.3kB
29.6kB
18
36

HTTP Request

GET https://secure.gravatar.com/avatar/23539cd900deff0dff176af545c010c0?s=96&d=mm&r=g

HTTP Response

200
142.250.187.193:443

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhe42-gTwbCZ5Zj7ZBGLWLcj46wIhiW2qrI34xF7M1q3fen8TBzXrxzUNgjncKL61Rf-72P__EZGYuFu-QCG9YNO5xpwPHEn3ryWmQJxaGqY7Uk3_iKitF9fC46pwQ2ThF36SW0ZbhvC_uNAZ3F6Lv9DQeHFZ0fQeXZzaqTEP7yrMkXohXaoe09f68zZVk/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(15)%20(1).webp

tls, http2

firefox.exe

6.4kB
185.8kB
74
146

HTTP Request

GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLVUimwZLDKUKLwf_AVQeP5U2JpsE2dI_IucgDPw7-I_Q5S-QhuY71KHhw5TUxudEs6Z7gJlM32yUsGhVBW81Gv6vVt99HZ_RaEW5augfAhUDMaHPO9bWeiBiAAJyOdWfDmQWh6EXxAKEq23baOCMg1q0KTzAB69WOD6M270YIRcufvgIlU4tmqKLcrsY/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(19)%20(1).webp

HTTP Request

GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhe42-gTwbCZ5Zj7ZBGLWLcj46wIhiW2qrI34xF7M1q3fen8TBzXrxzUNgjncKL61Rf-72P__EZGYuFu-QCG9YNO5xpwPHEn3ryWmQJxaGqY7Uk3_iKitF9fC46pwQ2ThF36SW0ZbhvC_uNAZ3F6Lv9DQeHFZ0fQeXZzaqTEP7yrMkXohXaoe09f68zZVk/s1600/Seven%20Years%20old%20Linux%20Kernel%20Flaw%20(15)%20(1).webp
192.0.77.2:443

i1.wp.com

tls, http2

firefox.exe

2.6kB
3.8kB
12
11
104.237.136.127:443

https://cyberpress.org/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2

tls, http2

firefox.exe

3.4kB
10.6kB
18
19

HTTP Request

GET https://cyberpress.org/wp-content/uploads/2024/04/cropped-Cyber-Press-2-32x32.png

HTTP Request

GET https://cyberpress.org/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2

HTTP Response

200

HTTP Response

200
104.237.136.127:443

cyberpress.org

firefox.exe

98 B
52 B
2
1
192.0.77.2:443

i2.wp.com

tls

firefox.exe

2.3kB
3.0kB
9
7
216.58.212.194:443

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250324&st=env

tls, http2

firefox.exe

3.6kB
20.9kB
24
29

HTTP Request

GET https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250324&st=env
142.250.200.33:443

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

tls, http2

firefox.exe

3.7kB
19.6kB
23
32

HTTP Request

GET https://ep2.adtrafficquality.google/sodar/sodar2.js

HTTP Request

GET https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
192.0.77.2:443

i0.wp.com

tls

firefox.exe

2.3kB
3.0kB
9
7
20.26.156.216:443

https://codeload.github.com/USDTC/XWorm-V5.6-Source/zip/refs/heads/main

tls, http2

firefox.exe

110.6kB
9.5MB
1977
6825

HTTP Request

GET https://codeload.github.com/USDTC/XWorm-V5.6-Source/zip/refs/heads/main

HTTP Response

200
192.0.76.3:443

pixel.wp.com

tls, http2

firefox.exe

2.6kB
3.7kB
12
9
142.250.180.1:443

https://tpc.googlesyndication.com/simgad/16838084701626851259/14763004658117789537?w=100&h=100&tw=1&q=75

tls, http2

firefox.exe

3.5kB
13.8kB
19
22

HTTP Request

GET https://tpc.googlesyndication.com/simgad/6186945766719640876/14763004658117789537?w=400&h=209&tw=1&q=75

HTTP Request

GET https://tpc.googlesyndication.com/simgad/16838084701626851259/14763004658117789537?w=100&h=100&tw=1&q=75
142.250.180.1:443

tpc.googlesyndication.com

tls, http2

firefox.exe

2.6kB
6.3kB
11
10
192.0.73.2:443

https://secure.gravatar.com/avatar/f99e08d9811ef3e4575025a44158787c?s=96&d=mm&r=g

tls, http2

firefox.exe

3.8kB
14.7kB
17
30

HTTP Request

GET https://secure.gravatar.com/avatar/f99e08d9811ef3e4575025a44158787c?s=96&d=mm&r=g

HTTP Response

200
172.217.169.36:443

www.google.com

tls

firefox.exe

3.2kB
2.4kB
12
11
104.26.15.226:443

https://cloudsek.com/blog/no-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations

tls, http2

firefox.exe

3.2kB
5.7kB
15
15

HTTP Request

GET https://cloudsek.com/blog/no-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations

HTTP Response

301
104.26.15.226:443

www.cloudsek.com

tls, http2

firefox.exe

2.5kB
4.4kB
10
9
104.18.160.117:443

https://cdn.prod.website-files.com/634fc5026f66af518e897c77/js/webflow.schunk.64a7cb4b4fd9b8bb.js

tls, http2

firefox.exe

4.4kB
206.3kB
36
170

HTTP Request

GET https://cdn.prod.website-files.com/634fc5026f66af518e897c77/css/cloudsek-website.webflow.d154e17e8.css

HTTP Request

GET https://cdn.prod.website-files.com/634fc5026f66af518e897c77/js/webflow.3ed2dcdf.f0a45d32760549a0.js

HTTP Request

GET https://cdn.prod.website-files.com/634fc5026f66af518e897c77/js/webflow.schunk.4a394eb5af8156f2.js

HTTP Request

GET https://cdn.prod.website-files.com/634fc5026f66af518e897c77/js/webflow.schunk.64a7cb4b4fd9b8bb.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
104.18.160.117:443

cdn.prod.website-files.com

tls, http2

firefox.exe

2.5kB
4.4kB
10
8
104.18.160.117:443

cdn.prod.website-files.com

tls, http2

firefox.exe

2.5kB
4.4kB
10
8
104.18.160.117:443

cdn.prod.website-files.com

tls, http2

firefox.exe

2.5kB
4.4kB
10
8
151.101.193.229:443

https://cdn.jsdelivr.net/npm/@finsweet/attributes-codehighlight@1/codehighlight.js

tls, http2

firefox.exe

3.1kB
8.5kB
15
20

HTTP Request

GET https://cdn.jsdelivr.net/npm/@finsweet/attributes-codehighlight@1/codehighlight.js

HTTP Response

200
207.211.214.145:443

https://tools.virtual-entity.de/toc-generator/v1.0.1.js

tls, http2

firefox.exe

3.4kB
8.1kB
21
26

HTTP Request

GET https://tools.virtual-entity.de/toc-generator/v1.0.1.js

HTTP Response

200
3.166.49.90:443

https://pxl.sprouts.ai/latest/pixelV3.js?id=de4742baf9ae0326740152eb49dea10c

tls, http2

firefox.exe

3.5kB
21.8kB
23
30

HTTP Request

GET https://pxl.sprouts.ai/latest/pixelV3.js?id=de4742baf9ae0326740152eb49dea10c

HTTP Response

200
18.245.246.151:443

https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=634fc5026f66af518e897c77

tls, http2

firefox.exe

3.7kB
38.6kB
26
40

HTTP Request

GET https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=634fc5026f66af518e897c77

HTTP Response

200
76.76.21.142:443

https://hubspotonwebflow.com/assets/js/blockedDomains.json

tls, http2

firefox.exe

3.7kB
32.4kB
24
41

HTTP Request

GET https://hubspotonwebflow.com/assets/js/form-124.js

HTTP Response

200

HTTP Request

GET https://hubspotonwebflow.com/assets/js/blockedDomains.json

HTTP Response

200
3.166.49.90:443

https://pxl.sprouts.ai/config/de4742baf9ae0326740152eb49dea10c.json

tls, http2

firefox.exe

3.3kB
6.4kB
18
19

HTTP Request

GET https://pxl.sprouts.ai/config/de4742baf9ae0326740152eb49dea10c.json

HTTP Response

200
104.16.248.109:443

https://sibforms.com/forms/end-form/elastic-apm-rum.umd.min.js

tls, http2

firefox.exe

5.1kB
172.5kB
38
146

HTTP Request

GET https://bc047102.sibforms.com/serve/MUIEAPtEdnFwgNiNf3xW4hk07Y4THowhdDNs_B6MTWneVmcg08tj213Hcxfq-EE7ToLhU3qIL9hwO1IedPcCdOllTbRmUSpvX3hgz_UcmRcqpl4F9nGjodY8JVct_LdIJoIYFLUoDz4tlKzMRDvltQtHpEyFOKrjATMxZi5SNQtRfQZyi8eZmzcN_eOr-BAe51w7SIs360UpxPDp

HTTP Response

200

HTTP Request

GET https://bc047102.sibforms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

HTTP Response

200

HTTP Request

GET https://sibforms.com/forms/end-form/build/sib-styles.css

HTTP Request

GET https://sibforms.com/forms/end-form/build/main.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://sibforms.com/forms/end-form/elastic-apm-rum.umd.min.js

HTTP Response

200
104.16.138.209:443

https://js.hs-scripts.com/7140541.js

tls, http2

firefox.exe

3.3kB
6.0kB
19
17

HTTP Request

GET https://js.hs-scripts.com/7140541.js

HTTP Response

200
13.107.246.64:443

https://www.clarity.ms/tag/frgg3qg64j?ref=gtm2

tls, http2

firefox.exe

3.9kB
42.1kB
28
52

HTTP Request

GET https://www.clarity.ms/tag/frgg3qg64j

HTTP Response

200

HTTP Request

GET https://www.clarity.ms/s/0.8.1/clarity.js

HTTP Response

200

HTTP Request

GET https://www.clarity.ms/tag/frgezfwt0f?ref=bwt

HTTP Request

GET https://www.clarity.ms/tag/frgg3qg64j?ref=gtm2

HTTP Response

200

HTTP Response

200
104.16.248.109:443

sibforms.com

tls, http2

firefox.exe

2.6kB
4.4kB
11
8
104.16.248.109:443

sibforms.com

tls, http2

firefox.exe

2.5kB
4.4kB
10
9
104.17.128.172:443

https://js.hsadspixel.net/fb.js

tls, http2

firefox.exe

3.3kB
8.6kB
19
17

HTTP Request

GET https://js.hsadspixel.net/fb.js

HTTP Response

200
104.17.175.201:443

https://js.hs-analytics.net/analytics/1743098100000/7140541.js

tls, http2

firefox.exe

3.4kB
31.4kB
21
37

HTTP Request

GET https://js.hs-analytics.net/analytics/1743098100000/7140541.js

HTTP Response

200
104.18.40.240:443

https://js.hs-banner.com/v2/7140541/banner.js

tls, http2

firefox.exe

3.5kB
31.6kB
24
35

HTTP Request

GET https://js.hs-banner.com/v2/7140541/banner.js

HTTP Response

200
104.18.37.40:443

https://assets.brevo.com/font/Roboto/Latin/normal/normal/7529907e9eaf8ebb5220c5f9850e3811.woff2

tls, http2

firefox.exe

3.5kB
20.8kB
21
29

HTTP Request

GET https://assets.brevo.com/font/Roboto/Latin/normal/normal/7529907e9eaf8ebb5220c5f9850e3811.woff2

HTTP Response

200
172.217.169.36:443

https://www.google.com/ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=922024938.1743098359&dt=No%20Honour%20Among%20Thieves%3A%20Uncovering%20a%20Trojanized%20XWorm%20RAT%20Builder%20Propagated%20by%20Threat%20Actors%20and%20Disrupting%20Its%20Operations%20%7C%20CloudSEK&auid=312064482.1743098359&navt=n&npa=0&gtm=45He53q0v830341218za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102482433~102509683~102788824~102803279~102813109~102887799~102926062&tft=1743098359197&tfd=2179&apve=1

tls, http2

firefox.exe

3.7kB
7.3kB
16
18

HTTP Request

POST https://www.google.com/ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=922024938.1743098359&dt=No%20Honour%20Among%20Thieves%3A%20Uncovering%20a%20Trojanized%20XWorm%20RAT%20Builder%20Propagated%20by%20Threat%20Actors%20and%20Disrupting%20Its%20Operations%20%7C%20CloudSEK&auid=312064482.1743098359&navt=n&npa=0&gtm=45He53q0v830341218za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102482433~102509683~102788824~102803279~102813109~102887799~102926062&tft=1743098359197&tfd=2179&apve=1
142.250.187.227:443

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CVBS2RDPRJ&cid=975017464.1743098359&gtm=45je53q0v887596358za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&z=1708599423

tls, http2

firefox.exe

3.5kB
7.1kB
17
18

HTTP Request

GET https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CVBS2RDPRJ&cid=975017464.1743098359&gtm=45je53q0v887596358za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&z=1708599423
172.67.20.8:443

https://cdn-cookieyes.com/client_data/18125550f3691a0126bcd541/script.js

tls, http2

firefox.exe

3.3kB
10.6kB
18
21

HTTP Request

GET https://cdn-cookieyes.com/client_data/18125550f3691a0126bcd541/script.js

HTTP Response

200
142.250.180.10:443

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

tls, http2

firefox.exe

3.5kB
39.4kB
24
40

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
104.18.243.108:443

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7140541

tls, http2

firefox.exe

3.4kB
6.1kB
20
20

HTTP Request

GET https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7140541

HTTP Response

200
52.152.143.207:443

https://o.clarity.ms/collect

tls, http

firefox.exe

56.1kB
8.2kB
53
34

HTTP Request

POST https://o.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://o.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://o.clarity.ms/collect

HTTP Response

204
104.26.13.205:443

https://api.ipify.org/?format=json

tls, http2

firefox.exe

3.4kB
5.2kB
20
18

HTTP Request

GET https://api.ipify.org/?format=json

HTTP Response

200
216.239.34.36:443

https://region1.analytics.google.com/g/collect?v=2&tid=G-CVBS2RDPRJ&gtm=45je53q0v887596358za200&_p=1743098357976&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&gdid=dZGVlNj&cid=975017464.1743098359&ul=en-us&sr=1280x720&lps=1&frm=0&pscdl=noapi&_s=1&sid=1743098359&sct=1&seg=0&dl=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&dr=https%3A%2F%2Fwww.google.com%2F&dt=No%20Honour%20Among%20Thieves%3A%20Uncovering%20a%20Trojanized%20XWorm%20RAT%20Builder%20Propagated%20by%20Threat%20Actors%20and%20Disrupting%20Its%20Operations%20%7C%20CloudSEK&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-P8TZM5T&tfd=2159

tls, http2

firefox.exe

3.8kB
7.9kB
16
19

HTTP Request

POST https://region1.analytics.google.com/g/collect?v=2&tid=G-CVBS2RDPRJ&gtm=45je53q0v887596358za200&_p=1743098357976&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062&gdid=dZGVlNj&cid=975017464.1743098359&ul=en-us&sr=1280x720&lps=1&frm=0&pscdl=noapi&_s=1&sid=1743098359&sct=1&seg=0&dl=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&dr=https%3A%2F%2Fwww.google.com%2F&dt=No%20Honour%20Among%20Thieves%3A%20Uncovering%20a%20Trojanized%20XWorm%20RAT%20Builder%20Propagated%20by%20Threat%20Actors%20and%20Disrupting%20Its%20Operations%20%7C%20CloudSEK&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-P8TZM5T&tfd=2159
74.125.133.156:443

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CVBS2RDPRJ&cid=975017464.1743098359&gtm=45je53q0v887596358za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062

tls, http2

firefox.exe

3.4kB
7.4kB
17
17

HTTP Request

POST https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CVBS2RDPRJ&cid=975017464.1743098359&gtm=45je53q0v887596358za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102482433~102788824~102803279~102813109~102887800~102926062
2.19.252.133:443

https://snap.licdn.com/li.lms-analytics/insight.min.js

tls, http2

firefox.exe

3.7kB
20.6kB
27
21

HTTP Request

GET https://snap.licdn.com/li.lms-analytics/insight.min.js

HTTP Response

200
151.101.193.140:443

https://www.redditstatic.com/ads/pixel.js

tls, http2

firefox.exe

4.2kB
25.7kB
35
37

HTTP Request

GET https://www.redditstatic.com/ads/pixel.js

HTTP Response

200
2.19.252.133:443

snap.licdn.com

tls, http2

firefox.exe

2.6kB
5.3kB
12
13
34.253.3.7:443

https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events

tls, http2

firefox.exe

5.5kB
8.1kB
32
27

HTTP Request

OPTIONS https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events

HTTP Response

200

HTTP Request

POST https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events

HTTP Response

202
34.253.3.7:443

596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io

tls, http2

firefox.exe

3.2kB
6.9kB
18
11
34.74.151.231:3000

https://wa.sprouts.ai:3000/v1/iplookups?k=de4742baf9ae0326740152eb49dea10c

tls, http

firefox.exe

3.4kB
6.1kB
19
18

HTTP Request

OPTIONS https://wa.sprouts.ai:3000/v1/iplookups?k=de4742baf9ae0326740152eb49dea10c

HTTP Response

200
34.74.151.231:3000

https://wa.sprouts.ai:3000/v1/iplookups?k=de4742baf9ae0326740152eb49dea10c

tls, http

firefox.exe

3.4kB
6.5kB
18
20

HTTP Request

POST https://wa.sprouts.ai:3000/v1/iplookups?k=de4742baf9ae0326740152eb49dea10c

HTTP Response

404
151.101.193.140:443

https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_ehgeu6bodaqs_telemetry

tls, http2

firefox.exe

3.5kB
6.1kB
21
24

HTTP Request

GET https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_ehgeu6bodaqs_telemetry

HTTP Response

200
13.107.42.14:443

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=676963&time=1743098360355&url=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&tm=gtmv2

tls, http2

firefox.exe

4.3kB
7.4kB
20
21

HTTP Request

POST https://px.ads.linkedin.com/wa/

HTTP Response

204

HTTP Request

GET https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=676963&time=1743098360355&url=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&tm=gtmv2

HTTP Response

200
151.101.193.140:443

https://pixel-config.reddit.com/pixels/a2_ehgeu6bodaqs/config

tls, http2

firefox.exe

3.5kB
5.5kB
22
23

HTTP Request

GET https://pixel-config.reddit.com/pixels/a2_ehgeu6bodaqs/config

HTTP Response

200
151.101.1.140:443

https://alb.reddit.com/rp.gif?ts=1743098360336&id=a2_ehgeu6bodaqs&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=037017c5-90b2-40b8-aefd-2eb9b159985d&aaid=&em=&pn=&external_id=&idfa=&integration=gtm&partner=&opt_out=0&sh=1280&sw=720&v=rdt_d9500dd4&dpm=&dpcc=&dprc=

tls, http2

firefox.exe

3.8kB
5.9kB
23
21

HTTP Request

GET https://alb.reddit.com/rp.gif?ts=1743098360336&id=a2_ehgeu6bodaqs&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=037017c5-90b2-40b8-aefd-2eb9b159985d&aaid=&em=&pn=&external_id=&idfa=&integration=gtm&partner=&opt_out=0&sh=1280&sw=720&v=rdt_d9500dd4&dpm=&dpcc=&dprc=

HTTP Response

200
104.16.117.116:443

https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3642202416&v=1.1&a=7140541&rcu=https%3A%2F%2Fcloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&r=https%3A%2F%2Fwww.google.com%2F&pu=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&t=No+Honour+Among+Thieves%3A+Uncovering+a+Trojanized+XWorm+RAT+Builder+Propagated+by+Threat+Actors+and+Disrupting+Its+Operations+%7C+CloudSEK&cts=1743098361224&vi=567bbd90027f9603548cce37b6868b26&nc=true&u=109845722.567bbd90027f9603548cce37b6868b26.1743098361222.1743098361222.1743098361222.1&b=109845722.1.1743098361222&cc=15

tls, http2

firefox.exe

4.0kB
6.2kB
20
18

HTTP Request

GET https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3642202416&v=1.1&a=7140541&rcu=https%3A%2F%2Fcloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&r=https%3A%2F%2Fwww.google.com%2F&pu=https%3A%2F%2Fwww.cloudsek.com%2Fblog%2Fno-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations&t=No+Honour+Among+Thieves%3A+Uncovering+a+Trojanized+XWorm+RAT+Builder+Propagated+by+Threat+Actors+and+Disrupting+Its+Operations+%7C+CloudSEK&cts=1743098361224&vi=567bbd90027f9603548cce37b6868b26&nc=true&u=109845722.567bbd90027f9603548cce37b6868b26.1743098361222.1743098361222.1743098361222.1&b=109845722.1.1743098361222&cc=15

HTTP Response

200
13.74.129.1:443

https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&MUID=2154BDE948C56E223D18A85549256FF1

tls, http2

firefox.exe

3.4kB
8.0kB
17
16

HTTP Request

GET https://c.clarity.ms/c.gif

HTTP Response

302

HTTP Request

GET https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&MUID=2154BDE948C56E223D18A85549256FF1

HTTP Response

200
150.171.27.10:443

https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&RedC=c.clarity.ms&MXFR=0F960B6060D46BCA23001EDC64D465D4

tls, http2

firefox.exe

3.2kB
9.5kB
15
19

HTTP Request

GET https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A3BD4A02FE444CA9B582C2837D681F07&RedC=c.clarity.ms&MXFR=0F960B6060D46BCA23001EDC64D465D4

HTTP Response

302
104.22.49.74:443

any.run

tls, http2

firefox.exe

3.0kB
4.6kB
17
14
172.67.73.202:443

https://www.joesandbox.com/cdn-cgi/rum?

tls, http2

firefox.exe

60.2kB
3.9MB
865
3030

HTTP Request

GET https://www.joesandbox.com/analysis/801211/0/html

HTTP Response

200

HTTP Request

GET https://www.joesandbox.com/reportlist?analysisid=801211&run=0

HTTP Request

POST https://www.joesandbox.com/cdn-cgi/rum?

HTTP Response

204

HTTP Response

200

HTTP Request

POST https://www.joesandbox.com/cdn-cgi/rum?

