Windows Analysis Report
http://v1.bcit.pro/2131005010/Instagram.com.html

Overview

General Information

Sample URL: http://v1.bcit.pro/2131005010/Instagram.com.html
Analysis ID: 1487411
Infos:

Detection

Score: 56
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

AV Detection

barindex
Source: http://v1.bcit.pro/2131005010/Instagram.com.html Avira URL Cloud: detection malicious, Label: phishing
Source: http://v1.bcit.pro/2131005010/Instagram.com.html Virustotal: Detection: 14% Perma Link
Source: https://www.youtube.com/embed/live_yt_tv?autoplay=1 HTTP Parser: No favicon
Source: https://www.youtube.com/embed/live_yt_tv?autoplay=1 HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49782 version: TLS 1.0
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49736 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49740 version: TLS 1.2
Source: chrome.exe Memory has grown: Private usage: 1MB later: 38MB
Source: unknown HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49782 version: TLS 1.0
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET /2131005010/Instagram.com.html HTTP/1.1Host: v1.bcit.proConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /code-art/projects/tiny-mirror/index.css HTTP/1.1Host: wybiral.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://v1.bcit.pro/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /code-art/projects/tiny-mirror/index.js HTTP/1.1Host: wybiral.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://v1.bcit.pro/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /2131005010/location.js HTTP/1.1Host: v1.bcit.proConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://v1.bcit.pro/2131005010/Instagram.com.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /2131005010/client.min.js HTTP/1.1Host: v1.bcit.proConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://v1.bcit.pro/2131005010/Instagram.com.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /2131005010/loc.js HTTP/1.1Host: v1.bcit.proConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://v1.bcit.pro/2131005010/Instagram.com.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /code-art/projects/tiny-mirror/index.js HTTP/1.1Host: wybiral.github.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /HxzYpT2/Instagram.jpg HTTP/1.1Host: i.ibb.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://v1.bcit.pro/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /embed/live_yt_tv?autoplay=1 HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://v1.bcit.pro/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /s/player/d2e656ee/www-player.css HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.youtube.com/embed/live_yt_tv?autoplay=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=FNX2SHzrs5Q; VISITOR_INFO1_LIVE=c-94sj3U2tw; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgVw%3D%3D
Source: global traffic HTTP traffic detected: GET /s/player/d2e656ee/www-embed-player.vflset/www-embed-player.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/live_yt_tv?autoplay=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=FNX2SHzrs5Q; VISITOR_INFO1_LIVE=c-94sj3U2tw; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgVw%3D%3D
Source: global traffic HTTP traffic detected: GET /s/player/d2e656ee/player_ias.vflset/en_US/base.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/live_yt_tv?autoplay=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=FNX2SHzrs5Q; VISITOR_INFO1_LIVE=c-94sj3U2tw; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgVw%3D%3D
Source: global traffic HTTP traffic detected: GET /HxzYpT2/Instagram.jpg HTTP/1.1Host: i.ibb.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /s/player/d2e656ee/www-embed-player.vflset/www-embed-player.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /s/player/d2e656ee/player_ias.vflset/en_US/base.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /instream/ad_status.js HTTP/1.1Host: static.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/id HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.youtube.comX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /s/player/d2e656ee/player_ias.vflset/en_US/remote.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/live_yt_tv?autoplay=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=FNX2SHzrs5Q; VISITOR_INFO1_LIVE=c-94sj3U2tw; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgVw%3D%3D