HTTP Response

204
172.67.73.202:443

www.joesandbox.com

firefox.exe

98 B
52 B
2
1
104.16.80.73:443

https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

tls, http2

firefox.exe

3.4kB
12.4kB
19
24

HTTP Request

GET https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

HTTP Response

200
45.60.124.188:443

https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/logo-sticky.png

tls, http2

firefox.exe

82.5kB
2.1MB
849
1540

HTTP Request

GET https://www.cyber.nj.gov/Home/Components/News/News/1586/214

HTTP Response

200

HTTP Request

GET https://www.cyber.nj.gov/t-you-stance-Exeunt-had-Hous-Foolength-Cast-be-s

HTTP Request

GET https://www.cyber.nj.gov/DefaultContent/Default/bootstrap.v3.4.1.min.css

HTTP Request

GET https://www.cyber.nj.gov/DefaultContent/Default/StyleBundleDesignTheme.cssbnd?v=VWOqjwtVEIsOlLOO6OsbfgU_dxrQE7HIack0i3iIJJk1

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleDesignTheme.cssbnd?v=ELjnKqvnTm532cKayOnRJ94pQ7Ri3M4xvfEBnSMBCM01

HTTP Request

GET https://www.cyber.nj.gov/Areas/Admin/Content/StyleBundleFrontendExtra.cssbnd?v=nqlce7hzdo9LIG8VjJmT54anvfgjYa7U1e0fCFkn8EQ1

HTTP Request

GET https://www.cyber.nj.gov/Scripts/ScriptBundleFAllInOne.jsbnd?v=AGE2E_EQyf7VUFEW2Yh6q6KJ-x6Y-_YeIbDneWrbpoo1

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/Main/x-small.css

HTTP Request

GET https://www.cyber.nj.gov/home/showcustomcontent?id=42

HTTP Request

GET https://www.cyber.nj.gov/home/showcustomcontent?id=44

HTTP Request

GET https://www.cyber.nj.gov/home/showcustomcontent?id=40

HTTP Request

GET https://www.cyber.nj.gov/DefaultContent/Default/StyleBundleAngularLib.cssbnd?v=sED2Qjf38ysQJYZW_ZvZj-7IGXKm4NOJhdA51oOtG5A1

HTTP Request

GET https://www.cyber.nj.gov/Scripts/ScriptBundleAngularLib.jsbnd?v=51dgUZfnzDnTMyMnsTI1GEUiMZVWRaf1cSj6ZlF2Bbo1

HTTP Request

GET https://www.cyber.nj.gov/Scripts/frontendCoreBundle.jsbnd?v=fQmhOGOi9KlMgWMsmMP1iCReVlw_-Yf6TVYbGAFu6sM1

HTTP Request

GET https://www.cyber.nj.gov/DefaultContent/Default/StyleBundleMegaMenuDropDown.cssbnd?v=CD_eN-fYJU8KKPigt6x-Ey-z8_WTsoZ7bqx2pLTZtXU1

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/StyleBundleMegaMenuDropDown.cssbnd?v=EcKYqIZ_KaJbcwj7SP4gK8x5QUP6OKAmtbMBFLo-Qcg1

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.cyber.nj.gov/home/showpublishedimage/434/638332554311470000

HTTP Request

GET https://www.cyber.nj.gov/home/showpublishedimage/436/638332554317230000

HTTP Request

GET https://www.cyber.nj.gov/home/showpublishedimage/440/638332554328870000

HTTP Request

GET https://www.cyber.nj.gov/home/showpublishedimage/442/638332554334970000

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/Main/mobile_nav_scripts.js

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/Main/scripts/zoomEvents.js

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/Main/sitelayout_scripts-nj.js

HTTP Request

GET https://www.cyber.nj.gov/Scripts/ScriptBundleVisionFrontend.jsbnd?v=fYuyj89f9MLQYIg98kvnKGAfZZAZTKNL4BxAr6L1Tyk1

HTTP Request

GET https://www.cyber.nj.gov/Scripts/Components/ScriptsFEBundle.jsbnd?v=1GquWamO-1yFawhg-EPdqWJj3BSpuEsyv1Hz5iRvi0M1

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/Print.cssbnd?v=jfhfKsMmxQr_xKAfv9Fj6qRlRX7gMoxJTHKVE6DLWuo1

HTTP Request

GET https://www.cyber.nj.gov/DefaultContent/Default/Print.cssbnd?v=-3T1oJ_z89pR7QkdJGfMpghXZyPybqptlohcPz3eK0w1

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/alert_arrow.png

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/logo.png

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/state-seal.png

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/ui-search.svg

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/ui-button-arrow.svg

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/servicefinder-dropdown.svg

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/ui-close.svg

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/interior-sidenav-bg.jpg

HTTP Request

GET https://www.cyber.nj.gov/DefaultContent/Default/_gfx/int/title_icons.png

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/fonts/glyphicons-halflings-regular.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.cyber.nj.gov/favicon.ico

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.cyber.nj.gov/Shared/GetFontSizeCookie?_=1743098406156

HTTP Response

200

HTTP Request

POST https://www.cyber.nj.gov/t-you-stance-Exeunt-had-Hous-Foolength-Cast-be-s?d=www.cyber.nj.gov

HTTP Response

200

HTTP Request

GET https://www.cyber.nj.gov/Project/Contents/NJCCIC/_gfx/cmn/logo-sticky.png

HTTP Response

200
45.60.124.188:443

h5sxsjl.x.incapdns.net

firefox.exe

52 B
1
149.154.167.99:443

https://t.me/+WZWpIEXeQbhmNjYy

tls, http2

firefox.exe

3.5kB
11.7kB
21
23

HTTP Request

GET https://t.me/+WZWpIEXeQbhmNjYy

HTTP Response

200
149.154.167.99:443

https://telegram.org/img/website_icon.svg?4

tls, http2

firefox.exe

5.6kB
168.6kB
49
151

HTTP Request

GET https://telegram.org/css/font-roboto.css?1

HTTP Request

GET https://telegram.org/js/tgwallpaper.min.js?3

HTTP Request

GET https://telegram.org/css/bootstrap.min.css?3

HTTP Request

GET https://telegram.org/css/telegram.css?244

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://telegram.org/img/tgme/pattern.svg?1

HTTP Request

GET https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

HTTP Request

GET https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://telegram.org/img/apple-touch-icon.png

HTTP Request

GET https://telegram.org/img/website_icon.svg?4

HTTP Response

200

HTTP Response

200
149.154.167.99:443

telegram.org

tls, http2

firefox.exe

2.6kB
7.0kB
12
15
149.154.167.99:443

telegram.org

tls, http2

firefox.exe

2.6kB
6.8kB
11
11
149.154.167.99:443

telegram.org

tls, http2

firefox.exe

2.6kB
6.9kB
12
13
34.111.35.152:443

https://cdn4.cdn-telegram.org/file/dnh9gEvP9D-DlSLh-qlogIyLGOT2Ke_kj0RgjuwWLBrp-RRLR-5RSgPAitbLLWcd38kPC3YlMCZrSQzTElMqvOduqC2_hXWUJMiD9PB7jWUlK_ffef1cFqXccUgmZTToULPPMBgMngSELt7zVaI7odwxwXa7ObuXdjnpdBq65kERy-HWtNM9GlsGdetT5MXDQ2l6pgdFxHqRYQNU9lBg5lOP6Zm2dCzo9eINhHnUwX8fuNcteQb8PqDyQ_jHkdc_t65qoPUcudaHo-kK_yJ0bwW8KXwFQMiBKxNUY3wN54q-m0wOrhBwr7VEJ3v2lY82Z7f0QTjIe856AkdfcDCFLg.jpg

tls, http2

firefox.exe

3.6kB
21.2kB
18
28

HTTP Request

GET https://cdn4.cdn-telegram.org/file/dnh9gEvP9D-DlSLh-qlogIyLGOT2Ke_kj0RgjuwWLBrp-RRLR-5RSgPAitbLLWcd38kPC3YlMCZrSQzTElMqvOduqC2_hXWUJMiD9PB7jWUlK_ffef1cFqXccUgmZTToULPPMBgMngSELt7zVaI7odwxwXa7ObuXdjnpdBq65kERy-HWtNM9GlsGdetT5MXDQ2l6pgdFxHqRYQNU9lBg5lOP6Zm2dCzo9eINhHnUwX8fuNcteQb8PqDyQ_jHkdc_t65qoPUcudaHo-kK_yJ0bwW8KXwFQMiBKxNUY3wN54q-m0wOrhBwr7VEJ3v2lY82Z7f0QTjIe856AkdfcDCFLg.jpg
95.100.244.132:443

https://s.go-mpulse.net/boomerang/4XEJ8-NY6J4-UX99W-8JVHF-G6LEN

tls, http2

firefox.exe

3.7kB
57.5kB
27
57

HTTP Request

GET https://s.go-mpulse.net/boomerang/4XEJ8-NY6J4-UX99W-8JVHF-G6LEN

HTTP Response

200
2.18.84.142:443

https://c.go-mpulse.net/api/config.json?key=4XEJ8-NY6J4-UX99W-8JVHF-G6LEN&d=www.cyber.nj.gov&t=5810328&v=1.720.0&sl=0&si=f3b34f74-9102-4fe1-a05b-779b63091ddb-stsnc1&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=671595

tls, http2

firefox.exe

3.7kB
5.6kB
19
24

HTTP Request

GET https://c.go-mpulse.net/api/config.json?key=4XEJ8-NY6J4-UX99W-8JVHF-G6LEN&d=www.cyber.nj.gov&t=5810328&v=1.720.0&sl=0&si=f3b34f74-9102-4fe1-a05b-779b63091ddb-stsnc1&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=671595

HTTP Response

200
172.217.169.36:443

www.google.com

tls

firefox.exe

3.3kB
2.4kB
13
12
20.26.156.215:443

https://github.com/lexisxs/njRAT-All-Versions/archive/refs/heads/master.zip

tls, http2

firefox.exe

17.8kB
984.5kB
232
773

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition

HTTP Response

200

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/latest-commit/main

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/tree-commit-info/main

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/branch-and-tag-count

HTTP Response

304

HTTP Response

304

HTTP Response

304

HTTP Request

GET https://github.com/lexisxs/njRAT-All-Versions

HTTP Response

200

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/security/overall-count

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/hovercards/citation/sidebar_partial?tree_name=main

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/used_by_list

HTTP Response

204

HTTP Response

200

HTTP Request

GET https://github.com/De-eloper/Image-Storage/raw/main/allrats.gif

HTTP Request

GET https://github.com/De-eloper/Image-Storage/raw/main/danger.jpg

HTTP Response

404

HTTP Response

404

HTTP Request

GET https://github.com/De-eloper/Image-Storage/raw/main/allrats.gif

HTTP Request

GET https://github.com/De-eloper/Image-Storage/raw/main/danger.jpg

HTTP Response

404

HTTP Response

404

HTTP Request

GET https://github.com/De-eloper/Image-Storage/raw/main/allrats.gif

HTTP Response

404

HTTP Request

GET https://github.com/lexisxs/njRAT-All-Versions/latest-commit/master

HTTP Request

GET https://github.com/lexisxs/njRAT-All-Versions/refs?type=branch

HTTP Request

GET https://github.com/lexisxs/njRAT-All-Versions/branch-infobar/master

HTTP Request

GET https://github.com/lexisxs/njRAT-All-Versions/tree-commit-info/master

HTTP Request

GET https://github.com/lexisxs/njRAT-All-Versions/branch-and-tag-count

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/De-eloper/Image-Storage/raw/main/allrats.gif

HTTP Response

404

HTTP Request

GET https://github.com/lexisxs/njRAT-All-Versions/security/overall-count

HTTP Request

GET https://github.com/lexisxs/njRAT-All-Versions/hovercards/citation/sidebar_partial?tree_name=master

HTTP Response

204

HTTP Response

200

HTTP Request

GET https://github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/archive/refs/heads/main.zip

HTTP Response

302

HTTP Request

GET https://github.com/lexisxs/njRAT-All-Versions/archive/refs/heads/master.zip

HTTP Response

302
140.82.114.22:443

https://collector.github.com/github/collect

tls, http2

firefox.exe

19.7kB
11.2kB
49
49

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

firefox.exe

5.4kB
6.7kB
21
23

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
20.26.156.216:443

https://codeload.github.com/lexisxs/njRAT-All-Versions/zip/refs/heads/master

tls, http2

firefox.exe

2.1MB
294.8MB
45006
211057

HTTP Request

GET https://codeload.github.com/Frido-Cpp/SOURCE-CODE-njRAT-0.7d-Horror-Edition/zip/refs/heads/main

HTTP Response

200

HTTP Request

GET https://codeload.github.com/lexisxs/njRAT-All-Versions/zip/refs/heads/master

HTTP Response

200
104.20.4.235:80

http://pastebin.com/raw/G22qkgYa

http

CobianRAT v1.0.40.7.exe

710 B
1.2kB
11
5

HTTP Request

GET http://pastebin.com/raw/0WjUtaep

HTTP Response

301

HTTP Request

GET http://pastebin.com/raw/G22qkgYa

HTTP Response

301
104.20.4.235:80

http://pastebin.com/raw/G22qkgYa

http

CobianRAT v1.0.40.7.exe

710 B
1.2kB
11
5

HTTP Request

GET http://pastebin.com/raw/0WjUtaep

HTTP Response

301

HTTP Request

GET http://pastebin.com/raw/G22qkgYa

HTTP Response

301
104.20.4.235:443

https://pastebin.com/raw/G22qkgYa

tls, http

CobianRAT v1.0.40.7.exe

943 B
5.5kB
11
13

HTTP Request

GET https://pastebin.com/raw/0WjUtaep

HTTP Response

404

HTTP Request

GET https://pastebin.com/raw/G22qkgYa

HTTP Response

404
104.20.4.235:443

https://pastebin.com/raw/G22qkgYa

tls, http

CobianRAT v1.0.40.7.exe

891 B
5.5kB
10
12

HTTP Request

GET https://pastebin.com/raw/0WjUtaep

HTTP Response

404

HTTP Request

GET https://pastebin.com/raw/G22qkgYa

HTTP Response

404
34.107.152.202:443

https://firefox-settings-attachments.cdn.mozilla.net/bundles/security-state--intermediates.zip

tls, http2

firefox.exe

25.1kB
4.0MB
529
2867

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/bundles/security-state--intermediates.zip

8.8.8.8:53

checkappexec.microsoft.com

dns

72 B
192 B
1
1

DNS Request

checkappexec.microsoft.com

DNS Response

172.165.61.93
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
122 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:c47c::
8.8.8.8:53

spocs.getpocket.com

dns

firefox.exe

65 B
131 B
1
1

DNS Request

spocs.getpocket.com

DNS Response

34.117.188.166
8.8.8.8:53

merino.services.mozilla.com

dns

firefox.exe

73 B
89 B
1
1

DNS Request

merino.services.mozilla.com

DNS Response

34.110.138.217
8.8.8.8:53

prod.ads.prod.webservices.mozgcp.net

dns

firefox.exe

154 B
256 B
2
2

DNS Request

prod.ads.prod.webservices.mozgcp.net

DNS Response

34.117.188.166

DNS Request

215.156.26.20.in-addr.arpa
34.110.138.217:443

merino.services.mozilla.com

https

firefox.exe

3.5kB
14.4kB
11
18
8.8.8.8:53

merino.services.mozilla.com

dns

firefox.exe

73 B
89 B
1
1

DNS Request

merino.services.mozilla.com

DNS Response

34.110.138.217
8.8.8.8:53

prod.ads.prod.webservices.mozgcp.net

dns

firefox.exe

82 B
175 B
1
1

DNS Request

prod.ads.prod.webservices.mozgcp.net
8.8.8.8:53

merino.services.mozilla.com

dns

firefox.exe

73 B
154 B
1
1

DNS Request

merino.services.mozilla.com
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
119 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
131 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

example.org

dns

firefox.exe

57 B
121 B
1
1

DNS Request

example.org

DNS Response

23.215.0.133

96.7.128.186

23.215.0.132

96.7.128.192
8.8.8.8:53

ipv4only.arpa

dns

firefox.exe

59 B
91 B
1
1

DNS Request

ipv4only.arpa

DNS Response

192.0.0.171

192.0.0.170
8.8.8.8:53

prod.detectportal.prod.cloudops.mozgcp.net

dns

firefox.exe

88 B
104 B
1
1

DNS Request

prod.detectportal.prod.cloudops.mozgcp.net

DNS Response

34.107.221.82
8.8.8.8:53

prod.detectportal.prod.cloudops.mozgcp.net

dns

firefox.exe

88 B
116 B
1
1

DNS Request

prod.detectportal.prod.cloudops.mozgcp.net

DNS Response

2600:1901:0:38d7::
8.8.8.8:53

www.google.com

dns

firefox.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

172.217.169.36
8.8.8.8:53

www.google.com

dns

firefox.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

172.217.169.36
8.8.8.8:53

www.google.com

dns

firefox.exe

60 B
88 B
1
1

DNS Request

www.google.com

DNS Response

2a00:1450:4009:818::2004
172.217.169.36:443

www.google.com

https

firefox.exe

133.0kB
1.4MB
499
1470
8.8.8.8:53

csp.withgoogle.com

dns

firefox.exe

64 B
80 B
1
1

DNS Request

csp.withgoogle.com

DNS Response

142.250.200.49
8.8.8.8:53

csp.withgoogle.com

dns

firefox.exe

128 B
80 B
2
1

DNS Request

csp.withgoogle.com

DNS Request

csp.withgoogle.com

DNS Response

142.250.200.49
142.250.200.49:443

csp.withgoogle.com

https

firefox.exe

3.1kB
10.1kB
8
12
8.8.8.8:53

ogads-pa.clients6.google.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

ogads-pa.clients6.google.com

DNS Response

142.250.200.10
8.8.8.8:53

ogads-pa.clients6.google.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

ogads-pa.clients6.google.com

DNS Response

142.250.180.10
8.8.8.8:53

ogads-pa.clients6.google.com

dns

firefox.exe

74 B
102 B
1
1

DNS Request

ogads-pa.clients6.google.com

DNS Response

2a00:1450:4009:81d::200a
8.8.8.8:53

csp.withgoogle.com

dns

firefox.exe

64 B
92 B
1
1

DNS Request

csp.withgoogle.com

DNS Response

2a00:1450:4009:823::2011
8.8.8.8:53

play.google.com

dns

firefox.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

216.58.204.78
8.8.8.8:53

play.google.com

dns

firefox.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

216.58.204.78
8.8.8.8:53

play.google.com

dns

firefox.exe

61 B
89 B
1
1

DNS Request

play.google.com

DNS Response

2a00:1450:4009:827::200e
216.58.204.78:443

play.google.com

https

firefox.exe

7.0kB
13.4kB
19
24
8.8.8.8:53

consent.google.com

dns

firefox.exe

64 B
80 B
1
1

DNS Request

consent.google.com

DNS Response

142.250.200.14
8.8.8.8:53

consent.google.com

dns

firefox.exe

64 B
80 B
1
1

DNS Request

consent.google.com

DNS Response

142.250.200.14
8.8.8.8:53

consent.google.com

dns

firefox.exe

64 B
92 B
1
1

DNS Request

consent.google.com

DNS Response

2a00:1450:4009:822::200e
8.8.8.8:53

location.services.mozilla.com

dns

firefox.exe

75 B
153 B
1
1

DNS Request

location.services.mozilla.com

DNS Response

35.190.72.216
142.250.200.14:443

consent.google.com

https

firefox.exe

3.2kB
11.8kB
9
13
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
98 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Response

35.244.181.201
35.190.72.216:443

location.services.mozilla.com

https

firefox.exe

3.3kB
6.0kB
9
11
8.8.8.8:53

prod.classify-client.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.classify-client.prod.webservices.mozgcp.net

DNS Response

35.190.72.216
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
110 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Response

2600:1901:0:5133::
8.8.8.8:53

prod.classify-client.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
187 B
1
1

DNS Request

prod.classify-client.prod.webservices.mozgcp.net
8.8.8.8:53

archive.mozilla.org

dns

firefox.exe

65 B
175 B
1
1

DNS Request

archive.mozilla.org

DNS Response

151.101.195.19

151.101.3.19

151.101.131.19

151.101.67.19
8.8.8.8:53

mozilla-download.fastly-edge.com

dns

firefox.exe

78 B
142 B
1
1

DNS Request

mozilla-download.fastly-edge.com

DNS Response

151.101.67.19

151.101.195.19

151.101.131.19

151.101.3.19
8.8.8.8:53

mozilla-download.fastly-edge.com

dns

firefox.exe

78 B
190 B
1
1

DNS Request

mozilla-download.fastly-edge.com

DNS Response

2a04:4e42::787

2a04:4e42:200::787

2a04:4e42:400::787

2a04:4e42:600::787
8.8.8.8:53

ciscobinary.openh264.org

dns

firefox.exe

70 B
286 B
1
1

DNS Request

ciscobinary.openh264.org

DNS Response

23.200.87.12

23.200.86.251
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

67 B
99 B
1
1

DNS Request

a19.dscg10.akamai.net

DNS Response

23.200.87.12

23.200.86.251
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

67 B
123 B
1
1

DNS Request

a19.dscg10.akamai.net

DNS Response

2a02:26f0:82::17c8:56fb

2a02:26f0:82::17c8:570c
8.8.8.8:53

id.google.com

dns

firefox.exe

59 B
75 B
1
1

DNS Request

id.google.com

DNS Response

142.250.187.195
8.8.8.8:53

id.google.com

dns

firefox.exe

59 B
75 B
1
1

DNS Request

id.google.com

DNS Response

108.177.122.94
8.8.8.8:53

id.google.com

dns

firefox.exe

59 B
87 B
1
1

DNS Request

id.google.com

DNS Response

2a00:1450:4009:820::2003
142.250.200.49:443

csp.withgoogle.com

https

firefox.exe

5.5kB
11.5kB
12
16
142.250.187.195:443

id.google.com

https

firefox.exe

4.0kB
12.9kB
10
15
8.8.8.8:53

github.com

dns

firefox.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

github.com

dns

firefox.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

github.com

dns

firefox.exe

56 B
140 B
1
1

DNS Request

github.com
8.8.8.8:53

github.githubassets.com

dns

firefox.exe

69 B
133 B
1
1

DNS Request

github.githubassets.com

DNS Response

185.199.109.154

185.199.108.154

185.199.110.154

185.199.111.154
8.8.8.8:53

avatars.githubusercontent.com

dns

firefox.exe

75 B
139 B
1
1

DNS Request

avatars.githubusercontent.com

DNS Response

185.199.108.133

185.199.111.133

185.199.109.133

185.199.110.133
8.8.8.8:53

github-cloud.s3.amazonaws.com

dns

firefox.exe

75 B
253 B
1
1

DNS Request

github-cloud.s3.amazonaws.com

DNS Response

3.5.29.116

3.5.25.129

52.217.85.180

52.216.54.73

16.15.184.108

52.217.141.177

52.217.121.153

52.217.164.225
8.8.8.8:53

user-images.githubusercontent.com

dns

firefox.exe

79 B
143 B
1
1

DNS Request

user-images.githubusercontent.com

DNS Response

185.199.109.133

185.199.111.133

185.199.108.133

185.199.110.133
8.8.8.8:53

github.githubassets.com

dns

firefox.exe

69 B
133 B
1
1

DNS Request

github.githubassets.com

DNS Response

185.199.109.154

185.199.110.154

185.199.108.154

185.199.111.154
8.8.8.8:53

avatars.githubusercontent.com

dns

firefox.exe

75 B
139 B
1
1

DNS Request

avatars.githubusercontent.com

DNS Response

185.199.108.133

185.199.109.133

185.199.110.133

185.199.111.133
8.8.8.8:53

user-images.githubusercontent.com

dns

firefox.exe

79 B
143 B
1
1

DNS Request

user-images.githubusercontent.com

DNS Response

185.199.109.133

185.199.108.133

185.199.111.133

185.199.110.133
8.8.8.8:53

s3-w.us-east-1.amazonaws.com

dns

firefox.exe

74 B
202 B
1
1

DNS Request

s3-w.us-east-1.amazonaws.com

DNS Response

3.5.28.27

52.216.35.57

54.231.160.121

3.5.30.34

16.182.36.129

3.5.25.25

52.216.251.100

52.217.224.145
8.8.8.8:53

avatars.githubusercontent.com

dns

firefox.exe

75 B
187 B
1
1

DNS Request

avatars.githubusercontent.com

DNS Response

2606:50c0:8000::154

2606:50c0:8003::154

2606:50c0:8001::154

2606:50c0:8002::154
8.8.8.8:53

github.githubassets.com

dns

firefox.exe

69 B
134 B
1
1

DNS Request

github.githubassets.com
8.8.8.8:53

s3-w.us-east-1.amazonaws.com

dns

firefox.exe

74 B
152 B
1
1

DNS Request

s3-w.us-east-1.amazonaws.com
8.8.8.8:53

user-images.githubusercontent.com

dns

firefox.exe

79 B
191 B
1
1

DNS Request

user-images.githubusercontent.com

DNS Response

2606:50c0:8003::154

2606:50c0:8001::154

2606:50c0:8002::154

2606:50c0:8000::154
8.8.8.8:53

collector.github.com

dns

firefox.exe

66 B
115 B
1
1

DNS Request

collector.github.com

DNS Response

140.82.112.21
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
91 B
1
1

DNS Request

glb-db52c2cf8be544.github.com

DNS Response

140.82.114.22
8.8.8.8:53

api.github.com

dns

firefox.exe

60 B
76 B
1
1

DNS Request

api.github.com

DNS Response

20.26.156.210
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
140 B
1
1

DNS Request

glb-db52c2cf8be544.github.com
8.8.8.8:53

api.github.com

dns

firefox.exe

60 B
76 B
1
1

DNS Request

api.github.com

DNS Response

20.26.156.210
8.8.8.8:53

api.github.com

dns

firefox.exe

60 B
125 B
1
1

DNS Request

api.github.com
8.8.8.8:53

encrypted-tbn0.gstatic.com

dns

firefox.exe

72 B
88 B
1
1

DNS Request

encrypted-tbn0.gstatic.com

DNS Response

216.58.201.110
8.8.8.8:53

encrypted-tbn0.gstatic.com

dns

firefox.exe

72 B
88 B
1
1

DNS Request

encrypted-tbn0.gstatic.com

DNS Response

216.58.201.110
8.8.8.8:53

encrypted-tbn0.gstatic.com

dns

firefox.exe

72 B
100 B
1
1

DNS Request

encrypted-tbn0.gstatic.com

DNS Response

2a00:1450:4009:826::200e
216.58.201.110:443

encrypted-tbn0.gstatic.com

https

firefox.exe

3.1kB
9.2kB
8
11
8.8.8.8:53

c.pki.goog

dns

56 B
107 B
1
1

DNS Request

c.pki.goog

DNS Response

142.250.179.227
8.8.8.8:53

tria.ge

dns

firefox.exe

53 B
85 B
1
1

DNS Request

tria.ge

DNS Response

172.64.147.112

104.18.40.144
8.8.8.8:53

tria.ge

dns

firefox.exe

53 B
85 B
1
1

DNS Request

tria.ge

DNS Response

104.18.40.144

172.64.147.112
8.8.8.8:53

tria.ge

dns

firefox.exe

53 B
109 B
1
1

DNS Request

tria.ge

DNS Response

2606:4700:4400::6812:2890

2606:4700:4400::ac40:9370
8.8.8.8:53

github.githubassets.com

dns

firefox.exe

69 B
134 B
1
1

DNS Request

github.githubassets.com
8.8.8.8:53

github-cloud.s3.amazonaws.com

dns

firefox.exe

75 B
253 B
1
1

DNS Request

github-cloud.s3.amazonaws.com

DNS Response

3.5.29.179

3.5.12.192

52.217.137.65

52.217.112.185

52.217.254.1

16.15.176.219

16.15.176.166

52.216.138.163
8.8.8.8:53

s3-w.us-east-1.amazonaws.com

dns

firefox.exe

74 B
202 B
1
1

DNS Request

s3-w.us-east-1.amazonaws.com

DNS Response

52.216.220.201

16.182.32.177

3.5.12.205

3.5.13.54

3.5.28.149

16.182.66.57

54.231.195.73

52.217.121.25
8.8.8.8:53

s3-w.us-east-1.amazonaws.com

dns

firefox.exe

74 B
152 B
1
1

DNS Request

s3-w.us-east-1.amazonaws.com
8.8.8.8:53

private-user-images.githubusercontent.com

dns

firefox.exe

87 B
151 B
1
1

DNS Request

private-user-images.githubusercontent.com

DNS Response

185.199.109.133

185.199.108.133

185.199.110.133

185.199.111.133
8.8.8.8:53

camo.githubusercontent.com

dns

firefox.exe

72 B
136 B
1
1

DNS Request

camo.githubusercontent.com

DNS Response

185.199.109.133

185.199.108.133

185.199.111.133

185.199.110.133
8.8.8.8:53

private-user-images.githubusercontent.com

dns

firefox.exe

87 B
151 B
1
1

DNS Request

private-user-images.githubusercontent.com

DNS Response

185.199.109.133

185.199.110.133

185.199.111.133

185.199.108.133
8.8.8.8:53

camo.githubusercontent.com

dns

firefox.exe

72 B
136 B
1
1

DNS Request

camo.githubusercontent.com

DNS Response

185.199.108.133

185.199.109.133

185.199.111.133

185.199.110.133
8.8.8.8:53

private-user-images.githubusercontent.com

dns

firefox.exe

87 B
152 B
1
1

DNS Request

private-user-images.githubusercontent.com
8.8.8.8:53

camo.githubusercontent.com

dns

firefox.exe

72 B
137 B
1
1

DNS Request

camo.githubusercontent.com
8.8.8.8:53

cyberpress.org

dns

firefox.exe

60 B
76 B
1
1

DNS Request

cyberpress.org

DNS Response

104.237.136.127
8.8.8.8:53

cyberpress.org

dns

firefox.exe

60 B
76 B
1
1

DNS Request

cyberpress.org

DNS Response

104.237.136.127
8.8.8.8:53

cyberpress.org

dns

firefox.exe

60 B
122 B
1
1

DNS Request

cyberpress.org
8.8.8.8:53

collector.github.com

dns

firefox.exe

66 B
115 B
1
1

DNS Request

collector.github.com

DNS Response

140.82.112.22
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
91 B
1
1

DNS Request

glb-db52c2cf8be544.github.com

DNS Response

140.82.113.21
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
140 B
1
1

DNS Request

glb-db52c2cf8be544.github.com
104.237.136.127:443

cyberpress.org

https

firefox.exe

26.0kB
846.7kB
179
699
8.8.8.8:53

i0.wp.com

dns

firefox.exe

55 B
71 B
1
1

DNS Request

i0.wp.com

DNS Response

192.0.77.2
8.8.8.8:53

i1.wp.com

dns

firefox.exe

128 B
183 B
2
2

DNS Request

i1.wp.com

DNS Response

192.0.77.2

DNS Request

10.180.250.142.in-addr.arpa
8.8.8.8:53

i2.wp.com

dns

firefox.exe

55 B
71 B
1
1

DNS Request

i2.wp.com

DNS Response

192.0.77.2
8.8.8.8:53

i3.wp.com

dns

firefox.exe

55 B
71 B
1
1

DNS Request

i3.wp.com

DNS Response

192.0.77.2
8.8.8.8:53

i0.wp.com

dns

firefox.exe

55 B
71 B
1
1

DNS Request

i0.wp.com

DNS Response

192.0.77.2
8.8.8.8:53

i1.wp.com

dns

firefox.exe

55 B
71 B
1
1

DNS Request

i1.wp.com

DNS Response

192.0.77.2
8.8.8.8:53

i3.wp.com

dns

firefox.exe

55 B
71 B
1
1

DNS Request

i3.wp.com

DNS Response

192.0.77.2
8.8.8.8:53

i2.wp.com

dns

firefox.exe

55 B
71 B
1
1

DNS Request

i2.wp.com

DNS Response

192.0.77.2
8.8.8.8:53

i0.wp.com

dns

firefox.exe

55 B
117 B
1
1

DNS Request

i0.wp.com
8.8.8.8:53

i1.wp.com

dns

firefox.exe

55 B
117 B
1
1

DNS Request

i1.wp.com
8.8.8.8:53

i3.wp.com

dns

firefox.exe

55 B
117 B
1
1

DNS Request

i3.wp.com
8.8.8.8:53

i2.wp.com

dns

firefox.exe

55 B
117 B
1
1

DNS Request

i2.wp.com
8.8.8.8:53

stats.wp.com

dns

firefox.exe

58 B
74 B
1
1

DNS Request

stats.wp.com

DNS Response

192.0.76.3
8.8.8.8:53

stats.wp.com

dns

firefox.exe

58 B
74 B
1
1

DNS Request

stats.wp.com

DNS Response

192.0.76.3
8.8.8.8:53

stats.wp.com

dns

firefox.exe

58 B
120 B
1
1

DNS Request

stats.wp.com
192.0.76.3:443

stats.wp.com

https

firefox.exe

5.2kB
8.4kB
25
31
8.8.8.8:53

region1.google-analytics.com

dns

firefox.exe

74 B
106 B
1
1

DNS Request

region1.google-analytics.com

DNS Response

216.239.34.36

216.239.32.36
8.8.8.8:53

region1.google-analytics.com

dns

firefox.exe

74 B
106 B
1
1

DNS Request

region1.google-analytics.com

DNS Response

216.239.34.36

216.239.32.36
8.8.8.8:53

region1.google-analytics.com

dns

firefox.exe

74 B
130 B
1
1

DNS Request

region1.google-analytics.com

DNS Response

2001:4860:4802:34::36

2001:4860:4802:32::36
192.0.77.2:443

i2.wp.com

https

firefox.exe

13.5kB
16.2kB
59
56
8.8.8.8:53

secure.gravatar.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

secure.gravatar.com

DNS Response

192.0.73.2
8.8.8.8:53

blogger.googleusercontent.com

dns

firefox.exe

75 B
120 B
1
1

DNS Request

blogger.googleusercontent.com

DNS Response

142.250.187.193
8.8.8.8:53

secure.gravatar.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

secure.gravatar.com

DNS Response

192.0.73.2
8.8.8.8:53

googlehosted.l.googleusercontent.com

dns

firefox.exe

82 B
98 B
1
1

DNS Request

googlehosted.l.googleusercontent.com

DNS Response

142.250.187.193
8.8.8.8:53

secure.gravatar.com

dns

firefox.exe

65 B
93 B
1
1

DNS Request

secure.gravatar.com

DNS Response

2a04:fa87:fffe::c000:4902
8.8.8.8:53

googlehosted.l.googleusercontent.com

dns

firefox.exe

82 B
110 B
1
1

DNS Request

googlehosted.l.googleusercontent.com

DNS Response

2a00:1450:4009:81f::2001
216.239.34.36:443

region1.google-analytics.com

https

firefox.exe

4.3kB
9.8kB
8
11
192.0.73.2:443

secure.gravatar.com

https

firefox.exe

4.1kB
7.9kB
19
28
192.0.77.2:443

i2.wp.com

https

firefox.exe

3.2kB
4.0kB
7
5
104.237.136.127:443

cyberpress.org

https

firefox.exe

5.9kB
2.6kB
12
11
142.250.187.193:443

googlehosted.l.googleusercontent.com

https

firefox.exe

21.1kB
3.7MB
238
2955
8.8.8.8:53

ep1.adtrafficquality.google

dns

firefox.exe

73 B
89 B
1
1

DNS Request

ep1.adtrafficquality.google

DNS Response

216.58.212.194
192.0.77.2:443

i2.wp.com

https

firefox.exe

3.2kB
4.0kB
7
5
8.8.8.8:53

ep1.adtrafficquality.google

dns

firefox.exe

73 B
89 B
1
1

DNS Request

ep1.adtrafficquality.google

DNS Response

142.250.179.226
8.8.8.8:53

ep1.adtrafficquality.google

dns

firefox.exe

73 B
101 B
1
1

DNS Request

ep1.adtrafficquality.google

DNS Response

2a00:1450:4009:81f::2002
216.58.212.194:443

ep1.adtrafficquality.google

https

firefox.exe

5.9kB
23.7kB
15
29
8.8.8.8:53

ep2.adtrafficquality.google

dns

firefox.exe

73 B
89 B
1
1

DNS Request

ep2.adtrafficquality.google

DNS Response

142.250.200.33
8.8.8.8:53

ep2.adtrafficquality.google

dns

firefox.exe

73 B
89 B
1
1

DNS Request

ep2.adtrafficquality.google

DNS Response

142.250.200.33
8.8.8.8:53

ep2.adtrafficquality.google

dns

firefox.exe

73 B
101 B
1
1

DNS Request

ep2.adtrafficquality.google

DNS Response

2a00:1450:4009:823::2001
142.250.200.33:443

ep2.adtrafficquality.google

https

firefox.exe

3.6kB
9.5kB
10
13
192.0.77.2:443

i2.wp.com

https

firefox.exe

3.2kB
4.0kB
7
5
8.8.8.8:53

collector.github.com

dns

firefox.exe

66 B
115 B
1
1

DNS Request

collector.github.com

DNS Response

140.82.113.22
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
91 B
1
1

DNS Request

glb-db52c2cf8be544.github.com

DNS Response

140.82.112.21
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
159 B
1
1

DNS Request

glb-db52c2cf8be544.github.com
8.8.8.8:53

camo.githubusercontent.com

dns

firefox.exe

72 B
154 B
1
1

DNS Request

camo.githubusercontent.com
8.8.8.8:53

github.com

dns

firefox.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

github.com

dns

firefox.exe

56 B
121 B
1
1

DNS Request

github.com
8.8.8.8:53

codeload.github.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

codeload.github.com

DNS Response

20.26.156.216
8.8.8.8:53

codeload.github.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

codeload.github.com

DNS Response

20.26.156.216
8.8.8.8:53

codeload.github.com

dns

firefox.exe

65 B
149 B
1
1

DNS Request

codeload.github.com
8.8.8.8:53

pixel.wp.com

dns

firefox.exe

58 B
74 B
1
1

DNS Request

pixel.wp.com

DNS Response

192.0.76.3
8.8.8.8:53

pixel.wp.com

dns

firefox.exe

58 B
74 B
1
1

DNS Request

pixel.wp.com

DNS Response

192.0.76.3
192.0.76.3:443

pixel.wp.com

https

firefox.exe

3.1kB
3.1kB
6
4
8.8.8.8:53

pixel.wp.com

dns

firefox.exe

58 B
120 B
1
1

DNS Request

pixel.wp.com
8.8.8.8:53

tpc.googlesyndication.com

dns

firefox.exe

71 B
87 B
1
1

DNS Request

tpc.googlesyndication.com

DNS Response

142.250.180.1
8.8.8.8:53

tpc.googlesyndication.com

dns

firefox.exe

71 B
87 B
1
1

DNS Request

tpc.googlesyndication.com

DNS Response

142.250.180.1
8.8.8.8:53

tpc.googlesyndication.com

dns

firefox.exe

146 B
206 B
2
2

DNS Request

tpc.googlesyndication.com

DNS Response

2a00:1450:4009:81e::2001

DNS Request

static.cloudflareinsights.com

DNS Response

104.16.80.73

104.16.79.73
142.250.180.1:443

tpc.googlesyndication.com

https

firefox.exe

3.6kB
12.4kB
10
15
8.8.8.8:53

i3.wp.com

dns

firefox.exe

55 B
117 B
1
1

DNS Request

i3.wp.com
142.250.200.33:443

ep2.adtrafficquality.google

https

firefox.exe

4.1kB
10.0kB
11
17
192.0.73.2:443

secure.gravatar.com

https

firefox.exe

6.9kB
489.0kB
52
421
216.239.34.36:443

region1.google-analytics.com

https

firefox.exe

4.1kB
4.7kB
6
13
8.8.8.8:53

www.google.com

dns

firefox.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

172.217.169.36
8.8.8.8:53

www.google.com

dns

firefox.exe

60 B
88 B
1
1

DNS Request

www.google.com

DNS Response

2a00:1450:4009:818::2004
172.217.169.36:443

www.google.com

https

firefox.exe

60.7kB
231.1kB
215
336
142.250.200.49:443

csp.withgoogle.com

https

firefox.exe

3.8kB
5.1kB
5
10
216.58.204.78:443

play.google.com

https

firefox.exe

3.7kB
4.6kB
4
10
8.8.8.8:53

cloudsek.com

dns

firefox.exe

58 B
106 B
1
1

DNS Request

cloudsek.com

DNS Response

104.26.15.226

104.26.14.226

172.67.72.49
8.8.8.8:53

cloudsek.com

dns

firefox.exe

58 B
106 B
1
1

DNS Request

cloudsek.com

DNS Response

104.26.14.226

104.26.15.226

172.67.72.49
8.8.8.8:53

cloudsek.com

dns

firefox.exe

58 B
142 B
1
1

DNS Request

cloudsek.com

DNS Response

2606:4700:20::681a:ee2

2606:4700:20::681a:fe2

2606:4700:20::ac43:4831
104.26.15.226:443

cloudsek.com

https

firefox.exe

4.2kB
43.6kB
13
45
8.8.8.8:53

www.cloudsek.com

dns

firefox.exe

62 B
110 B
1
1

DNS Request

www.cloudsek.com

DNS Response

104.26.15.226

172.67.72.49

104.26.14.226
8.8.8.8:53

www.cloudsek.com

dns

firefox.exe

62 B
110 B
1
1

DNS Request

www.cloudsek.com

DNS Response

104.26.14.226

104.26.15.226

172.67.72.49
8.8.8.8:53

www.cloudsek.com

dns

firefox.exe

62 B
146 B
1
1

DNS Request

www.cloudsek.com

DNS Response

2606:4700:20::ac43:4831

2606:4700:20::681a:fe2

2606:4700:20::681a:ee2
104.26.15.226:443

www.cloudsek.com

https

firefox.exe

3.3kB
13.4kB
8
24
8.8.8.8:53

cdn.prod.website-files.com

dns

firefox.exe

206 B
302 B
3
3

DNS Request

cdn.prod.website-files.com

DNS Response

104.18.160.117

104.18.161.117

DNS Request

bc047102.sibforms.com

DNS Response

104.16.248.109

104.16.249.109

DNS Request

bc047102.sibforms.com

DNS Response

104.16.248.109

104.16.249.109
8.8.8.8:53

pxl.sprouts.ai

dns

firefox.exe

120 B
334 B
2
2

DNS Request

pxl.sprouts.ai

DNS Request

pxl.sprouts.ai

DNS Response

3.166.49.90

3.166.49.21

3.166.49.97

3.166.49.58

DNS Response

3.166.49.58

3.166.49.21

3.166.49.90

3.166.49.97
8.8.8.8:53

cdn.jsdelivr.net

dns

firefox.exe

62 B
160 B
1
1

DNS Request

cdn.jsdelivr.net

DNS Response

151.101.193.229

151.101.129.229

151.101.65.229

151.101.1.229
8.8.8.8:53

tools.virtual-entity.de

dns

firefox.exe

69 B
123 B
1
1

DNS Request

tools.virtual-entity.de

DNS Response

207.211.214.145
8.8.8.8:53

d3e54v103j8qbb.cloudfront.net

dns

firefox.exe

75 B
139 B
1
1

DNS Request

d3e54v103j8qbb.cloudfront.net

DNS Response

18.245.246.151

18.245.246.114

18.245.246.158

18.245.246.167
8.8.8.8:53

js.hs-scripts.com

dns

firefox.exe

63 B
143 B
1
1

DNS Request

js.hs-scripts.com

DNS Response

104.16.138.209

104.16.137.209

104.16.139.209

104.16.141.209

104.16.140.209
8.8.8.8:53

s7.addthis.com

dns

firefox.exe

60 B
129 B
1
1

DNS Request

s7.addthis.com
8.8.8.8:53

hubspotonwebflow.com

dns

firefox.exe

66 B
98 B
1
1

DNS Request

hubspotonwebflow.com

DNS Response

76.76.21.142

76.76.21.123
8.8.8.8:53

cdn.prod.website-files.com

dns

firefox.exe

72 B
104 B
1
1

DNS Request

cdn.prod.website-files.com

DNS Response

104.18.161.117

104.18.160.117
8.8.8.8:53

jsdelivr.map.fastly.net

dns

firefox.exe

69 B
133 B
1
1

DNS Request

jsdelivr.map.fastly.net

DNS Response

151.101.65.229

151.101.129.229

151.101.193.229

151.101.1.229
8.8.8.8:53

virtual-entity.b-cdn.net

dns

firefox.exe

70 B
86 B
1
1

DNS Request

virtual-entity.b-cdn.net

DNS Response

207.211.214.145
8.8.8.8:53

d2ix2amdl5rrlc.cloudfront.net

dns

firefox.exe

75 B
139 B
1
1

DNS Request

d2ix2amdl5rrlc.cloudfront.net

DNS Response

3.166.49.97

3.166.49.21

3.166.49.90

3.166.49.58
8.8.8.8:53

d3e54v103j8qbb.cloudfront.net

dns

firefox.exe

75 B
139 B
1
1

DNS Request

d3e54v103j8qbb.cloudfront.net

DNS Response

18.245.246.114

18.245.246.151

18.245.246.167

18.245.246.158
8.8.8.8:53

js.hs-scripts.com

dns

firefox.exe

63 B
143 B
1
1

DNS Request

js.hs-scripts.com

DNS Response

104.16.141.209

104.16.137.209

104.16.139.209

104.16.140.209

104.16.138.209
8.8.8.8:53

hubspotonwebflow.com

dns

firefox.exe

66 B
98 B
1
1

DNS Request

hubspotonwebflow.com

DNS Response

76.76.21.61

76.76.21.22
8.8.8.8:53

cdn.prod.website-files.com

dns

firefox.exe

72 B
128 B
1
1

DNS Request

cdn.prod.website-files.com

DNS Response

2606:4700::6812:a175

2606:4700::6812:a075
8.8.8.8:53

jsdelivr.map.fastly.net

dns

firefox.exe

69 B
181 B
1
1

DNS Request

jsdelivr.map.fastly.net

DNS Response

2a04:4e42:600::485

2a04:4e42:200::485

2a04:4e42::485

2a04:4e42:400::485
8.8.8.8:53

virtual-entity.b-cdn.net

dns

firefox.exe

70 B
98 B
1
1

DNS Request

virtual-entity.b-cdn.net

DNS Response

2400:52e0:1e07::1161:1
8.8.8.8:53

d2ix2amdl5rrlc.cloudfront.net

dns

firefox.exe

75 B
299 B
1
1

DNS Request

d2ix2amdl5rrlc.cloudfront.net

DNS Response

2600:9000:276c:1a00:12:9cab:5c00:93a1

2600:9000:276c:4800:12:9cab:5c00:93a1

2600:9000:276c:2400:12:9cab:5c00:93a1

2600:9000:276c:600:12:9cab:5c00:93a1

2600:9000:276c:8a00:12:9cab:5c00:93a1

2600:9000:276c:b400:12:9cab:5c00:93a1

2600:9000:276c:3e00:12:9cab:5c00:93a1

2600:9000:276c:a00:12:9cab:5c00:93a1
8.8.8.8:53

hubspotonwebflow.com

dns

firefox.exe

66 B
137 B
1
1

DNS Request

hubspotonwebflow.com
8.8.8.8:53

d3e54v103j8qbb.cloudfront.net

dns

firefox.exe

75 B
162 B
1
1

DNS Request

d3e54v103j8qbb.cloudfront.net
8.8.8.8:53

js.hs-scripts.com

dns

firefox.exe

63 B
203 B
1
1

DNS Request

js.hs-scripts.com

DNS Response

2606:4700::6810:8cd1

2606:4700::6810:8bd1

2606:4700::6810:89d1

2606:4700::6810:8ad1

2606:4700::6810:8dd1
104.18.160.117:443

cdn.prod.website-files.com

https

firefox.exe

24.7kB
2.3MB
221
1965
151.101.193.229:443

jsdelivr.map.fastly.net

https

firefox.exe

3.7kB
49.0kB
12
42
8.8.8.8:53

www.clarity.ms

dns

firefox.exe

120 B
446 B
2
2

DNS Request

www.clarity.ms

DNS Response

13.107.246.64

DNS Request

www.clarity.ms

DNS Response

13.107.246.64
8.8.8.8:53

s-part-0036.t-0009.t-msedge.net

dns

firefox.exe

77 B
93 B
1
1

DNS Request

s-part-0036.t-0009.t-msedge.net

DNS Response

13.107.246.64
8.8.8.8:53

s-part-0036.t-0009.t-msedge.net

dns

firefox.exe

154 B
210 B
2
2

DNS Request

s-part-0036.t-0009.t-msedge.net

DNS Response

2620:1ec:bdf::64

DNS Request

s-part-0036.t-0009.t-msedge.net

DNS Response

2620:1ec:bdf::64
8.8.8.8:53

bc047102.sibforms.com

dns

firefox.exe

67 B
99 B
1
1

DNS Request

bc047102.sibforms.com

DNS Response

104.16.248.109

104.16.249.109
8.8.8.8:53

bc047102.sibforms.com

dns

firefox.exe

134 B
246 B
2
2

DNS Request

bc047102.sibforms.com

DNS Response

2606:4700::6810:f86d

2606:4700::6810:f96d

DNS Request

bc047102.sibforms.com

DNS Response

2606:4700::6810:f86d

2606:4700::6810:f96d
8.8.8.8:53

sibforms.com

dns

firefox.exe

58 B
90 B
1
1

DNS Request

sibforms.com

DNS Response

104.16.248.109

104.16.249.109
8.8.8.8:53

sibforms.com

dns

firefox.exe

58 B
90 B
1
1

DNS Request

sibforms.com

DNS Response

104.16.248.109

104.16.249.109
8.8.8.8:53

sibforms.com

dns

firefox.exe

58 B
114 B
1
1

DNS Request

sibforms.com

DNS Response

2606:4700::6810:f86d

2606:4700::6810:f96d
8.8.8.8:53

js.hs-analytics.net

dns

firefox.exe

65 B
97 B
1
1

DNS Request

js.hs-analytics.net

DNS Response

104.17.175.201

104.16.160.168
8.8.8.8:53

js.hs-banner.com

dns

firefox.exe

124 B
188 B
2
2

DNS Request

js.hs-banner.com

DNS Response

104.18.40.240

172.64.147.16

DNS Request

js.hs-banner.com

DNS Response

172.64.147.16

104.18.40.240
8.8.8.8:53

js.hsadspixel.net

dns

firefox.exe

63 B
95 B
1
1

DNS Request

js.hsadspixel.net

DNS Response

104.17.128.172

104.17.223.152
8.8.8.8:53

assets.brevo.com

dns

firefox.exe

62 B
94 B
1
1

DNS Request

assets.brevo.com

DNS Response

104.18.37.40

172.64.150.216
8.8.8.8:53

js.hsadspixel.net

dns

firefox.exe

63 B
95 B
1
1

DNS Request

js.hsadspixel.net

DNS Response

104.17.223.152

104.17.128.172
8.8.8.8:53

js.hs-analytics.net

dns

firefox.exe

65 B
97 B
1
1

DNS Request

js.hs-analytics.net

DNS Response

104.16.160.168

104.17.175.201
8.8.8.8:53

region1.analytics.google.com

dns

firefox.exe

148 B
212 B
2
2

DNS Request

region1.analytics.google.com

DNS Response

216.239.34.36

216.239.32.36

DNS Request

region1.analytics.google.com

DNS Response

216.239.32.36

216.239.34.36
8.8.8.8:53

stats.g.doubleclick.net

dns

firefox.exe

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

74.125.133.156

74.125.133.157

74.125.133.155

74.125.133.154
8.8.8.8:53

www.google.co.uk

dns

firefox.exe

62 B
78 B
1
1

DNS Request

www.google.co.uk

DNS Response

142.250.187.227
8.8.8.8:53

js.hs-banner.com

dns

firefox.exe

62 B
94 B
1
1

DNS Request

js.hs-banner.com

DNS Response

172.64.147.16

104.18.40.240
8.8.8.8:53

assets.brevo.com

dns

firefox.exe

62 B
94 B
1
1

DNS Request

assets.brevo.com

DNS Response

104.18.37.40

172.64.150.216
8.8.8.8:53

snap.licdn.com

dns

firefox.exe

60 B
164 B
1
1

DNS Request

snap.licdn.com

DNS Response

2.19.252.133

2.19.252.143
8.8.8.8:53

www.redditstatic.com

dns

firefox.exe

66 B
175 B
1
1

DNS Request

www.redditstatic.com

DNS Response

151.101.193.140

151.101.1.140

151.101.129.140

151.101.65.140
8.8.8.8:53

cdn-cookieyes.com

dns

firefox.exe

63 B
111 B
1
1

DNS Request

cdn-cookieyes.com

DNS Response

172.67.20.8

104.22.59.91

104.22.58.91
8.8.8.8:53

js.hsadspixel.net

dns

firefox.exe

63 B
119 B
1
1

DNS Request

js.hsadspixel.net

DNS Response

2606:4700::6811:df98

2606:4700::6811:80ac
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.180.10
8.8.8.8:53

js.hs-banner.com

dns

firefox.exe

62 B
118 B
1
1

DNS Request

js.hs-banner.com

DNS Response

2606:4700:4400::6812:28f0

2606:4700:4400::ac40:9310
8.8.8.8:53

www.google.co.uk

dns

firefox.exe

62 B
78 B
1
1

DNS Request

www.google.co.uk

DNS Response

142.250.187.227
8.8.8.8:53

js.hs-analytics.net

dns

firefox.exe

65 B
121 B
1
1

DNS Request

js.hs-analytics.net

DNS Response

2606:4700::6810:a0a8

2606:4700::6811:afc9
8.8.8.8:53

stats.g.doubleclick.net

dns

firefox.exe

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

74.125.133.156

74.125.133.154

74.125.133.155

74.125.133.157
8.8.8.8:53

a1916.dscg2.akamai.net

dns

firefox.exe

68 B
100 B
1
1

DNS Request

a1916.dscg2.akamai.net

DNS Response

2.19.252.133

2.19.252.143
8.8.8.8:53

assets.brevo.com

dns

firefox.exe

62 B
118 B
1
1

DNS Request

assets.brevo.com

DNS Response

2606:4700:4400::ac40:96d8

2606:4700:4400::6812:2528
8.8.8.8:53

cdn-cookieyes.com

dns

firefox.exe

63 B
111 B
1
1

DNS Request

cdn-cookieyes.com

DNS Response

104.22.58.91

104.22.59.91

172.67.20.8
8.8.8.8:53

dualstack.reddit.map.fastly.net

dns

firefox.exe

77 B
141 B
1
1

DNS Request

dualstack.reddit.map.fastly.net

DNS Response

151.101.1.140

151.101.65.140

151.101.129.140

151.101.193.140
8.8.8.8:53

region1.analytics.google.com

dns

firefox.exe

74 B
106 B
1
1

DNS Request

region1.analytics.google.com

DNS Response

216.239.32.36

216.239.34.36
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.180.10
172.217.169.36:443

www.google.com

https

firefox.exe

3.4kB
4.3kB
6
11
8.8.8.8:53

api.hubapi.com

dns

firefox.exe

60 B
140 B
1
1

DNS Request

api.hubapi.com

DNS Response

104.18.243.108

104.18.244.108

104.18.242.108

104.18.241.108

104.18.240.108
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

65 B
93 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

2a00:1450:4009:827::200a
142.250.187.227:443

www.google.co.uk

https

firefox.exe

3.1kB
9.2kB
8
11
8.8.8.8:53

region1.analytics.google.com

dns

firefox.exe

148 B
260 B
2
2

DNS Request

region1.analytics.google.com

DNS Response

2001:4860:4802:34::36

2001:4860:4802:32::36

DNS Request

region1.analytics.google.com

DNS Response

2001:4860:4802:34::36

2001:4860:4802:32::36
8.8.8.8:53

stats.g.doubleclick.net

dns

firefox.exe

69 B
181 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

2a00:1450:400c:c07::9a

2a00:1450:400c:c07::9c

2a00:1450:400c:c07::9b

2a00:1450:400c:c07::9d
8.8.8.8:53

www.google.co.uk

dns

firefox.exe

124 B
180 B
2
2

DNS Request

www.google.co.uk

DNS Response

2a00:1450:4009:820::2003

DNS Request

www.google.co.uk

DNS Response

2a00:1450:4009:820::2003
8.8.8.8:53

cdn-cookieyes.com

dns

firefox.exe

63 B
147 B
1
1

DNS Request

cdn-cookieyes.com

DNS Response

2606:4700:10::6816:3b5b

2606:4700:10::6816:3a5b

2606:4700:10::ac43:1408
8.8.8.8:53

dualstack.reddit.map.fastly.net

dns

firefox.exe

154 B
378 B
2
2

DNS Request

dualstack.reddit.map.fastly.net

DNS Response

2a04:4e42:400::396

2a04:4e42:200::396

2a04:4e42:600::396

2a04:4e42::396

DNS Request

dualstack.reddit.map.fastly.net

DNS Response

2a04:4e42:200::396

2a04:4e42::396

2a04:4e42:600::396

2a04:4e42:400::396
8.8.8.8:53

a1916.dscg2.akamai.net

dns

firefox.exe

68 B
124 B
1
1

DNS Request

a1916.dscg2.akamai.net

DNS Response

2a02:26f0:1c80:4::212:be4f

2a02:26f0:1c80:4::212:be48
8.8.8.8:53

o.clarity.ms

dns

firefox.exe

58 B
135 B
1
1

DNS Request

o.clarity.ms

DNS Response

52.152.143.207
8.8.8.8:53

api.hubapi.com

dns

firefox.exe

60 B
140 B
1
1

DNS Request

api.hubapi.com

DNS Response

104.18.240.108

104.18.243.108

104.18.241.108

104.18.242.108

104.18.244.108
142.250.180.10:443

ajax.googleapis.com

https

firefox.exe

3.1kB
9.6kB
8
11
8.8.8.8:53

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

dns

firefox.exe

93 B
109 B
1
1

DNS Request

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

DNS Response

52.152.143.207
8.8.8.8:53

api.hubapi.com

dns

firefox.exe

60 B
200 B
1
1

DNS Request

api.hubapi.com

DNS Response

2606:4700::6812:f06c

2606:4700::6812:f26c

2606:4700::6812:f36c

2606:4700::6812:f16c

2606:4700::6812:f46c
8.8.8.8:53

api.ipify.org

dns

firefox.exe

59 B
107 B
1
1

DNS Request

api.ipify.org

DNS Response

104.26.13.205

172.67.74.152

104.26.12.205
8.8.8.8:53

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

dns

firefox.exe

186 B
328 B
2
2

DNS Request

clarity-ingest-eus-sc.eastus.cloudapp.azure.com

DNS Request

clarity-ingest-eus-sc.eastus.cloudapp.azure.com
8.8.8.8:53

api.ipify.org

dns

firefox.exe

59 B
107 B
1
1

DNS Request

api.ipify.org

DNS Response

104.26.12.205

104.26.13.205

172.67.74.152
8.8.8.8:53

api.ipify.org

dns

firefox.exe

59 B
121 B
1
1

DNS Request

api.ipify.org
216.239.34.36:443

region1.analytics.google.com

https

firefox.exe

3.0kB
9.8kB
7
11
8.8.8.8:53

596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io

dns

firefox.exe

108 B
282 B
1
1

DNS Request

596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io

DNS Response

34.253.3.7

63.33.254.192

108.129.63.17
74.125.133.156:443

stats.g.doubleclick.net

https

firefox.exe

3.3kB
10.1kB
9
11
8.8.8.8:53

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

dns

firefox.exe

118 B
166 B
1
1

DNS Request

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

DNS Response

34.253.3.7

108.129.63.17

63.33.254.192
8.8.8.8:53

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

dns

firefox.exe

236 B
404 B
2
2

DNS Request

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com

DNS Request

proxy-nlb-prod-eu-west-1-v5-8da84ce7881a88cc.elb.eu-west-1.amazonaws.com
8.8.8.8:53

wa.sprouts.ai

dns

firefox.exe

118 B
150 B
2
2

DNS Request

wa.sprouts.ai

DNS Response

34.74.151.231

DNS Request

wa.sprouts.ai

DNS Response

34.74.151.231
8.8.8.8:53

wa.sprouts.ai

dns

firefox.exe

59 B
75 B
1
1

DNS Request

wa.sprouts.ai

DNS Response

34.74.151.231
2.19.252.133:443

a1916.dscg2.akamai.net

https

firefox.exe

3.3kB
9.8kB
11
14
8.8.8.8:53

px.ads.linkedin.com

dns

firefox.exe

65 B
172 B
1
1

DNS Request

px.ads.linkedin.com

DNS Response

13.107.42.14
8.8.8.8:53

wa.sprouts.ai

dns

firefox.exe

59 B
133 B
1
1

DNS Request

wa.sprouts.ai
8.8.8.8:53

pixel-config.reddit.com

dns

firefox.exe

69 B
168 B
1
1

DNS Request

pixel-config.reddit.com

DNS Response

151.101.193.140

151.101.1.140

151.101.129.140

151.101.65.140
8.8.8.8:53

alb.reddit.com

dns

firefox.exe

60 B
159 B
1
1

DNS Request

alb.reddit.com

DNS Response

151.101.1.140

151.101.65.140

151.101.193.140

151.101.129.140
8.8.8.8:53

l-0005.l-msedge.net

dns

firefox.exe

171 B
203 B
2
2

DNS Request

l-0005.l-msedge.net

DNS Response

13.107.42.14

DNS Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.107.152.202
8.8.8.8:53

reddit.map.fastly.net

dns

firefox.exe

138 B
266 B
2
2

DNS Request

reddit.map.fastly.net

DNS Response

151.101.193.140

151.101.129.140

151.101.1.140

151.101.65.140

DNS Request

133.252.19.2.in-addr.arpa
8.8.8.8:53

l-0005.l-msedge.net

dns

firefox.exe

65 B
93 B
1
1

DNS Request

l-0005.l-msedge.net

DNS Response

2620:1ec:21::14
8.8.8.8:53

reddit.map.fastly.net

dns

firefox.exe

67 B
128 B
1
1

DNS Request

reddit.map.fastly.net
8.8.8.8:53

track.hubspot.com

dns

firefox.exe

63 B
95 B
1
1

DNS Request

track.hubspot.com

DNS Response

104.16.117.116

104.16.118.116
8.8.8.8:53

c.clarity.ms

dns

firefox.exe

58 B
139 B
1
1

DNS Request

c.clarity.ms

DNS Response

13.74.129.1
8.8.8.8:53

track.hubspot.com

dns

firefox.exe

63 B
95 B
1
1

DNS Request

track.hubspot.com

DNS Response

104.16.118.116

104.16.117.116
8.8.8.8:53

c-msn-pme.trafficmanager.net

dns

firefox.exe

74 B
90 B
1
1

DNS Request

c-msn-pme.trafficmanager.net

DNS Response

13.74.129.1
8.8.8.8:53

track.hubspot.com

dns

firefox.exe

63 B
119 B
1
1

DNS Request

track.hubspot.com

DNS Response

2606:4700::6810:7674

2606:4700::6810:7574
8.8.8.8:53

c-msn-pme.trafficmanager.net

dns

firefox.exe

74 B
135 B
1
1

DNS Request

c-msn-pme.trafficmanager.net
8.8.8.8:53

c.bing.com

dns

firefox.exe

56 B
148 B
1
1

DNS Request

c.bing.com

DNS Response

150.171.27.10

150.171.28.10
8.8.8.8:53

ax-0001.ax-msedge.net

dns

firefox.exe

67 B
99 B
1
1

DNS Request

ax-0001.ax-msedge.net

DNS Response

150.171.27.10

150.171.28.10
8.8.8.8:53

ax-0001.ax-msedge.net

dns

firefox.exe

67 B
123 B
1
1

DNS Request

ax-0001.ax-msedge.net

DNS Response

2620:1ec:33:1::10

2620:1ec:33::10
8.8.8.8:53

any.run

dns

firefox.exe

159 B
101 B
3
1

DNS Request

any.run

DNS Request

any.run

DNS Request

any.run

DNS Response

104.22.49.74

172.67.20.89

104.22.48.74
8.8.8.8:53

any.run

dns

firefox.exe

53 B
101 B
1
1

DNS Request

any.run

DNS Response

172.67.20.89

104.22.49.74

104.22.48.74
8.8.8.8:53

any.run

dns

firefox.exe

53 B
137 B
1
1

DNS Request

any.run

DNS Response

2606:4700:10::ac43:1459

2606:4700:10::6816:314a

2606:4700:10::6816:304a
8.8.8.8:53

www.joesandbox.com

dns

firefox.exe

64 B
112 B
1
1

DNS Request

www.joesandbox.com

DNS Response

172.67.73.202

104.26.11.56

104.26.10.56
8.8.8.8:53

www.joesandbox.com

dns

firefox.exe

64 B
112 B
1
1

DNS Request

www.joesandbox.com

DNS Response

172.67.73.202

104.26.11.56

104.26.10.56
8.8.8.8:53

www.joesandbox.com

dns

firefox.exe

64 B
148 B
1
1

DNS Request

www.joesandbox.com

DNS Response

2606:4700:20::681a:a38

2606:4700:20::ac43:49ca

2606:4700:20::681a:b38
8.8.8.8:53

static.cloudflareinsights.com

dns

firefox.exe

75 B
107 B
1
1

DNS Request

static.cloudflareinsights.com

DNS Response

104.16.80.73

104.16.79.73
8.8.8.8:53

static.cloudflareinsights.com

dns

firefox.exe

75 B
131 B
1
1

DNS Request

static.cloudflareinsights.com

DNS Response

2606:4700::6810:5049

2606:4700::6810:4f49
216.239.34.36:443

region1.analytics.google.com

https

firefox.exe

3.7kB
4.6kB
7
11
142.250.200.49:443

csp.withgoogle.com

https

firefox.exe

4.1kB
5.2kB
6
11
216.58.204.78:443

play.google.com

https

firefox.exe

3.8kB
4.4kB
5
10
8.8.8.8:53

www.cyber.nj.gov

dns

firefox.exe

62 B
114 B
1
1

DNS Request

www.cyber.nj.gov

DNS Response

45.60.124.188
8.8.8.8:53

h5sxsjl.x.incapdns.net

dns

firefox.exe

68 B
84 B
1
1

DNS Request

h5sxsjl.x.incapdns.net

DNS Response

45.60.124.188
8.8.8.8:53

h5sxsjl.x.incapdns.net

dns

firefox.exe

204 B
132 B
3
1

DNS Request

h5sxsjl.x.incapdns.net

DNS Request

h5sxsjl.x.incapdns.net

DNS Request

h5sxsjl.x.incapdns.net
8.8.8.8:53

t.me

dns

firefox.exe

50 B
66 B
1
1

DNS Request

t.me

DNS Response

149.154.167.99
8.8.8.8:53

t.me

dns

firefox.exe

50 B
78 B
1
1

DNS Request

t.me

DNS Response

2001:67c:4e8:f004::9
8.8.8.8:53

telegram.org

dns

firefox.exe

58 B
74 B
1
1

DNS Request

telegram.org

DNS Response

149.154.167.99
8.8.8.8:53

telegram.org

dns

firefox.exe

58 B
74 B
1
1

DNS Request

telegram.org

DNS Response

149.154.167.99
8.8.8.8:53

cdn4.cdn-telegram.org

dns

firefox.exe

67 B
83 B
1
1

DNS Request

cdn4.cdn-telegram.org

DNS Response

34.111.35.152
8.8.8.8:53

telegram.org

dns

firefox.exe

58 B
86 B
1
1

DNS Request

telegram.org

DNS Response

2001:67c:4e8:f004::9
8.8.8.8:53

cdn4.cdn-telegram.org

dns

firefox.exe

67 B
160 B
1
1

DNS Request

cdn4.cdn-telegram.org
34.111.35.152:443

cdn4.cdn-telegram.org

https

firefox.exe

2.9kB
7.2kB
6
9
8.8.8.8:53

s.go-mpulse.net

dns

firefox.exe

61 B
154 B
1
1

DNS Request

s.go-mpulse.net

DNS Response

95.100.244.132
8.8.8.8:53

e4518.dscx.akamaiedge.net

dns

firefox.exe

71 B
87 B
1
1

DNS Request

e4518.dscx.akamaiedge.net

DNS Response

95.100.244.132
8.8.8.8:53

e4518.dscx.akamaiedge.net

dns

firefox.exe

71 B
155 B
1
1

DNS Request

e4518.dscx.akamaiedge.net

DNS Response

2a02:26f0:fd00:d90::11a6

2a02:26f0:fd00:da1::11a6

2a02:26f0:fd00:d9c::11a6
8.8.8.8:53

c.go-mpulse.net

dns

firefox.exe

61 B
163 B
1
1

DNS Request

c.go-mpulse.net

DNS Response

2.18.84.142
8.8.8.8:53

e4518.dscapi7.akamaiedge.net

dns

firefox.exe

74 B
90 B
1
1

DNS Request

e4518.dscapi7.akamaiedge.net

DNS Response

2.18.84.142
8.8.8.8:53

e4518.dscapi7.akamaiedge.net

dns

firefox.exe

74 B
130 B
1
1

DNS Request

e4518.dscapi7.akamaiedge.net

DNS Response

2a02:26f0:1c80:2af::11a6

2a02:26f0:1c80:2bd::11a6
2.18.84.142:443

e4518.dscapi7.akamaiedge.net

https

firefox.exe

3.1kB
7.6kB
9
15
8.8.8.8:53

www.google.com

dns

firefox.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

172.217.169.36
172.217.169.36:443

www.google.com

https

firefox.exe

20.8kB
114.3kB
67
137
142.250.200.49:443

csp.withgoogle.com

https

firefox.exe

4.4kB
5.2kB
7
11
8.8.8.8:53

play.google.com

dns

firefox.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

216.58.204.78
8.8.8.8:53

play.google.com

dns

firefox.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

216.58.204.78
216.58.204.78:443

play.google.com

https

firefox.exe

3.7kB
4.3kB
4
9
8.8.8.8:53

github.com

dns

firefox.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

github.com

dns

firefox.exe

56 B
121 B
1
1

DNS Request

github.com
8.8.8.8:53

github-cloud.s3.amazonaws.com

dns

firefox.exe

75 B
253 B
1
1

DNS Request

github-cloud.s3.amazonaws.com

DNS Response

52.217.126.137

16.15.200.72

52.216.107.124

52.216.29.156

52.217.199.89

3.5.21.80

3.5.28.92

3.5.21.172
8.8.8.8:53

s3-w.us-east-1.amazonaws.com

dns

firefox.exe

74 B
202 B
1
1

DNS Request

s3-w.us-east-1.amazonaws.com

DNS Response

54.231.203.9

52.217.33.188

52.217.94.12

52.216.186.203

16.15.201.127

52.217.228.73

52.216.137.116

3.5.28.239
8.8.8.8:53

s3-w.us-east-1.amazonaws.com

dns

firefox.exe

74 B
152 B
1
1

DNS Request

s3-w.us-east-1.amazonaws.com
8.8.8.8:53

collector.github.com

dns

firefox.exe

66 B
115 B
1
1

DNS Request

collector.github.com

DNS Response

140.82.114.22
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
91 B
1
1

DNS Request

glb-db52c2cf8be544.github.com

DNS Response

140.82.113.22
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
140 B
1
1

DNS Request

glb-db52c2cf8be544.github.com
8.8.8.8:53

api.github.com

dns

firefox.exe

60 B
76 B
1
1

DNS Request

api.github.com

DNS Response

20.26.156.210
8.8.8.8:53

api.github.com

dns

firefox.exe

60 B
125 B
1
1

DNS Request

api.github.com
8.8.8.8:53

github.com

dns

firefox.exe

56 B
121 B
1
1

DNS Request

github.com
8.8.8.8:53

codeload.github.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

codeload.github.com

DNS Response

20.26.156.216
8.8.8.8:53

codeload.github.com

dns

firefox.exe

65 B
130 B
1
1

DNS Request

codeload.github.com
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
91 B
1
1

DNS Request

glb-db52c2cf8be544.github.com

DNS Response

140.82.112.21
8.8.8.8:53

glb-db52c2cf8be544.github.com

dns

firefox.exe

75 B
140 B
1
1

DNS Request

glb-db52c2cf8be544.github.com
8.8.8.8:53

pastebin.com

dns

CobianRAT v1.0.40.7.exe

116 B
106 B
2
1

DNS Request

pastebin.com

DNS Request

pastebin.com

DNS Response

104.20.4.235

172.67.19.24

104.20.3.235
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
122 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:c47c::
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
119 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
131 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

firefox-settings-attachments.cdn.mozilla.net

dns

firefox.exe

90 B
177 B
1
1

DNS Request

firefox-settings-attachments.cdn.mozilla.net

DNS Response

34.107.152.202
8.8.8.8:53

attachments.prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

106 B
134 B
1
1

DNS Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:712f::

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\NjRat 0.7D Horror Edition.exe.log

Filesize
774B

MD5
6f740734988cea150865453779d48cb6

SHA1
238f38a563d6c40232c5998cf561dda11cefdc31

SHA256
a5f17ea50d64d716442a5cf69580eeff1345227571608b1804604d346c1f6a7d

SHA512
99026550186903d3af67b9bd26727062ab70ee29b64077b6996820649c890348d7418d6194786e241814b42216e76fb926e4271cf5e2433c07901c2192cfa1b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\njRAT v8.5 %M.A.H-RAT%. (Fixed).exe.log

Filesize
774B

MD5
00f43c470da61b69de1190601eeb3883

SHA1
96455cf54fdfc12efdc86af9b25d5edec2ce6b5c

SHA256
07b26764e10712a3db687267f2b550dccd7e2cf0b20c86b9a6ba26fac5b95116

SHA512
09754a6112efc167535ee71e7cb4ed635095f8f76a3326b19aa7f0d8091152a7c06c2bc7a2bfad0f50cfd19f67506c8a87a6aef3aab91096cf428c22aaa7133d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\activity-stream.discovery_stream.json.tmp

Filesize
18KB

MD5
a5c22c96f6211afd7a5a7623eae992c0

SHA1
06599e63aa514bd93bff557f2013f65d415b4970

SHA256
34694cdeb08ead9323049349348188782a4a152c52490395ee8cf1d194d68867

SHA512
845b7eac07de39b0c0836ac50002bbf14db6c870dad99055f3eb0719729b1a116fe5b219d5b836608a0b61f5afe66592c3f29526aa9783a4bb16397997949935

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\doomed\16399

Filesize
61KB

MD5
6ddc5de0eee9a8bee772cf73a6c212b8

SHA1
de2b67dd1b5f17040e3448ef9bc9a570fc25fb72

SHA256
06315dc95163ccc705e500bc57586149a2d113b2afc92c7b4c4d4fd1ae37ad18

SHA512
906b4cc4e8e3a187f2bcbdb0e76d1a3fcc9fc69442aaa10f2defd2138bc97c7444b99485d0243c3748242a82ea3166f67bfc629a30ec70c2cf497417b221b0ce

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\017BC7F2540A06AFE31D210041CD6C2730DD987E

Filesize
75KB

MD5
2c587ccefd9ac9358e53d9a4c50258ed

SHA1
046bb3fb1d42181fd5f7b863a6c16eeea89d5b8e

SHA256
8004d0a7d1bd63e9d1d6332fdb8b78ac1cfbe634e1d4fe35923fa0d8ccc306e6

SHA512
d5b3908834b492d6ee6a8f430d277c6413264b41ff15909cb8430d901c3a98c092256f5723dba5a25135762ac632bca86b6d77cd54cd3dcf65b890c7fff66414

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\0827C84D3C7B442D35EE34473E0A1334BD8775A2

Filesize
1.1MB

MD5
28e7fac56892e1ff3a8bbbcd0b1bfd78

SHA1
8a1af535fb434ab38b2f5b389311110f7efa9543

SHA256
534cdad7ba417e12fb07e157c4d013a4021485fce87a7ba454534b9dff450b4e

SHA512
95db0e162655b8f5a5af72cced6baeb56bec40f388781ad57a29476026eab0822b8fd9ab8a29bfe0b209700927ae10eef111a344724278371c5bd199a871cb5b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\0AD48CCCFED71D622CD5EA652F441003DD8917AC

Filesize
92KB

MD5
1b8c6dcfdf2def123d2b9f3ad829c62c

SHA1
2d4bf306e3a2092787a3d312f0b075b3706d5125

SHA256
c2a7e234289511ab66f0e33583f1bae384d876efa6e8a498fe1b30a943e3b2eb

SHA512
a6ab105494db5cbc84b07716e7eac5a394e94a6bd60490c8578557f051c22b8911f55ab817ba8cb7290fb2b9b7b8a6831305b6f0c3e77888200f3f418249d1fe

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\0B13313257D6FC6F13337B34BA2261D0A0A2ED7D

Filesize
15KB

MD5
13ee616f41fc7ae236d973fc6fb5aacd

SHA1
7b431fe9649fb15adb7238c209447b1b59923d9f

SHA256
df7a26b6fc06443df4f9549790459197707485e0076ac4bce3ba8f0d4278e1de

SHA512
e065392dd5416755de1bd767598ac388e7ed8cbbbe613aece13b78cc9be2d209b72db1a0efe6e9720f077d2760757910e84a8c31fb47ce4079a26c04fe6cf02b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\0CF0F1407EB86AC3B8E6EABC426A42AC2C48A4C0

Filesize
15KB

MD5
00a8f48499364f5f4642612f3300ea08

SHA1
4dd5c74261bd1830a3bdf63c3b87c2a8e4510a1b

SHA256
4294f0f56421ab7b079f0a2803d53bd92308fb5ef41e22c5c9bb9693cab43caa

SHA512
8c3e26f28d269ebe1cb4b9e62f2a4107d1fa991964c7b147f4755b75d1fa38f3ee776f2c4e7ee59dbc7efad824c541389998ad83921b11e92561cd506eba0bb9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\0D30F761CC1BE59927BD88E916B0DFDE4A1D9A65

Filesize
17KB

MD5
eefc0e8256a2617545cf13583f6c2ec9

SHA1
622b94a613cf3d211902bf0ae4c1b8c25cee9dc6

SHA256
9d3fe2029fd98d92dc04c75703d20a3325aa8f475cd29f1d091b70e65b2086f7

SHA512
bfe3bf90ed3dc5b828675325ed4742dc8e16888550871115698898474da06eba4de4f094920fe6ff8a1cf72330695fdefeaf64fedecc53f0d7678f0e3f15a81f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\10BCCB73BCFA9110AA42E9E1004A6D17D4128977

Filesize
15KB

MD5
cccc237b90e527eadc2c60f6797d2d7c

SHA1
6eda5d5cde2331e389a216f707db93c570f7e7ca

SHA256
259a0a2a24457332b2575d572ff316b71128faa35f1fdaad00ba8df68bb641f3

SHA512
dd4a91bd8a84649a4e2f3b1d3e7cb1aed7fa905c7a1bd77ea3227ee4dad5b00b67a539a5fd9e1614943f1bf51228b5f182cf63051bd9be6c7041e9b74503f8a1

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\1501BE1DEE2A719F1D0057CE39086DB4E7E68C55

Filesize
135KB

MD5
d36c9dd7a1ac287d74fbd327fbf9a785

SHA1
667b673e4249ade7292ff290c7ced8e10dfa67cf

SHA256
4e76f7d1e928774a64c7bc0702e42bc8346a097c2e4c901a2d15e43a8e58f59a

SHA512
a4626808a57ff65d1db59d02f01806c92ce8088092a352f39ea0da430c2a6bd3b99d1eea16a364239626b66f008ea0990adf01c3d5dd0e3df82929ba9faf446b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\1A5996C16946393FC0B184220943714409DE2FE0

Filesize
106KB

MD5
8ba4340dc53d4b13862f7f48bf79f4d2

SHA1
30af3d423cb46b59f8c3828b9908121271c9fed0

SHA256
08dfbaf54a164a94b41a70b729f9d57d726c03546d948635f876d7241cedcd93

SHA512
0eb83fe5d01f452bc03f2046f70275bedde53e612b275251cbba8e5823b8bf77974609b4a04c1c4b937d0d3f2def2b798676581109ece5f61701735da4dddb7a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\1BABCB54677568DDB2D555AFE2334CA5C9900BCB

Filesize
14KB

MD5
041cf3b5dd7c61f7f4e4239fb4eec934

SHA1
1453a8db90a75b90ee68ea206f01ca54eb619e8b

SHA256
dfacb5d97aed2c71ed1e32803b28fec79be1c29c343a1e32c80e5cb3b848042b

SHA512
ec1225f3515a46ec35bf1f60c2ca36f2dc1885477cb87caeb4373d748b5875545262e6e8490515093c80b0ca3a0a01373f1e8f76d3032f852d3d703d5118a00c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\1CEAE45C047B1428410D2893720062C74BCEB3C2

Filesize
78KB

MD5
f025fbde603508d3975f9402fb4adb1f

SHA1
ca5186882abff17b83972bf5fd6ea6bde38f2cdc

SHA256
f5f329053760a495df0d5272de8d9cf33fdc825925e5df4977352d46ca9a8a2c

SHA512
baad9ccb42d48f271199bd95554fef11c3f8ecd956c6ca99afe5c9e4d6b2f72a7abb9525f7c0ea426fbca95724f7b42247b6f1925f8d4196a2f6e3d2e6412b14

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\1D21D45E2B08542FAC74EDD31329C7BEDA427F75

Filesize
135KB

MD5
f77d7eb409d6bffee826810a39bf5520

SHA1
d0322482a3d36d2178aa8654310c0fc80416fad5

SHA256
967820d3e7e618e456f4f18417281641b193906fb3375efffa5a0d714fea84a0

SHA512
d61c0b2ff17241722a229b528397c6487c646f21f98281a916240f5492e0f6f17f2e3f0432f478a2d7d9798c6484919996dea49f1fe138488393492b4abe5ecd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\1E7E27214E0EF7468777BE69B17D27D23C4CA4CC

Filesize
86KB

MD5
615d5ebe551a851a1fdc8e800e7f7a6e

SHA1
d27497a0a4ab8c5aa7ff3e2f9eb9b0910d0f1940

SHA256
3d2671db478fd424518650a5369f1681674374f353780131292527577c3d591d

SHA512
25cd81b4f6430b4ff327a2bf4fce961b70cd1b6547c2c156c9c3955d20a50e9c8946e576ac7479dc60b89921055664aa8c00425cae64e9c2fd3dc82d18efd72d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\2998E1097525246DE6B43C2BB81A93EBBC5DD965

Filesize
15KB

MD5
a2af0aa2e1dd5a6e1fae17c2a6347ac4

SHA1
12640a7b3440ecf27b6bdb5f6e69bdbeca955801

SHA256
cce903f76e765d6f2d631c52fb6282183dacddc0fc5baf91fd0f9fa29e532cef

SHA512
433317185aafb3cc787a332828d9c2f534af47ffbd50fe46dc04b81bb79bb1dcc0f49fb41732799f67a8d823108174472008ce7843862ad7542459cf09cfe729

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\2AB48A17794FD909710EDA0876541C9DBBC3006F

Filesize
35KB

MD5
427cebed0f8ab78a5011c3caf3a7e214

SHA1
d6adac22acc60a6dc746fd9d76dd7c0cf9cab4c9

SHA256
08607a3e3ed866a3c23361773eaece5556d7a69ffb33c5c7290043cec5a85fd0

SHA512
a22b09b982fec4892f98e7c0b7378c1ddd91c311e2b1594ca6f1b68afa6a825dfa51816fbb1c566c017b2e59a93b08dc0a3d65dd0c8f2b465e7f36d5a9325061

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\2AB9AB736AB94D67069F732991337E0C28195169

Filesize
49KB

MD5
84d84524348f03899d40f098bf22e047

SHA1
8129fa793e10d2bf1b2d86594c41379405fbab64

SHA256
4b298479db4c00ba5c09e2c197228f8e78d29baf863bbe9091bb470be34af0d2

SHA512
db44663525050e77f9236b6d7f27fd91bc6657fbfb8a9b82710e5026eadf5a61186d2ab38aa72b8fb1d2860aa2f1ad51b967e2409b9112ca3815026935ab65fe

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\2BA32AFA66FDCB1C2943D5CE19C292DFC72FA87A

Filesize
13KB

MD5
756b20670f712a55dd939a16f23a0bfa

SHA1
5cbae40e67f8e18795b70201776472639a25ce2c

SHA256
7a31abe0390a401e110da0aca75fe3b1191fa6dca32e2b1d3fc94209fad5e07a

SHA512
28a682d76d98ca169ea61d1ea316988c1012be29807c048b53117a66f6880f7ca1cd56be82295d4fc53782793a50814bab9c20c6cbda7befd08fe80a4bfbb798

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\2CF2F6F74C80E7179A0583028CBEBE6C19DC22C4

Filesize
86KB

MD5
b4eacbd06929c416c798ea49b3b805b4

SHA1
ed0a71a3654c409f83d61d4ce66bc11134a74c2f

SHA256
c79a3f76fab31d0762e471c3f08223249452402802eb3954641744af5b8b8651

SHA512
52794469bc3de8ae9054a918b23382c116c2b3e15ed85380e3c2cccdb5e8ac8771a8aa87eb49ac0adeb88c7bce9f2b77bd8861a23fbb3fdecb5a282b3a33d764

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\2D1C9043F1D2781E618429DEAA41E52E7D9C9AA9

Filesize
545KB

MD5
9b13aac62e636e18df8355b024626a67

SHA1
c6c9fa06f8d9422ba1da4a19b0fc15eb5408db15

SHA256
743d7ee44d9e7679f5882a69fcf53fadfb1f1ed7dea8d214c351b3397bf004c5

SHA512
b81588b5748d5e7c12b5e623e6e5fbac0bc8ed490132279981c13145dd1ed8b41761c4aca1e5158d8b983c93b0ee904cbe0b6a95959d43504b4bba085a055f75

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\2DFC666834038200987B8347FFB39CFEE8CE2EDD

Filesize
285KB

MD5
c54adf624b2d7eb5b821e23e137fab0c

SHA1
52f73929acd2bc57ee66fab7491dc47245bf6d1b

SHA256
725d924a7edbda65e0ae23fa8efdca4ded792e8decce3808ca5158b3e706b4bf

SHA512
f049fd96d69dc1799cb1c17111ffba3f5b4444f1fa751159bf16d8e64539005018d1d3229f25417fc0ab623d1ce37073b9ff3af5367ab59f9b93760bcfb5c152

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\311589B5F7E27FD8DAEE1AEB3F2A1C1A3FFED5A9

Filesize
16KB

MD5
3ed6adff973ad3a3ded9d30640941276

SHA1
db27109eaa7bf2a698eef2eeb5783233bff3df74

SHA256
7a5b7b5a93bb5e4ca91f8845a34af737b293e1990d913286ca610d90f9d527a5

SHA512
3ddf7b4a85a58f05b6b7680edadf10e8fd3f21d6b4e618e904bef50ab702b55e2388b447a1e23d8ffd1b08cf171a30bbb6b5171036c1330e9a30261d6c47d1d7

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\333B26B98F1EC5DD800EB6431717BD8EB238CED3

Filesize
18KB

MD5
05320cf23d7296b8c09ef96d06d8d7b0

SHA1
a68b225ec8ce3b69225ecffc450a18b3c99dcd17

SHA256
defb5eeea4a096bc5bf416dae7fbb30f7f7e2a3511c9346a8b3eadc5c8fef7bc

SHA512
7a6704316f9c3c21418617fa96f49bfa5e5c36fd27288b5dc64706eb739c80ec66ac359e7f0aacb1faee8aa2e5aee8994f74f2481a3a7d1b2767e2259620b327

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\35E852332BF25461B5F9E6A5363D5A0D856FC43A

Filesize
37KB

MD5
ab5c52d791ecaba7f7b4a1710c700368

SHA1
30b20d13201fc3a80ccdfaf459b4528f81f8ca2a

SHA256
b4b0723b8000c8d4104733470d333c9d17abaea1e10cb0b3d0b0090da44b77a9

SHA512
d4ee3e33c88f7bcf69d7f365b320848db77534cd9f63957023c452b18903735cae638f8e51992e55ba3f58a6d07254a01af70dc61f3071c02fcd5332da05f48f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\37B37B14AB883F4023179AB9395170D0E8437003

Filesize
5.6MB

MD5
f3399a6ef8230a012a06b20e2efad629

SHA1
91f4b8221bec76e269d6b1228efdabe487228034

SHA256
fc1625f1bcee2b774f60f59bc25fee7daa88cee540c7055e11646fb50fcdff2f

SHA512
87a4f4c867fd74a25fade3fca487056a8743cbed70a5d20430e0daf80898684255c74521fdb1cd8e3d22ad5561d44c3ac4c42088b5c09f7818be8d3679a2d647

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\3BB9C2A4A67F0C8E82DC320DEFDDB8590711193A

Filesize
76KB

MD5
0b0e8cef94d02f421c8855cf21c11466

SHA1
be0921c47b4ee25523d0db78b79809a282fd16ca

SHA256
61d9adc43a45952ff91e582398736546de15c531a89d3e607b660697cd6362c9

SHA512
76f33b0895af07948c33423f6d1ad68d83aaaa467b8f98c28ab32d9332434e73852517fb49f7c0f712c145b5d5e157417aae3fd7e8df86990e0538c3942ab6b6

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\3CD3193A1BF5DD1F68A18C865CABDB5A989C8AF5

Filesize
105KB

MD5
22534ba62055e564a47643aee1fece0c

SHA1
768da0d715c41edb61a1f93f608893815d6cce76

SHA256
17c2463c94d9c0ad6195d85f47a0886f800733c28f62c301f819337d455df79f

SHA512
5541ac511541d6c74da99a15f8be2f7ef061125171418b14d458f1475bea6edde055c28a9bb950f125154795acacdddf0bf3454a06a340cf546fdd020407270b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\3F62E3A3C0EB1E9194B38733B22BCF6B3A2863A7

Filesize
48KB

MD5
5ed23676f8f30eb795802b789fa2413d

SHA1
6211b7a062490c87bbdb07dc838b2e5a667b4470

SHA256
6f2de7cb710ac93380a117142ea40f5037aef3f589bd8eda9a05b96244c49aee

SHA512
9ea10e4b5f8ed14c7ffd21369e7e72601cf71ea04cf14c461a03c3d2c6fa5ecdaa19308e7ed33878b9a3c34a817b979b53f38bbb0acff3a16a99780d4f7dce0c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\410EAE2B1441AE4133033C22CC3E874D18F2EE85

Filesize
17KB

MD5
d53701dc766d0a3fc46c4d63f0ccfd84

SHA1
8fcc588bac7043e2742e578c35febb9cde23a721

SHA256
ab16fa0dea43bdfabb3a6a9bc877d4c240a7078c6004bda1d98e5e81a212eb56

SHA512
453fb3242f5ca048a974b298fe74f3b84bb070ea85630aaeafbe1722bc55a9248ad65af5db8565af584a054edee016b86429298c1c9c6bde8943f870dd7cd935

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\4A5B9E0FB792A4FF08AB57D2BE340D3867D9ECE4

Filesize
1020KB

MD5
26fbd1ec9eabde17bb4a6a8a77e373ca

SHA1
0fda38af911726d6d1d4fe3b7b20902db5c949a8

SHA256
5c4966f31116d53c082b9104914c8ec9b7bef8342c525f8473eb160f514e744a

SHA512
ae699a9c97bcb837038424a8495db397fddb77a7d2072f26167fd66f0f3289c98d47127778e4bf035c1c288c0f3e2576430a6a569d06cb658025279b7487d401

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\4C3BAACB5222888D0F9C6C99BCB711EEE930961C

Filesize
63KB

MD5
db01036b0760b9f0c8bd785f310acc88

SHA1
1917ac7ac7aaf5986a610b9e5922e0f142990eae

SHA256
2d2269dc647404770ee95e394a171b1458c3df60edb319afdd3c4ebd87a5c910

SHA512
6a2c4a4b43c5287d1e47e3b2c3994ec01151c65d1c304e085430300e835a13df5b08b9b06a7801a0329ffc051d03be33f0e1d51e29a30936e9ab77a849002517

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\4C9BEEFFC327D8E91F0999545AE79CB6827CD366

Filesize
67KB

MD5
fb2840da9b0dd767d9c8464067fe96ac

SHA1
dff2cbd6aadcd4c48a3ab6017eb05d361a0703a8

SHA256
5e8d27c43cc84c87ead030d7f46584a161395fc53874224dc3f62f4446893dd3

SHA512
b36ac64e96c3e3426aebe868fda0d61d2c1b22f0048cd52dd1b6530cdc77a0e7bb4419b737803c1dbdc7772372f77a057482f5b2fd8080aeaf5c3cfd2dd34ea4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\511507882638DE8D81638DA5662287AD6B11014E

Filesize
112KB

MD5
b9e47bca83e03ff4ef713efa02b721a1

SHA1
bbabdd05c4817c76a32f1ba55df71e49a5241a22

SHA256
d62fe7c6af852723dc5bbbc9f5940fb7d709116cf89034163b0b8e0f9b6e6f9c

SHA512
0a5c797521b35abe8588526feecb46a24c55354becac373072b1ecd86ca8fcdd3c3e897b168bd51fc30d44742ee0253e6a16959e0902409023ca5e1ebcd1f669

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\5176CDF913CAA490C62F227B7DFB8577E3CA4A65

Filesize
1.1MB

MD5
0caf0b739368eb37eb3bcc37b4c624c0

SHA1
f02e82786847ca37e8ea02386a0e46b10dbffd62

SHA256
3b9df79e9492ab09f8bd9194655926ffab3461643083705045ce375f2ce4bd34

SHA512
c19b493fdac7bd18567faf88adfc9c38e3d014f052b44db6f88823fc625e98fd282edf36dcb0dafb888edcd8e932604da2a1fe24670130777af8e8c9eeceba6b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\562BF3A49F4205812D3E921D70153F09399A4784

Filesize
19KB

MD5
f663ef54a8f14f355481416f5a367f23

SHA1
a5b5d21d7edef3b48a0f13362d2e0c9ee589f0da

SHA256
cf5c9239e3aa50df3d95ae74b3d850fc21ab2e6c4eecdd94ee98efcf18e81997

SHA512
2d76182642dc3b92e805ef3075878fe55211b9a9a00506a09ad934cb4a0c6843f96b259f988e92eba52de98a72810751337088416ece64a12dba472d4130c949

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\562FF196D836F1AFC2AE5F16AF4FED1BF683B7E4

Filesize
27KB

MD5
9db41c9dd711a0973e74e71cad95537c

SHA1
bf69fa19c065b123f0ddbf4a4e72184e1223a24c

SHA256
aa13c38fab292f9fd483ba705bfd5d333ecd44b9fa50ff175b152f3da009178a

SHA512
46032185c77ba22752416932d972d7a2cbf629f967af4397796f5688249dfceb5535f59dbba8ab94b4c935d60236a4801727784895ca3419a0ce01dbcc85fbb4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\57C2853562EE2D47A5B908D8944F8026EF589306

Filesize
173KB

MD5
5bb6b1a1f648b463cc00c71be8b45465

SHA1
a1fab59948659f81e1393402b19c9821daf085b6

SHA256
8f07a5bf8a6e539e9486ece19b4b69b8513675c6b6dfac5991fda4c3450b9786

SHA512
9c23a509f8649e3c2d414fb718bc2b1a74a002544d751792343b7bab6fbb0635dc93b916062d51d181f5fec333b9ba0a51b7ad692e83b97246323243a921a5f5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\5ACB46A5A72DCA2C675A19F9DCC5C68E4EEE16B7

Filesize
14KB

MD5
a329a284456cf0255583cc4cfcd07655

SHA1
174b7014c69f9a0c473cd0b229889649fbfbc3b9

SHA256
b01156fece7f1780cc2c7e7cefcd0ae38e1dec9946a767f69e277c912896f2bf

SHA512
930bb37993bf7cc5daefcdeb6cf23548cf37541f06a49f85bab00434fa6f8b0c4bff11fcc7c0f26c5478444829c39cca503d889648351cb55ac37ec2f68a2201

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\5B2229BDB395F90BD36DEB8AC6207436CAB7997A

Filesize
76KB

MD5
39b9fa583df626184c70f3b3f706a2d1

SHA1
9ea9ae8d14face04b38fbaf6d81c6bd8727ef1f6

SHA256
ac622eca8d42392d8f9d45c33018ba5191f0d0970ad701bf450907b5da71b3d8

SHA512
7d4e859a0fed9feba1b9c465f343be8d6e2dc1e7d9535d693139f2945a95807aaf6729fac90116a9fe1d89ce2c92c7b8d131ef58ff5d9e736186146efe3fdb4a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\5B23235D54208C34AFF88FC6F18585FD8A8F8FAD

Filesize
32KB

MD5
4ca152f740f198a5dcf3bdbcf7d49949

SHA1
5d45e7249265635d8973bd7c7c3c33533ead82e8

SHA256
844e9c824d452751ae7074f47620279c4d7d8d5959df7d0855a42c378876ae2a

SHA512
1f9088c10b70da4075fc4a20bcb93a4d0174e04b70af7dd5cc45527866ef2e22a2cfa7bacf3e5ca0f7a4d570d19ef3eeb1ef7aa9fceb28ee6b4218f6c046ad9b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\656DF913E20E28B4D7805BA0F6669F76A764BD16

Filesize
31KB

MD5
2c6293195abfc01bd1fca301e9b4e6b6

SHA1
7735a9db5b9305adf3e3aedbe1209976c768d4b8

SHA256
0b64813b8bfad5f89a133472b31b540ff81107fb998f4ced39a4350984d396cf

SHA512
65b2d08119526b28f7968d8472a70ba19edcc074de2cb43cada2c47c339dae7467d75c700a3d609e486e85fb1b98f3db562eb61b128a2eea17ea0726d0382e2a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\65A97A43B9C29CFD7FEF9D38427DC7B19FD74262

Filesize
15KB

MD5
8be3c950418782a476c5ebc4c8072d3a

SHA1
24f9811c92a65755d4b8185f47065b5379f32fdd

SHA256
16f830b94ef0adf7ee1857bcb481dd2841e333417acde22c3ff371c18b008877

SHA512
16f4f25f74e02c79f20c6efe70c2904e5f44ea08e1b5fe887b3976fb6c628a49255f23c56864af966d772b3a2ab77faaf33ccda20b3af7dfb33262773787d5fb

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\6861C853182D152D10996A8B97C753363C7D2126

Filesize
99KB

MD5
9ba0f478ceb7168e387988db03db3ede

SHA1
c052e336a71bbf492b49f899b82f92a17abc0d2a

SHA256
d4d7946a0ba291f9409d042e961438559640f84b625c6b4874b879d9a91a1386

SHA512
8f7c91ffa47d7db39b4e1e41ffaae8eb506380cb8bf37da111357d239269809e0491678b29823da5155826a43e40275d97868aed3bfbc361d5ecaf542daae5bc

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\6CC018184AB2CEDE13A12B468231840323786EF1

Filesize
75KB

MD5
f881c076defeb24d30931dc5bf3ba6e1

SHA1
dd7b76e1b0079dc5fb984e3a93b2d095fb30aa09

SHA256
66a3aa909fd398cf9ec5f612192f11802f25bf4a5e325a35cc2641b1db7e9964

SHA512
2f14536972cf7ab6cbd0be4ce36cf07a08736ef56b6d11ace4adaadb23bd0a39680425996033b8c5de170b79783aaa241caa898ff3c9bfaec448e1cc6016a083

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\72F52D8684AD5DD9AACFCAEEC885DB6D5EF0A516

Filesize
90KB

MD5
52cbc2eb864fc2fe019995e640827a26

SHA1
4af5b27079470a1240b85830183a148443c09eab

SHA256
7afa886f095e24e9ddc4c70a6fd2d7a8788400d9e20cf94f5065a2c3957715b4

SHA512
13c7894ab5f05f59636b370c05145e09d2ae519914d8dd2fbed0f7c9d3b4278624ca38aef55a67444332cd79e0491129cd4ed364e3ab2613b2a1b3e34e46072a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\791330E40F88EBAE8474C7D968B00562F7B347A2

Filesize
23KB

MD5
6c7302e70951b0fa8eb1f08a94605d13

SHA1
d4e009e3df8590366d2fd58bc3b789cdded5ee2a

SHA256
65ac83c211acd137304711ae7f1635592f8a4a9d63152607f8dde2f041bcf4a7

SHA512
dc32e3e61d3c6d639570cd33a958e5d7ba2c651eb9f6411e9bb51ecf3068fd8fad28d28acd550175b25ff695f057b8ba24e1f08eb98d579d51e9fe8e4770f869

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\7A3F758424EE690930A9C990171C8C4F11C336AF

Filesize
15KB

MD5
6b7b52ac6cef67737101fec17401183e

SHA1
a3b1c95be6d812d21789b461834de8236042013f

SHA256
fd7f176261c6e6e6b19e008a302bd310daec506047c9b7a5734f25f7027912c3

SHA512
f65ace92141076b429264bc94f06486553d39092a5e6963d124d72e8b0130467245bff2e4028a2147ffb6c508d4a3a8cdf7049b329a672e64d1a7a88088f053f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\80AC33A1E2DAE32BEDA49B650A4340A38765BEC7

Filesize
15KB

MD5
aee1c657d153be719e02fcc19873ef3a

SHA1
114f4793544e6b182355ad9271b7a2ae563f7711

SHA256
b29f5718c5f8df6107b1aee95de4df081e19cfe1e68ca622330552346b49652a

SHA512
169e21568d6d3d1b497ed3dce5b6a5b2d71f4e36ac0944c56fd602dbfb4eac47f55fa298a2a4ec56f7cfae5d2f43ca2e6cf1d6365c6093eba2df2c67c950e34d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\8C2C0BC97DE6B313E11C23586632C54149F3EE06

Filesize
17KB

MD5
410cce61a6a10e8f92269c11bdae27c5

SHA1
6e2a6ce8b59370910e82a92f0af0f03520bdeb8d

SHA256
a86f66301ab2488d7353e8ced6b7b0b63dacf3a4de3fa8d5ac8663b744043fc8

SHA512
0e4bb8c57ff5ea78522bf6d6072e3af5fa54e0a5d98a65ccc0feaf67aa02a9e1bd2a5750efbbb11133bd516070879cd7f6b3a37a766934aee051b11244810cd2

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\8D11864F69B6D9276086D87F1C72386DC26A1DF7

Filesize
17KB

MD5
b4919abb6d3fc37d1657274ceec9b6a4

SHA1
df87fbd4284e12225c5787fcd4a303e10e87169e

SHA256
f330102e62e7ad3e233cc069a2294a14320843bf5c209696d722147f8482e7c4

SHA512
6803900dcec43992bae2bdf47348e2b87afdf9a0f15b60b415ed5d0236b20d62a2296dd0a5b0b3e668749d9f6de4a43ff22de049d4d79ad7d788ccc6c9fbb999

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\8D48981A22757A5037BDF628951EBD16EFE11620

Filesize
58KB

MD5
db1dd4e49cee26c3a724fcd035e3c9b1

SHA1
862fdbab3890c0b4f09724179201fd17b186eca6

SHA256
f1afd64f480ade7361a8ad07de73e11dabd28f2be2077422b888e0801916a81e

SHA512
7dd004001457b98650c5945093a154146848913699aacb37fbbfc6ffa0bd12a1cf80c7967f7bc2d72cff2737c20620081ae75548125ed1c946b68bafe120da9a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\8FC1355F33A1267C80B78682DEDE9D38A6934343

Filesize
68KB

MD5
a3d09da91e3f32067ddb6f38b86d408a

SHA1
c2d8157256a37ddc6d853a36a4a6e0a0a1167ab2

SHA256
22a7db2c5ef509c0ee422fb080d276120b56c549af1a3aeaec37cfc0f4c67562

SHA512
2c85818c4f92c6d7f1f9040b3d7fb866f23098a56da5e4cc4e9b409ed28640e0302cb0f7fadb0484614470f93eb8ccafe35e73a36a93bccddbf3e74af45ba57b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\8FC913831B9FA76A287AD81C3AC6702280163985

Filesize
115KB

MD5
4b5983a37ca8ab36ef997bdaa4aa9cb4

SHA1
a19d71123d2dc3ddd4a9e4ed5281e160cd5255f5

SHA256
0eb5bf6ba861b72080e5aa0fd21faa257960c290b411f9f614461704fe01edc5

SHA512
8a2a03ccd3687bf410142b88379046d613925874d30a6a2e384720cfc6f73696089d860385d0fb7997a799351bae012b606f1e4f64ba0ad149a5848bf5efed0b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\9080F1A7BEA59CF00E58C8B6212044E8BE41F4D2

Filesize
174KB

MD5
8d3b500ee1ffedb387065d08c3291299

SHA1
9cfc06f627811bbaa503ef2d665cef5020ee0f2f

SHA256
b3c1255687dae9dc3edc562dc607d640e1aeeaa8e06b51907a6efd38206f2470

SHA512
aac4b016e24ce31f2fc1bc473aeaa29c57d5301e63a50056e0aec6aec7e3d2023e73c69f2080d3e8f0324a90f3a4292f02a8157deb6c106b9448fc5b71c7c600

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\90FDC606900FD505091B5F293A8700406004F1DC

Filesize
752KB

MD5
0a23e795f999dc31231cc4ce46558765

SHA1
fe32bfd6f6eeef27856e5b581aa81b9b4d290634

SHA256
82d6b1e0843028016d4a918c5bb078489f7ac643c87a642ac33522792fafe485

SHA512
d93b328515efd9347e35a8b71b999cdfce1e11ef1a0258f84f8420a4ef2ac0512a4947fbe209bcd07b5bacc133290ec9f41988868740405d1334b1316ea35e14

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\91C3648A6CA30B10431765CBA6B8E28707321AA2

Filesize
2.2MB

MD5
3f4b72dc58a089cbcfe9d2070f57028c

SHA1
87aaee9920a8dee461cb2ff1902af22883198ecd

SHA256
203f8b08873c5b2d3e3ba8fc2e256fc0be05dfde69a6743302060dbd2f4f511b

SHA512
8aa5660f3f013c1006e611a88e4b5c613bd8a43d87821eaea39557657350d396c92f902dc38517dfda8d597c45ea028f99c9a41e027e9dac5c8721c78cedce72

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\97AFFA25C9ED84269BA5F8059413E057B9831B3A

Filesize
94KB

MD5
4f86407a6814a783f5d2c0082ba084ad

SHA1
bf32e4e0ce85e1aa7280b73b3f9a523f2df7e988

SHA256
4b03ac6b823f9fa1423e7e58bd15322b84df5a7803c066b8b27fc3c2f3fd92f1

SHA512
35191b9193f151dc7c3728af6882cf6ffbaae0acc2c9031257b6c15cc91764fae153e85da788b25e5ac2f2366d55f49ad7e86e831471859ba0f3663fe1988050

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\9B4ADE18D4C6D4D7D38F8A06CC927B6E10CDF2A8

Filesize
15KB

MD5
e7172943fe84ff1160f2e8c99531542b

SHA1
e27d1e531f20f2c24c8f978cd00a8c382f7d2b6d

SHA256
350b7210c504a9ad756d280f1050e6fb14a42ddeacf778754f8f3eeb11aaeb3a

SHA512
ee6c715d8922a235409db9f9314e56bdb02e8c1dcb9d16febd85a1fa57cba9c17df704cb3fe2724171a9af958b571a0342d0268465c45812c19a7ff58cdee12c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\9D033246B88529920FD93FDFF568F2C5FB4176D6

Filesize
137KB

MD5
b4af3721358d5f05adaaa7854aab394c

SHA1
50a30fc9a4469c916c8fa75e129ce2d3ce4bd943

SHA256
0a8e7e512ac227aa8e3e543941597678169ef09f4f51850f81233c9cbc2be284

SHA512
901262871faba85841cf978c7a62acf45233e4afee6eec824198ab1a18edee218262c8d85b86314a7a8b853fe2260ca9abaab12aeeebfd19301e680a3c2505e7

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\9FCC642E6F04F6DC5FE848F65F3652C6F3C21C7E

Filesize
188KB

MD5
d6e9ab65c36469bb5c495305d94e871e

SHA1
3428aef500922c82bb262a0e61d6a944ec482048

SHA256
fc6ccf7b10c76bde2aa755d1e62356a2649db1b22104d27dd3b803f30ffd9a76

SHA512
eebc439a6500d32745047693e9d1284fc0d01d1a356ffa51e6a7b0aca3871774d52ba24a75672bd41e8c50bcdc12f32bf928948476dd230af17ac714c94267da

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\A585344A45AF937E3AB7D706291A9A3ED8D581D9

Filesize
13KB

MD5
1b0cdb9f495634b02e133bc9ffbf4455

SHA1
c0340e869c0dc95aa889a6bc647b3c62b5aa89ca

SHA256
fa120f9cfc7182d92ecdf569999ea838af543b1e35d99dcb930a0fa25f93415c

SHA512
c2743fdbfab58db536a5a93fa1d55d4f1168642018dbe9e5855c6d38c233727a3e42ebbaeede1da999f6f104176acbfbc3a6b17d46080ea186ceee4dd3ccb402

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\A8E1B82B0A93B82C56A14A940B09D1683790A792

Filesize
15KB

MD5
ce07d3e093938a3c03b37485236abff8

SHA1
be841f5284340bbe1c8a26c8f91a93b1de086a13

SHA256
eb65c02112f979cceb64f4973177a9d59da4655484f51262e20e101c72c78445

SHA512
10da203808b2ddda330cd53d41ab5d0eec91cf92f503ca3c4c6f91fa3a8a66c3eb288d60badbb89fe729f54a4f9c69e0307e71330397b45169c60a6616a91653

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\AC09D9320798EC24FC34C6936C60E698F3611531

Filesize
129KB

MD5
9c832402810e7d4e148b6d2a4c83ad08

SHA1
fed357c946789d2402c61666ab8b35d856a31715

SHA256
8d01b42f5e42dcda38ed5b6010fb76e5d4356db30cc87559913786b2c2ae2d9b

SHA512
d9e0b533878067e1a5f21f15b9a5d7bae28345aa30758959744b96b37445ad413ccbccae2eebea8f5b67fcf018fa1ac782e9be6f75294d2248357e365c85ab83

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\B0D571D21BBA0E8842F5922F0302DA4FEE45E818

Filesize
81KB

MD5
39cd08e9f148d2364959bf70d923fc02

SHA1
2c84932f4d73202dae3925cc3c39ddac55485be1

SHA256
875c05622d319eea92f0c9f7a86b54f8a4e71b15e42b8baa34497fdcaf67bdd4

SHA512
dfbb13fc6d9fc5116b640c7f9eaf7d570a04c129e2eda34efea28302b2745aea3e9a7a93957285ad77f29553b3fb6b9a46187eb18af384c85e8e73d4eed6a5f0

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\BA691253D6977C6A0F38A8B045B09BB94075D81D

Filesize
794KB

MD5
77f5a00e025794e5c9914e06060a15c2

SHA1
297cd890b205d71ecfeaec30dc0cbbca85d26f16

SHA256
11fb859417d47dbf1a511d3e7bc46da1af0b1f11a704bd4015238565d7fca41e

SHA512
868de18b8ef14e62b16246e22788d29a304f25cf771705770b1310b4791b0105adb4e9e0ce463d75a761ddb3c730b026e33e486e89069cfda6ff86af55ad11b3

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\BC02779E4549B742F87E407101403B7CA65078CE

Filesize
17KB

MD5
6d1d7da3f1580f542aed98d05872763a

SHA1
94287af7139e3abe43028d48cc45eb671b1dfdca

SHA256
72f72d22cd21db6462a3d401e6ce1b7b59167aa2bf8e8c20a78f3c79a77f716a

SHA512
540374672f42c4f167437671328f85a73db391674abad23209743a8fd8597fb0fb4f0fa78e1640e6cbc577afc76e9aee44675aef8201d9c98556cc3d3225edea

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\D25E85E603A11F18F78BE7AE4166FCB12A85678B

Filesize
927KB

MD5
6b0ff956cd75323d80e9ba5e73adb767

SHA1
194a75675ca857aaac2fb195622650cf104c3625

SHA256
86dad92097689870b48837e66e020eb3813584451f3d1eba377fafea00055325

SHA512
b5b0bc45f85e2ceeca51af9100d459e9f9466265957eba59632c3e8a274559223efcd1260f9c6f2e5aaba504d0a86438b16bb455a3d9a4ea17e62254f1f9cb1c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\D8AB09ACC3B7536F2258769A4C5A08D14BCE5E04

Filesize
815KB

MD5
57411b317bbd504b9638026397288774

SHA1
c5c3b974f1f926cc0c4de7e2c3d32cca5ee27a90

SHA256
1b5d63362effc766eb47a5933c454bbba1f87e352677c3daa44229bff9b3277d

SHA512
5a330b4f69f7b97679ca5964c04daf70a9814b9829dcc6c9d839be9100abc0c13a14350439081e7cee5ecb310e2b9d4301cb79aa1ef1eb0f91a40edd11fb836e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\DA119B35EB91021DBECAB7E9DBEFB350737000D4

Filesize
201KB

MD5
2005e00481953e2aff2d30a55cfa2c3b

SHA1
381bcaf0760730081cd43bc19c57a8be95022731

SHA256
16165f94a92de83db9af4a930c2ba08d5d2e3693163665198aea0978cc57197b

SHA512
9e0e299c97be59554734f53e35c77786a14afd1c5f3ea60c8eaa82efade60cbe629515f823dd12855b8eaeeac2fe4e9cfd03696bbab04f370e7c1d5670c65602

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\DA8DE68D10BF040EA4E3725A5EDDB56991A9D339

Filesize
113KB

MD5
ea83d83c7ac064e33fd650b3cc490146

SHA1
2ccdedab929a09c3d777a7f2ca378cd919a78808

SHA256
ad433bd2a2c92303d14d401868fe59a330f8f63068dab7fd6d391acd7dc3b4fb

SHA512
ba2829fa7c41549a1599d4f6de6ad5cba0f0db956d94ec6b25cf73ec2048a2efa1c0f7fd9cc11d0bc63d386937f3b7ec3cbb3f8d9ae84ada3b077dbff6722561

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\DE85D62827752B0B12863DFE1B17F987285FE5D6

Filesize
27KB

MD5
39c6013192f61e270dfb2ec690374b66

SHA1
187f003ff407025bd6ac50ccff19571190832a0b

SHA256
d8e8a8a9fc8a659f79f1d742fc3d87a20672e5278db4ee649d6935571f5ec639

SHA512
e03bb5504a1cf2ed21fad0cb8337b63dc39afb55acc0ce6e122a320ab4e820f57e01201c8497d93ff3fe8bf9a2af69b1b12083f1d23ed2c03bea71b88b3cc486

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\E087E5921E38BAFA525BF7A3E0205266B7790BDC

Filesize
15KB

MD5
0c674884cd89a5a0acdc0d299ff8b77d

SHA1
162a047a68bb70111cf3f24b5ed5284e5a6f503c

SHA256
0c59a8a405202953641f18be9b7d17053f0512ab1cbdce6ab9d3116e864b4d5f

SHA512
b560ea6717cac2cbb2970ed6603223287cca06f1aa8202f1360f1598c9696545f7d43eee6287e78da1c18516abf13f5b9e0301836f1fe12c934652409c50d0ef

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\E19316B1CDA62317F9DA2551F9B56E711FCC77AD

Filesize
13KB

MD5
b059d9a5ca6d5af5e3ce74f4c2a1343d

SHA1
d7b359d9c38e12d4b511776a22536e33cce05960

SHA256
2a5d3ec13ad66118f16f041270fe0355ef92bda8bf38ffbdb39282890f31f7b8

SHA512
65c0af56acd8a9a3b356a9acafe45ec5220490dbf55a29121105b58a7bb6ff8a6ce97357903c99cdfe9aa15b29ff1a347e2b179e8646edf1c457bff0dc0df169

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\E2B13323F63A0E2EFF9C39711F74532619C05A3E

Filesize
28KB

MD5
35d838f9bf570c79ec76bd83f6e5cc6f

SHA1
12f8747cefaa6485004e042ca797be496ddf93ac

SHA256
2f18a104b076d374b0db186753db7aad25a567c56db72060733072b97aac887c

SHA512
c074d7cfe45c98efbb4ab28d4f0404a805759531514d7ce2620ee0840d6b148260517e6f305b1055b21b70d9053a3ea1002fd66dfc7d6a108f198bf7705ea08c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\E473EE0AE097850DCFECED6F82E6502540CCC752

Filesize
32KB

MD5
c865233c152b28ede38820c6ca6a249c

SHA1
da30b0412d6c07277eeba19691364144970feb36

SHA256
86820f2f60032089d00be7bd49e1dacfe659ec6c068facf86522a23e13b346d5

SHA512
d1424bd329ccdcd0dfc63c3b1b6af476499554110fef00d759bbd0c11a7921c4a5d6102ffecaffaa0c9bb0f9215566da6e557b635192eeaea41e622f795b3eca

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\E50BF0E17742F8D125C1DEDBEA9F46B8E3F934EA

Filesize
646KB

MD5
2f76fb33266054080d6453ab842aed0b

SHA1
995265c67011cd96c6381af34ee047ec84fcf944

SHA256
629f1eb5d01f7ab8a502893191ee4c1d6383e24850519b1f1dbd239677d1340b

SHA512
4821f0cabf4b282391d46f83d3fa3615e7a9007a7a41aafcbfc52f3244be39dd4c9430c2d6b0cf6e86dc6e77d01e7d366cbe4a656809453c625c366940b5240e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\F09DF01522001E55D871A92625ECACD2824A82CB

Filesize
16KB

MD5
ff4369c765e56b6fdd9a1fed04ac0909

SHA1
99d7247125291e72857ce7598cd6df54b98ecb88

SHA256
3889a1f402779fcb2d051daaf00992a48f1776d9d4d2ecbbec256c620c6b3b85

SHA512
9f0d84139ace7e035b32c1faf18884802f3a29bfd2c338aaecec858fab1cab28d4b6fe7d436d0def5b714241da0426806882de8b4449d4b8ffe2dd4ac2d75587

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\F17716DBDC571DF9373A748DF3F176DB8F739B2A

Filesize
82KB

MD5
ab1709326da977a34690bdc545e4a096

SHA1
22cd2b5b6838ae63404700f9512ea5243498a6a7

SHA256
454b20d7dabfd56828976355f9b713e50fd1e7cf65336b09c413a08c6274b461

SHA512
9bb9b365214324daaae49eacdd4abfb851aeb8b7ed777b49e961c531da176008902f7408a9d7916e513b14c6a98ddb0feacba5cd20f449c6cb067a3813d40d45

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\F2093F74FEC17377ADD0F6EB40A925F233BFD56A

Filesize
15KB

MD5
f64156f20ac9c05c759882f7727889aa

SHA1
24c004d9d438acebf5c86d52a9e8f50548e48006

SHA256
39fed87659fcadb05c252e4e406d0f622825ae2f19a70ce16181333217709575

SHA512
2fc9599ef68a6c8ffd58f0c22da41844543e3c9096b4b4fb73e4c828e0fd63b4f6779f5c2fbb04baa8e8a1ba97bd25a148df1d3908b03f2a7e00e5e212427952

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\F606C36D149E9742ED00B59E17D88281A7CACD13

Filesize
26KB

MD5
7b739c1f9ebc18785e6a8f348c31c51f

SHA1
0cb752ba35188169948acb8307e00be07ce601b2

SHA256
c9ba56053fee1be153784d828f7806f77887b0c719b8222936a83995f3644c3d

SHA512
d72103cd76986b84e7ace14da59c740d5b7a4ef271583330104cbe75c03bf59208a85ffbd8f4972921aebdfbaae0654dad8405bf4a05d4ca122c47805a563cb3

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\FB8EC2B5A49062FA5BB81A2F346AF63B3357316E

Filesize
47KB

MD5
ec5926e6dec94d61e98bde84e6b3a0c7

SHA1
0abbf8ebf0783e312f9da750a44fcbbc2eadb992

SHA256
b36b070040b588968939efa9e1cbb51f525ec0caf97a9f4afe02b7d338a1905f

SHA512
9a2ae462f394a73049d291a3b1d745308dd67ec8443db664dd4b5e06a3634656f1efc8e87fbffccb85ed11a3e797fd06f6db014a89c544be30bc460b8bcbef5f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\FBE5B7DC2A84D7689159CE01E907F509C2A8CC24

Filesize
19KB

MD5
4d8c107e5a2e33d337d61679e17661bf

SHA1
32922057adb557e0681ddfeacc40893534410c67

SHA256
a2e848c2a3097f4e15b31a56c027257e7f3914a7bd638ceb1c8a9fe76fa79b00

SHA512
80719ea642e21df8607e37f518a27d398f24b5119cfaeff68454691e69c7baf9eebde45f3603a91b0be7a73692de7bbf5cc064f598ae7fb16202568ca23b369e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\cache2\entries\FFF4FAFC38523F682A91C7F6AF5A45796BEBAF0B

Filesize
108KB

MD5
823cba191874c191ea986a5546581ee8

SHA1
f108b0392d952712f9411d1a3086e79afda65870

SHA256
6484c91e38a21c1954930b1471fed7b91930d4e73b64ff2f93536c5bacdf7b20

SHA512
7a6d13602f597f4c0e8bf31ce151dc108d732c1485db8c7960a7a0770b8e5986584b5bee4d49f95293b71ea3103b03074eb9fea16bc21a9764fff3ef7940f176

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\jumpListCache\pgr98zZSsV2XfnhDlVCszTM6UbY5bFvHMiaqKTZ6khM=.ico

Filesize
691B

MD5
42ed60b3ba4df36716ca7633794b1735

SHA1
c33aa40eed3608369e964e22c935d640e38aa768

SHA256
6574e6e55f56eca704a090bf08d0d4175a93a5353ea08f8722f7c985a39a52c8

SHA512
4247460a97a43ce20d536fdd11d534b450b075c3c28cd69fc00c48bdf7de1507edb99bef811d4c61bed10f64e4c788ee4bdc58c7c72d3bd160b9b4bd696e3013

Download Submit
C:\Users\Admin\AppData\Local\Temp\a50c052f-a67e-4deb-9f24-19067353bb28.zip

Filesize
3.6MB

MD5
eee2a159d9f96c4dd33473b38ae62050

SHA1
cd8b28c9f4132723de49be74dd84ea12a42eef54

SHA256
52c720ca9b1d7649214694bc46a9ea0cf2ee3091e1ac717633ee06b6e2864384

SHA512
553c8b347e1654ca256dd4b760deb669cf394763419c972bb60a555006525afed2cff53b2516e8b239bc4bb35afd5429bd89611303143e7e65b901c0f5c2cc07

Download Submit
C:\Users\Admin\AppData\Local\Temp\stub.il

Filesize
566KB

MD5
b2fb0ec95a3b716f04ba96f7b0d8448b

SHA1
8d5dd297744c7cc4b3f6fa36d9783975fc575f3e

SHA256
17ad71e5f9cbaadb96d1dce4a3c53b34c5db0a087b31a524a9a6a8cff196caae

SHA512
272806a231a064812811d800a53ae403560528c226436a6279c6b067d94213c1d2d5e3f41b3191b9d5fed6442df8d6e41b378266cffa51d296b2f833dcd14fa5

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
11KB

MD5
25e8156b7f7ca8dad999ee2b93a32b71

SHA1
db587e9e9559b433cee57435cb97a83963659430

SHA256
ddf3ba4e25a622276755133e0cce5605b83719c7cab3546e09acbfed00d6a986

SHA512
1211b2fa997ba13ff926aec58b6b35a81d7fe108b0caa8f4d6369d0a37f8481373b78a4b201651243adde9e2b2699ce929482a46226ff6299b0a0e40fe2ddc56

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
502KB

MD5
e690f995973164fe425f76589b1be2d9

SHA1
e947c4dad203aab37a003194dddc7980c74fa712

SHA256
87862f4bc8559fbe578389a9501dc01c4c585edb4bb03b238493327296d60171

SHA512
77991110c1d195616e936d27151d02e4d957be6c20a4f3b3511567868b5ddffc6abbfdc668d17672f5d681f12b20237c7905f9b0daaa6d71dcdac4b38f2448b2

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
14.0MB

MD5
bcceccab13375513a6e8ab48e7b63496

SHA1
63d8a68cf562424d3fc3be1297d83f8247e24142

SHA256
a6af95a209b2e652ed6766804b9b8ad6b6a68f2c610b8f14713cd40df0d62bf9

SHA512
d94483deaae98bf9212699f1ab0bd913f6151a63e65ebc1ea644ab98d5e3ebd74ecaa08f70aca31e11a5d2c64d1504b723817af35bbe9d7b05c758dd6945d484

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
23KB

MD5
dc224266d3b0a3e5272e67122cc56ff8

SHA1
b78ead3d696378fd512fb7e8bf774bdad70ba67e

SHA256
ce05b96bea6402f722f82217b6c7abaa23677e1c8ea5e808a2ac104c0d6c5a64

SHA512
bfede587238354221a6b8237948a78c3e826227d4289806ecf2caf6679a655cf322d81329c1b9f1cd74239be62a99bd30b3f30871bb51fa94134a8ab496b5d87

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
22KB

MD5
0f8ef085f78381849d486fe9b105e177

SHA1
ffdc0e9b17ea4fd85db67dbadd5ddd35e079413b

SHA256
8342891be9072b4ac15d4ba30dedb9ed89508fd32d08651c1f22dd3cbebe0a03

SHA512
8173d923f3803d2fed26264a7fe0cd7622ba10470dd12bf9152af3be2028b0f9de9ef922a405d3c470064a2e8ee9e9d2a0fe9f846dfd2dceb655903449111ab8

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\AlternateServices.bin

Filesize
6KB

MD5
451c72a59bec203296891625aa3f3850

SHA1
567605554ebedbc683fd820d54c2b4c9a9a3f1ad

SHA256
07d9582f9b396290a0e990cb27b7b9229d5a50521d473340b23ba768fc4b0e26

SHA512
5b5b825be0e3b39f8084bdee5096555c5350ac4841ed4c3242d3421f5bb1b87314fbfe3d691c6b895a18080ae3618ea969a7d3f37690f1313a7c8d1f89940858

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\AlternateServices.bin

Filesize
18KB

MD5
96fc7d9e10f8e5c694fe04e0b0d31448

SHA1
5aecc620102ce0377d1c6cac9b3ae5ba9c4b9ef0

SHA256
f59c292c369c63291b0e2c76afa20b30ceda68c9f357509b15c5ce774ea8c672

SHA512
d473bd6c8bb201b82934465cc60886a1e2154b09f1c9f3f629d86bd1d6469c07bbc5e4cde459f53a0af891f31b8d2160a89603def2b56adcc6d4648aadd8f5c4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\SiteSecurityServiceState.bin

Filesize
5KB

MD5
001908baef31278ca57fe3595074fcc7

SHA1
3ab48c2a817ff9fa8f6ab13eba04a7b4f9728366

SHA256
96f8cdd3068731632ac4013eea4a2c6d44b8bbf6818b9f56908e3c9c197419a2

SHA512
652a23edd14591b650de3c6a1bff8a22babdf17e5d46a7ad32863bcbb7ebafaf657da0289dc70c49670d74c8b08a94bb03b6f954cfd86615f4a75105a41af664

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\db\data.safe.tmp

Filesize
135KB

MD5
88ae59015642a8bc9263c4890cfae25a

SHA1
7b6fa27c386dcd3a66b0c403fcca2891220374cd

SHA256
1c8234749cb79830827d40d20e81f6cd0485edebf1ea85d07d5f7c9678b6bbf1

SHA512
b8e4e34124cdaf843e3fd21490a585905ecad5e54cb1d420c2092763b30222ea67b0ab19434f7a859d0a92ffca0c48011ada2cc307cb7cfbb7e76ee76653b40c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\db\data.safe.tmp

Filesize
167KB

MD5
f46bdd86969fbd58dd2926295f01a8ad

SHA1
ae898bb23b11703c8a0d7b68fb2b2b963c60858d

SHA256
341060a7b63b8120cd3cf1b2c002ec9f7f220f980f5fab7cf3f7e7dd270ace34

SHA512
6f76cef284d171e9fad882ce240d88a6ad1f3f5566f6a8135fd0eae53563172dc18d8e77689d135cea635484719ac4f6f45621dba497f389fc349e05eb469c61

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
12c9be264c1577c43c6e6e3456c846a9

SHA1
59d3407ce66a738ab33db3b0ccbe3cb2bc22f854

SHA256
93dc156c4bcf5623ccdf6c773df39f59781c8ac30813f144357fc57d6bde3413

SHA512
75e8ea72c97a36dbbc1a331d6d72572032a562d0868e39e32f1561f8293c3e3a4c0a4add3e04bde79830ddc2bb543279e38f57f71c4861ade4b306ea381426de

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\db\data.safe.tmp

Filesize
135KB

MD5
87d4a857f4cfa2c67d824e34f3b25cbc

SHA1
73545611c78030a3192885414593dd98a07d20d9

SHA256
f56b17a8bc7579bbfdf5d60d9dc8a2111e98bdc7e14b28d7f85c78043cf13100

SHA512
d0df6aa7be1509e0930ec2b5a47693d6b0011947caf4d92d56cc36d8433689d48badf6d1f805d1264d8454e863af298f362c4e206865567d8ac13f5550e7aa47

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\db\data.safe.tmp

Filesize
7KB

MD5
8cc4b28549b1279bea2884827c6915d9

SHA1
2b1289d5dd3ed5860757b11cffa064614bca7b03

SHA256
8683e7ff86395aa0dbf0e5cc666a0d12df9d311e677c13ea52894eadcea065fa

SHA512
f1689faa33d867182e506561a9ca550ffb8286dbfeb2d328adfd7f9193946353558d6e48a0f64743e41a13a6e70851c74e08ab5d031eedc2d8e434f92e4ba1d5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\events\events

Filesize
1KB

MD5
8e9b90e39396c893e8b425fae7885c64

SHA1
71586f3b29136e95822cc6cde6ea3d0f040e7ff3

SHA256
9beafe5159f7189d0fa0bbf838bfc3c8da093daf916925bbdef4e82a5238adc1

SHA512
0570af20c53f93a6029c82047f517d3df735fa5c58c0fc113dd8ec8a639515cab28b25ec5c9a4b843a1067b1ff217aadb9d4ceed0fefcd7905bf0d038776e081

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\events\events

Filesize
4KB

MD5
3a9b050c2ed1b7d798e45b1659ba9cec

SHA1
dfff63168423adcf91fc7ed22b557d24adfb7929

SHA256
f76a7b04c217ce0d6b9810c9d5b35a0f902f71aba96c5557b7f1e13392decc2c

SHA512
d1aaf3ebcc75edfd3dd5d1bc7bbba3c3ab66749407252573670da1491a210f9f5d36c646d8eb8f18be5531b1bc8bea558339ae62117d9dbf0c003974dbff8486

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\pending_pings\20db5c21-aa73-4c7d-a5bb-3ff5d0fdb53e

Filesize
235B

MD5
ec959702c3f0338063cefff404aec3f7

SHA1
8d4074923880744e7b7bdaa05998445cf90c8f57

SHA256
05af0b89afd0e1cbe03c8066992bda8abb6bd2af16a41788cbcf3c4ebbd8308e

SHA512
3a587de2269b7874927b43130abc313f2b8a496495215cb147dd80bd43d754d63ad8d2c8e08312b652db6119a16efc0a12dc9a83543e2a6a0a2ca8f463f2ac75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\pending_pings\610dd01a-97c5-4e8c-84c8-3ad05f58379a

Filesize
235B

MD5
a5a7abf6e534a41c16c8459938f44ebb

SHA1
06ebbd2553b2ef53c4036b692d953b301b0cae39

SHA256
573e160e0aefee220d0344f0dc19f8d8ba20e22259316f6588106404bf749da6

SHA512
e2e2f2550048a15902ff5b2d43887f5b23027b0183885be12500a3c1fc79765ecca16f5c94f2efd7d97ab6ba6fd58aecba1d0178b8f16a617d138f3d0744aa7a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\pending_pings\61dfa5f4-1b95-45b8-80cb-9799a8af2be7

Filesize
1008B

MD5
4249da7f8aa4141d78f20bb92196451d

SHA1
bca8f92c83b87f5ed8eb74a7fc55a35829181b1a

SHA256
82ee51237c119ee3c5cd8ce30c248881d5f6da573f1c690bb9b25529bf196f3a

SHA512
4edf23a6e7a22f37b1ad21b82a983b167a6fefdd95d2e81d95834316b2854d87af1b0a3b3cc243979d469585b891e1d3a79706dbc92607b3cf85d9e7bf2048eb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\pending_pings\6f5c7995-90ef-49af-b8e0-1ffe85dd8140

Filesize
16KB

MD5
f0bf4a5ad84aa3797f79f62595d6ba61

SHA1
7cdae879ec43e07918ecc65f47f7f5285c98df91

SHA256
bfbe5afafbd3cfeea43b7c0332be91a01c2f98302a3373d312b44c8f0024365d

SHA512
d2f5ba8c5cdc7c7bf01faf17c68cb085131b1085f0274478b02a26a619bccaebce1acb20e00fc68d64f9003a425c375316090cee025f730cebd02c47f6a7a1d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\pending_pings\751cefb4-232b-49b4-8573-b19a99b91eb2

Filesize
281B

MD5
b269c0dcb2932fd890c7708d0c6c6acf

SHA1
c6acb02d4d0edc84fc9733c7087c016d55ecf452

SHA256
bb9badcd24b629b4571ff5b8b1353937443262749c99bdb08621fa0e68faf753

SHA512
f83c02c5c3f92d37a65f5ec823ccb7c89d954b3716cf187c4faef42c806fe3ded762c02c22eaf0d5735f5af8a5430168eee88a2e9f139dac2fdad72bdcd55c82

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\pending_pings\853000ea-1998-440c-8b33-25e942298ded

Filesize
12KB

MD5
955f3e9f0a652f83da214a72545e83f6

SHA1
fe92578803faf7923f9a94da742628216e74acd3

SHA256
2659ab2574acbeb4176fceda34d6212f21a586fed4541ab1afb20e99da115b25

SHA512
2a3b229e30a916ceef15384f486dada17c9ea76370d7a964c61b03fea4b1d164ae6f8d940ec59d9440b09961d42f344a7cc7c7c06bbe506755e94763f0e58d74

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\pending_pings\b04211a6-0fe8-4973-a9ce-bef1fe65fc53

Filesize
2KB

MD5
31749945ff4a486f468a7138c0419b88

SHA1
1c60e71553888a17c61758f9fed6b29c3f90c056

SHA256
f5ad8d1de650588731e880805c09fdf08c22acf68afe5991c84331dce6ecdad5

SHA512
eba4e103f7d9ec07974b7de66541cc748e7c0eea520df12cda71b3aa135a3349674e2efea9c557869259cedaa398db89b7837f03e506f0c0e657df63c51fd87f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\pending_pings\dd7b3ea9-5196-4076-b0d8-34d654ed784d

Filesize
883B

MD5
c98aca5fa692fa413a845be051cce929

SHA1
a2738e4c716f92f7a1ef70ec875085b9ecedb428

SHA256
3eda09533c4b40b175007389a3cd935e074dc96fdd7016df1897c5f36571b35c

SHA512
55c14b1f88513f5ba369c69369a4f0e26e32c521eaefd92b9b52415f69a3fbde5e673292df5f5922729729d928d51032949a62de22dd6f854992ec172ac874a0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\datareporting\glean\pending_pings\e8fa1157-c49a-4398-9eb3-4de1384e139b

Filesize
886B

MD5
39f456aa388333de8198b63d4e6c6a50

SHA1
ac26055fb3e7997e11128452c25dcfbd32ce640c

SHA256
67899198cbb5a2c5fc4cfba52448cf9c8d5d3ddbfb132a735092eca6cf0794eb

SHA512
dfa90622fd565ac525a5c9a57330ca316786e57825df492af7b472ea1feac328cb3ced127549607b7a698b424a017f380c0ce044052085d7879042011ec5a735

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\extensions.json

Filesize
16KB

MD5
7dee3018791bd2ad50f12c49eed816e5

SHA1
6d872fe42206436e7d197d5427dce85b9ce18e92

SHA256
f0a2a870a282a2404ced5a4cfd1223715a16f9e37f5ad1825eba570009aad741

SHA512
2dc24c036d48eba9e8634eee1e7c2c00c5344ef75664fad05850b5f7f0650fca8f1d696d31ac0b7cee0584a35590b8a6cc2f228fa6ffe166abc463be6ecd6bea

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\gmp-gmpopenh264\2.6.0\gmpopenh264.dll

Filesize
1.1MB

MD5
626073e8dcf656ac4130e3283c51cbba

SHA1
7e3197e5792e34a67bfef9727ce1dd7dc151284c

SHA256
37c005a7789747b412d6c0a6a4c30d15732da3d857b4f94b744be1a67231b651

SHA512
eebdeef5e47aeadfeebdbab8625f4ec91e15c4c4e4db4be91ea41be4a3da1e1afeed305f6470e5d6b2a31c41cbfb5548b35a15fccd7896d3fde7cdf402d7a339

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\gmp-gmpopenh264\2.6.0\gmpopenh264.info

Filesize
116B

MD5
ae29912407dfadf0d683982d4fb57293

SHA1
0542053f5a6ce07dc206f69230109be4a5e25775

SHA256
fe7686a6281f0ab519c32c788ce0da0d01640425018dcffcfcb81105757f6fe6

SHA512
6f9083152c02f93a900cb69b1ce879e0c0d69453f1046280ca549a0301ae7925facdda6329f7ccb61726addee78ba2fffc5ba3491a185f139f3155716caf0a8d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\gmp-widevinecdm\4.10.2891.0\manifest.json

Filesize
1001B

MD5
32aeacedce82bafbcba8d1ade9e88d5a

SHA1
a9b4858d2ae0b6595705634fd024f7e076426a24

SHA256
4ed3c6389f6f7cd94db5cd0f870c34a296fc0de3b1e707fccf01645b455790ce

SHA512
67dfe5632188714ec87f3c79dbe217a0ae4dfb784f3fac63affd20fef8b8ef1978c28b3bf7955f3daaf3004ac5316b1ffa964683b0676841bab4274c325c6e2b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\gmp-widevinecdm\4.10.2891.0\widevinecdm.dll

Filesize
18.5MB

MD5
1b32d1ec35a7ead1671efc0782b7edf0

SHA1
8e3274b9f2938ff2252ed74779dd6322c601a0c8

SHA256
3ed0dec36754402707c2ae4fbfa887fe3089945f6f7c1a8a3e6c1e64ad1c2648

SHA512
ab452caa2a529b5bf3874c291f1ffb2a30d9ea43dae5df6a6995dde4bc3506648c749317f0d8e94c31214e62f18f855d933b6d0b6b44634b01e058d3c5fcb499

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\prefs-1.js

Filesize
8KB

MD5
3b31bca978dcf1b3925ec35a87dcc356

SHA1
0a0465403b6f06119762fdae4371ab70c55f5eb4

SHA256
21593135c3d32e98f60aa944eb4e0bef767262b22ed97ec134e1dd8c88146f47

SHA512
2c38af5ed3ad67ca80596996fbca2762de974901091a6e66b6b5494731b79bfc332e0975b08c89da49735f00def144b1e3f69b8155e5758bcccd67fb7d24940c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\prefs-1.js

Filesize
11KB

MD5
6f195c8702391e2691920d139195899c

SHA1
8b8f474ac68254559850f4cb535a20467be99bf4

SHA256
d5089744720ca87afd220ae4a097852208e4787f48d84101912ca8de3d3e4c82

SHA512
524e7f5c20030e4f0c5371e75f292c092e2b9bee3c63dd7dcd23a60e797d4d10c4b28684197983b1f2ea981d9825ec68dd32bc589eea5893da98438a8f4c1ac7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\prefs-1.js

Filesize
12KB

MD5
312f97aae4ee3892aa3fdb14fd8d5518

SHA1
ed153865f869dfada143fdf085180a258fbd50f9

SHA256
58b5225d48b5679fb0addce9ce5203b5ae614aec89ea871335db48f26441fda1

SHA512
fc6c448e4c4577304de6d6f530202811df79b089294b3cfaa07970b25d3b6399365506970f374b56ff78ede62ce10515b5388fe6c787c7395635c841417178cd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\prefs.js

Filesize
6KB

MD5
88edeb3ae62bf268a579996c86cd15e4

SHA1
f4fcb194ca3d037ee658fc4a09630181d99a8d14

SHA256
dbca80f9498da6c5490485e3e1d10f6cff97458b7282a4e11ff96fc648865d61

SHA512
b58e718f829dde38798ee0d0a0d34cb4d9171de1ca4b66e5929949e707a57fb35fc4c5a6a7700a1f708e367d51ce851559a207efd1d8fdd26d34d52e5958e2ce

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\prefs.js

Filesize
6KB

MD5
1626c02578e63608fb8e85bf51231834

SHA1
ce5866cd47585db97baf1c3a33390d216dfbc6aa

SHA256
bc623f633fcf59f74b7fde3d5f9231b0c3babdc370dcea3fb89ed3c17caab818

SHA512
8df727e0a98720a3ae7158b9580d6ff65b3ec0ae35dbdcd838efb4376f16482492947e0eeece91707304b9c8e0864d956dd31cdc59c5c47865b5ea7268f05a0e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\prefs.js

Filesize
11KB

MD5
cb2a55cfdda4fecbe419bff08063a471

SHA1
ebc1bae7500107fdb6c128de95718ac36978534b

SHA256
35e9de0308d7e85d43f6c76b17e664ebbb788b50a1ff91090de77e60892e5b10

SHA512
e9ebc60a9f326ca299077f25365b89dd53d02d3e2ebf6942c214189a03f12ef9bb6c852d9cb533a3af0871930fc21ead1a96349bfd283a8eb9d4b1ce7dbb3d90

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\prefs.js

Filesize
11KB

MD5
97d30bcec4cd4eeb8cc4787eb9157663

SHA1
08fee2ae00c2047f4b24016d9e86646ca048c828

SHA256
6483035e4d30014b00abefb96f771e4e6d7a5a09eacbe3502ee16cda59b1608f

SHA512
a884e1702f3cc0481d3e4c72ea2265b14b8ad2fcefe2f1b67b7cf1e94765c18b18f35ae02658ea09ed136cfb78e084a20ef8778310be94c822e50a3791cb88cd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\prefs.js

Filesize
7KB

MD5
e119fc8ce13f7b6e7463e2171c1e6fd8

SHA1
6dea50f74c45b06534cece14f4590aa9e866d80b

SHA256
1468d82748dd69729bd441f07e6b073b0d4bf9eb9b7a0e3ea59a78bbaafcc345

SHA512
8d25e39b87cdc1c29cfbbf8b7e781c8ac9cf9041330cf26a86b6335b9fa0bb6128a22af011d1c66bc41ea636da81328c4fa6634fc5a6eec1f3790bdd69b5a466

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
1KB

MD5
0f6f30d29f4be9df161a657a64f93a72

SHA1
1d00f4582520529d8a36170c111b35384745d6b6

SHA256
4c3d4c369b0d6b64d54d20c25e7d87108fd2a6fc2ba4aa560c792b465e64b649

SHA512
a7efc41d0f45ecb93c27385fc2e7d609bedff12012dcd4b266ed1b4ec77ad157b4b660aa9d5a303d6284eafb940943fd63d1130f5dcc4118073c9a85e805b1f6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
3KB

MD5
a8ac40fef1c4677fd45ae1a6fe5fcc74

SHA1
68b37ac34fb8da0b9f30d556a8edd4fb4a7ec540

SHA256
f1340284c1a9b1ffab5a47beb852543c7bf93e5f64e3da70f77a9e2dd8538eff

SHA512
e939a1e748c0170b3f37cd5932a9c67759f3feec6b10945e908ff4e9a01a0b1c3f37178cc5ecab00ae69f1e76f680fee01910892a54594bdcd928c3666e0d405

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
38KB

MD5
646163b305d8190ad4544163909c077e

SHA1
799b042c75b823a471a3e7953dd994f6e0200b2b

SHA256
ea7ffd9f1167289918d2629c9128a5f4eaf94eff7d5afc6a7ee1824409256567

SHA512
86a2ca9491545bbb02b7546c8f13db03ceba45e35b2be17f82ad3f06050c3f19909db23bcf82ea4c5e57f5181c2af45b417879465f6ac7c369ecde36f38d7c11

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
4KB

MD5
8c013cd1e2ee556784bd3614866ce09f

SHA1
ce618c89b7591ca85513357611291a8deeab48c9

SHA256
77026649239009765c6bd5c66cc330f16d870c06cf14030599f181147e99c5d8

SHA512
74d986005427f48872dd3b751722e8e4054c555a79ba89f8cef56eafbacab91107a231f1096b43076dfa564bdde76f4645d6d704cdc281ee0d83c730d61b7b1d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
8KB

MD5
504660fe1e12d8d5ca825d9dc87d4127

SHA1
b9b20deae683b8eb92c85c0a4ad03babc3a7628b

SHA256
0e3637a46585070bb6726362c745094b0e0d3ab79a530a2b2165d385f9e6a2ef

SHA512
ce302f79ea6c96a2fb40a9a2ab73483c495bf0b4f7efc48dc4771477aa7dd6efdd4a3719c2b24ac86c389be53874734be604cc6cdb11b693712516caf3b826a5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
31KB

MD5
45e74bc3bff6c9c21c38331d381c220c

SHA1
583acc1b2fe7e7fae6cca950656c1b0574c02694

SHA256
443653099c081e0b549223a3826f3cecc9de78c480b2ff696bffe6dcb266b226

SHA512
5fce56995ad3f7fac0cfdfb972e6c1c2d9a0d198a16a0616871baa4dd4e8f177913f74e3eb7f9bbda796ea14f5b3e548b99b666851233ccef4125865461e187d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
11KB

MD5
ba0a1a4785f4aad8f67583f8bd20a735

SHA1
410dcc98b31b3748ce2c34b3fa624a8543323bb9

SHA256
5cbca0f15c00525f42022fab9f0a40cc6a778f8508a00de70472cff88bac73ed

SHA512
b56e9d0367715bef2b1927cc7838335c26e482fecc8043318e12665027d5e9340b4b1ddd4edfa7e8e84f6a752b03b5aa0b047f185092e5d6102b2be8a0b59ce5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
11KB

MD5
45dfe2a02ba9e508c0d436553f96f1b3

SHA1
77f711c74889f5a261d2587e5c483417dbd06cc2

SHA256
93af36c4df1c969e5088ed3bd71294102a6b30aff57b46897f49aa87b5efb325

SHA512
bff58cab7ff6f327ff3cae0d3a5f494c212675dbeb40bb7990bf1a156a10b98b1e81f43837d3925201e93556e91ffea0e6260f6a907a5ba002ea1cb2ef4f8b93

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
17KB

MD5
991f758fe66b2232a7c19b210deb2cd3

SHA1
a7b17c3a1bd0a151546ceb8dc236d7ce839c9a1d

SHA256
16d76655d95793afedf891b97ff81f1c4daa5e7dbbee914b8924d8c418f3e3fd

SHA512
40f47f54f10afa726b25044d5b8d1597d944635260bc6f57b537d03e44ec68897c73b966702f2b26dfdbe0a0083a4e78aa306513cb62110d164d4661465b4597

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
17KB

MD5
6a92d5c40bae62f0f9120116eb700499

SHA1
ec1fcee9f34550db70e716c06120d380469d3ee0

SHA256
bf9088da49c00f22c0b95e04ff8ccc3716fc9e8dc95719b0918567a62d117f7f

SHA512
07c460a2fa3d0b16f754f38e7440325bb5b10135750d022bb97c609ff31282597e64b384868562e751b24fb25f316c1d4e74b775b2d9924038821bf7ab929660

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
17KB

MD5
36ce47bec1cb98ddb5357b7fc57b7d6c

SHA1
56474360d19628b15f8a6655c96e6a1af2457935

SHA256
a980a0eb11cee2712ad05a2f4f5dd3c2f1ed4b0a5071c22ecd944ff3680d4dfc

SHA512
641384415c289a7a0b9e62b1e1d96e18b84bdf1a812c8146652d5837e69edf0b464bab4d821f571d90a52b6747b936c1ec63e16af93c59d8f4666a11c92fe6b4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
17KB

MD5
8641b26d2c00a38b3ee8f826a05145c4

SHA1
3174a75275d4e6e489724196f3b38f62c7afc9f4

SHA256
2cffd651426a3862738ea85ab52b23b7ca86cdb93d77eb9ea302a6aa01c54a3c

SHA512
902c0717f148e6d3477f242267ec5780f2a8023ef577212cc5e251a48f37a139e5152e3a290dbb3c759a30b3067c450c80a06ab42b538b15ff072523c958881b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
22KB

MD5
d06d4ec773b1ab34a54ffd9e1db76a6b

SHA1
383d3fd9726093c17b10944629b060c6c18d9e83

SHA256
8d77810d0f00b5b99cb403faa095b210f39fa96ebecd45af30e233dbdba16425

SHA512
707b194021dd2301f96e41c937be45efdd72d0126c1f574f2a25c31cb83c0ecf5b25f68719e6c3269696087badab41fdb315c889bf531aecd8db41e804897d35

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
23KB

MD5
b13f3445ed75a835ddeccff517ef0403

SHA1
0fa775484041278e5cdbd33ebdbeafbd4f2b0651

SHA256
3d8f2dba3d18321d2b7da63cdb1b371f7b729d48ee1d164aec97d90cd8443088

SHA512
fb61e7cf89bb0c36b56476ec6f565866200cd2f1079f5fcf0530dc7c12fce0c662976b77be8f932c274dd62f632bd0b10dcfadf8be6801e9844f357d06326246

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
21KB

MD5
085501a8deb1c8cee3978863aa9e74fb

SHA1
41c58d2edd5bb59c326f654ed70ce644a28ae8fa

SHA256
84f4bd708b06524f4bd650c5c76b4ea356b59adc2a3281dd0ed6475ae67a1417

SHA512
9605799c3249447e791aeeaea1f544dffd9f8b1085bcec486381fc3709edbc67d8d629b1bcf28eb8602d1e5754f2041aa0775cffc960a923b4de55c41ff6965f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
37KB

MD5
02f25d08540a5b489f67f3c999cc029e

SHA1
2e7eb3e3063d80d614c6cd2dd62f2b12fe6aa309

SHA256
095807467a613903df154840d6a13be921de6af58b39007a1a3782e54495772f

SHA512
b6316dd7ac161aecab8a79b026335a007b208cb5523fec75b1782b6ea948ec8d1ae8464caddb3c0a64eefbaa6c0b34410b5e2f129dd64c5f2ccdbd37f5bb2da3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
29KB

MD5
bd2f506375927c7a4c3518d2bf66eed3

SHA1
454f33edafc848b5feae8fd857ef9da5f484d9e6

SHA256
0d78b5921016dda7f8e839709a99618ad16afba996a82fffa329e16f51fec4fe

SHA512
c5c449c00632ee3e314811d26a645a7ef9c199d273e68a85e1745d684d0ad5a604ea745072d84b81d72b9585ea4f863f799416a07b0d26171f2fc2901b67d2d6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\sessionstore-backups\recovery.baklz4

Filesize
31KB

MD5
0c3a6a80b6dc69bf1f8a1a63f7d30a72

SHA1
082072639311224c98bb5abec02414c00cd5256f

SHA256
f69ec4fc8fcb0a4cc83d9b5a13554a18315488028dc250f8fb61350f0a5f0064

SHA512
d4628c4273287f86a479dd4b88018427b62616593c5780005f474b48bfa85bb6727e3a7e2e12ef7328c288db3a498fad225d9e1e233a6df1eecb17a2eef13cc6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\storage\default\https+++www.googletagmanager.com^partitionKey=%28https%2Ccloudsek.com%29\cache\morgue\104\{1ea65bbf-d001-4175-a0ab-7e735afd7168}.final

Filesize
10KB

MD5
be4b8d06204faba090b711ee174418e4

SHA1
8b60f0834f1576a131c10514e10f7508db287153

SHA256
1f38853b4f515c0aa982835b112cd20e62e9ced63ee6d3ac80bb0a6b08c24cc6

SHA512
745f17334e1b89d6227068f926cc7f2ad518a84460575029fa3314fbee86bdd77a3fdec81475f3a5b6f52a7fedb516e0d3ccdd72fd8a30357ff22b759328ef0d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
3.5MB

MD5
a338ea71d029f46ec6df0263106bf1a4

SHA1
d81b9faa5a2ca15e3d6b7faa0ac4362d5dc18661

SHA256
fac416aa14aa90fa9e75181b4e16a809f649852beb0e9056e1d722fb35006391

SHA512
1f02df3f7a2a7256220721049b11ce856894f584babd08c8cad18db4c7579c3b9c1de4884e49fb49e31b57ffb83920ad844b5a2ee94e764c8e28b696f3ec14a9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
1.8MB

MD5
a849c72ecef0978b91d5de8340d3c966

SHA1
192ce3ce2035b3f264854f84a9191d066b1423ed

SHA256
dbbee46824ca879a74b320ae70ead8ef246b69fef6ef051b48b21d6f4d6b5103

SHA512
13dab1fdf109cefeca1e8734a08364e085d7d861585980df79a9fad7fcb784ff53cbc7b31f6889e1fdaa582957ce49b1f1bccd63b44508d3847d042f51cb9d51

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yl5uz7ru.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
3.4MB

MD5
36f9c85f833ffd0e7ab972ad5a517a15

SHA1
ee2dc4b2b69414dc790d71591679f21d1d7d909a

SHA256
f1469b66e4a2a1ee433c6cccffc60ad5108bf277eede2cd3fd5b55fa994f8d42

SHA512
5fd908a59d1942d78887aacc4afb6f5b172103fa1dbe6e38931875e11a1cad8998bdf25b8dfcb9c14870c719df9c11f7fefb5b7ac94b15118c47bb6f7bb04899

Download Submit
C:\Users\Admin\Desktop\Payload.exe

Filesize
53KB

MD5
52fa5c4e36ce90800df78153a5b3e14c

SHA1
dc255167e983be50e6e4f3b8d81da2d0bf352c01

SHA256
af0734826e16e9ca14d6ee451d05dd91b90d9eae46e29bbd3a0e1cc4b1f1441b

SHA512
55397f7b7f3d45ed9d93e67dea6ff7e0b2649d08148e9be53d281b499379975c411afb6c972215cddf9c0f02128f78bf08444372df5998431c80347993f5df81

Download Submit
C:\Users\Admin\Downloads\SOURCE-CODE-njRAT-0.b72kW8-9.7d-Horror-Edition-main.zip.part

Filesize
25.1MB

MD5
ac6023edafaf84fe42129983a8901b59

SHA1
34c3a9d9e46d74ebaf2df4844cd622a1b80e0f6c

SHA256
451f05a6d58611f1db815124968bfe4bd9610fd915c1d2219273a1c25210883f

SHA512
7a8e9f83810ad990f9d3e28c42b95334e76f62e9be5949a5abeeadfa27811765e1e1d1bc0459c410f1d22d9d84b01391533dc4416eec47225c97e152aab238eb

Download Submit
C:\Users\Admin\Downloads\XWorm-V5.XIClJ29q.6-Source-main.zip.part

Filesize
8.7MB

MD5
59490d1598c216b2ff4b73a0a4be8272

SHA1
3dc0aae361b77c43545b6cfd0e690ca1b1abf338

SHA256
65ba9d012e0a17d904358de062d152b3dbc358a7e28348acb70bdb7457e8c81c

SHA512
3dae8f4dc395a80caa3f1bc289ac49d6a61c774a98b16fed546984e4c2263583fdbebab45133452338c46a9cc9b6512bf3fb597982cb8b4c4b50b67e2104ac2f

Download Submit
memory/1244-3102-0x000000001EEA0000-0x000000001F01E000-memory.dmp

Filesize
1.5MB

Download
memory/1516-25-0x00007FF9DFC10000-0x00007FF9DFEC6000-memory.dmp

Filesize
2.7MB

Download
memory/1516-7-0x00007FF9DFC10000-0x00007FF9DFEC6000-memory.dmp

Filesize
2.7MB

Download
memory/1516-20-0x00007FF9EDA40000-0x00007FF9EDA51000-memory.dmp

Filesize
68KB

Download
memory/1516-21-0x00007FF9EDA20000-0x00007FF9EDA31000-memory.dmp

Filesize
68KB

Download
memory/1516-22-0x00007FF9EDA00000-0x00007FF9EDA11000-memory.dmp

Filesize
68KB

Download
memory/1516-8-0x00007FF9F4FE0000-0x00007FF9F4FF8000-memory.dmp

Filesize
96KB

Download
memory/1516-9-0x00007FF9F4E80000-0x00007FF9F4E97000-memory.dmp

Filesize
92KB

Download
memory/1516-10-0x00007FF9F38B0000-0x00007FF9F38C1000-memory.dmp

Filesize
68KB

Download
memory/1516-11-0x00007FF9EEEA0000-0x00007FF9EEEB7000-memory.dmp

Filesize
92KB

Download
memory/1516-12-0x00007FF9EE1D0000-0x00007FF9EE1E1000-memory.dmp

Filesize
68KB

Download
memory/1516-18-0x00007FF9EE0D0000-0x00007FF9EE0F1000-memory.dmp

Filesize
132KB

Download
memory/1516-16-0x00007FF9DE950000-0x00007FF9DFA00000-memory.dmp

Filesize
16.7MB

Download
memory/1516-17-0x00007FF9EE100000-0x00007FF9EE141000-memory.dmp

Filesize
260KB

Download
memory/1516-5-0x00007FF609990000-0x00007FF609A88000-memory.dmp

Filesize
992KB

Download
memory/1516-6-0x00007FF9EE230000-0x00007FF9EE264000-memory.dmp

Filesize
208KB

Download
memory/1516-51-0x00007FF9DE950000-0x00007FF9DFA00000-memory.dmp

Filesize
16.7MB

Download
memory/1516-13-0x00007FF9EE180000-0x00007FF9EE19D000-memory.dmp

Filesize
116KB

Download
memory/1516-14-0x00007FF9EE150000-0x00007FF9EE161000-memory.dmp

Filesize
68KB

Download
memory/1516-49-0x00007FF9EE230000-0x00007FF9EE264000-memory.dmp

Filesize
208KB

Download
memory/1516-19-0x00007FF9EE0B0000-0x00007FF9EE0C8000-memory.dmp

Filesize
96KB

Download
memory/1516-34-0x00007FF9DE950000-0x00007FF9DFA00000-memory.dmp

Filesize
16.7MB

Download
memory/1516-48-0x00007FF609990000-0x00007FF609A88000-memory.dmp

Filesize
992KB

Download
memory/1516-50-0x00007FF9DFC10000-0x00007FF9DFEC6000-memory.dmp

Filesize
2.7MB

Download
memory/1516-15-0x00007FF9DFA00000-0x00007FF9DFC0B000-memory.dmp

Filesize
2.0MB

Download
memory/4484-2988-0x000000001C630000-0x000000001C6D6000-memory.dmp

Filesize
664KB

Download
memory/4484-2989-0x000000001CBB0000-0x000000001D07E000-memory.dmp

Filesize
4.8MB

Download
memory/4484-2990-0x000000001D1B0000-0x000000001D24C000-memory.dmp

Filesize
624KB

Download
memory/4484-2991-0x0000000001F50000-0x0000000001F58000-memory.dmp

Filesize
32KB

Download
memory/4484-2992-0x000000001D410000-0x000000001D45C000-memory.dmp

Filesize
304KB

Download
memory/4484-2993-0x000000001EB80000-0x000000001EB92000-memory.dmp

Filesize
72KB

Download
memory/5312-3069-0x0000000020200000-0x0000000020304000-memory.dmp

Filesize
1.0MB

Download
memory/5932-3077-0x0000000005710000-0x00000000057AC000-memory.dmp

Filesize
624KB

Download
memory/5932-3081-0x000000000E350000-0x000000000E368000-memory.dmp

Filesize
96KB

Download
memory/5932-3080-0x0000000008370000-0x00000000083C6000-memory.dmp

Filesize
344KB

Download
memory/5932-3079-0x0000000007870000-0x000000000787A000-memory.dmp

Filesize
40KB

Download
memory/5932-3078-0x0000000005850000-0x00000000058A2000-memory.dmp

Filesize
328KB

Download
memory/5932-3074-0x00000000008B0000-0x00000000013EE000-memory.dmp

Filesize
11.2MB

Download
memory/5932-3076-0x00000000055D0000-0x0000000005662000-memory.dmp

Filesize
584KB

Download
memory/5932-3075-0x0000000005AE0000-0x0000000006086000-memory.dmp

Filesize
5.6MB

Download

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response