Source: global traffic HTTP traffic detected: GET /s/player/d2e656ee/player_ias.vflset/en_US/embed.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/live_yt_tv?autoplay=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=FNX2SHzrs5Q; VISITOR_INFO1_LIVE=c-94sj3U2tw; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgVw%3D%3D
Source: global traffic HTTP traffic detected: GET /instream/ad_status.js HTTP/1.1Host: static.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/id?slf_rd=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.youtube.comX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /s/player/d2e656ee/player_ias.vflset/en_US/embed.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /s/player/d2e656ee/player_ias.vflset/en_US/remote.js HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pagead/id?slf_rd=1 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /wikipedia/commons/thumb/9/95/Instagram_logo_2022.svg/1200px-Instagram_logo_2022.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://v1.bcit.pro/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=516=JLyS9sjvtIyMSgp4uAtejPudcBhXTZ-GcG04Z2Ou7h1ZldDZ7rl3I83_D2khX-ebtiUMixfbrQB83NuoktCDX_nLsdjrfxtOrN9rPoPPbEy8NlDpvF0Jc1bRo6SenRLJhZxjJzcfJCy1Wj7oRkRZBGS2r6W8GymZe9C8CMAZepQ
Source: global traffic HTTP traffic detected: GET /wikipedia/commons/thumb/9/95/Instagram_logo_2022.svg/1200px-Instagram_logo_2022.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=516=o02UBF0efyul65FSiSHvKDNo8BhOD0gL5UTsZL67BRhgrJEet-RBl4gJ7AqdED_8j13xA41Hx3-8VKMECePhCgjEH9lYzh29HJKUrK2gG3vaVyIXgVU8tS4pIS5ex9ZOUjxSGds4AO5r9Oekd0fP5f0vdDrsCM3OsDMRL0BcvIU
Source: global traffic HTTP traffic detected: GET /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=516=m8OnUFQXvLrjomJ7fFfb9Yq_9DeKKn9RqTrIHUDPlZMYvCC6b0AmrTMnvKi8_-uiRCqFmCaqJWNJDEszN2UKugq9bBZWK37S_ahAr-C3gIG1ATmHXPtBnV-n1UP8VwJOxw2Bd3YyHJ0j7ewX7XPAeOzuSRKkbNXUKY60ZeoGydXSWjs
Source: global traffic HTTP traffic detected: GET /2131005010/Instagram.com.html HTTP/1.1Host: v1.bcit.proConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: chromecache_121.1.dr String found in binary or memory: <iframe id="Live_YT_TV" width="0%" height="0px" src="https://www.youtube.com/embed/live_yt_tv?autoplay=1" frameborder="0" allow="autoplay encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe> equals www.youtube.com (Youtube)
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: (g.jk(c,"redirector.googlevideo.com"),d=c.toString()):c.j.match("rr?[1-9].*\\.c\\.youtube\\.com$")?(g.jk(c,"www.youtube.com"),d=c.toString()):(c=vva(d),mD(c)&&(d=c));c=new g.IL(d);c.set("cmo=pf","1");e&&c.set("cmo=td","a1.googlevideo.com");return c}; equals www.youtube.com (Youtube)
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: 0?"http":"https";this.Fa=lD((b?b.customBaseYoutubeUrl:a.BASE_YT_URL)||"")||lD(this.kf)||this.protocol+"://www.youtube.com/";h=b?b.eventLabel:a.el;d="detailpage";h==="adunit"?d=this.D?"embedded":"detailpage":h==="embedded"||this.N?d=zs(d,h,yJa):h&&(d="embedded");this.Ma=d;vqa();h=null;d=b?b.playerStyle:a.ps;f=g.Mb(zJa,d);!d||f&&!this.N||(h=d);this.playerStyle=h;this.K=g.Mb(zJa,this.playerStyle);this.houseBrandUserStatus=b==null?void 0:b.houseBrandUserStatus;this.ra=this.K&&this.playerStyle!=="play"&& equals www.youtube.com (Youtube)
Source: chromecache_94.1.dr String found in binary or memory: a))):this.api.U().L("enable_adb_handling_in_sabr")&&c==="BROWSER_OR_EXTENSION_ERROR"&&!d.K?(d=d.hostLanguage,a="//support.google.com/youtube/answer/3037019#zippy=%2Cupdate-your-browser-and-check-your-extensions",d&&(a=g.Ti(a,{hl:d})),this.Dd(FU(this,"BROWSER_OR_EXTENSION_ERROR",a))):this.Dd(g.DU(a.errorMessage)):this.Dd(FU(this,"HTML5_NO_AVAILABLE_FORMATS_FALLBACK_WITH_LINK_SHORT","//www.youtube.com/supported_browsers")):(a=d.hostLanguage,c="//support.google.com/youtube/?p=player_error1",a&&(c=g.Ti(c, equals www.youtube.com (Youtube)
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: a.details.rc!=="429"?a.errorCode==="ump.spsrejectfailure"&&(e="HTML5_SPS_UMP_STATUS_REJECTED"):(e="TOO_MANY_REQUESTS",f="6");this.ea.Lf(a.errorCode,a.severity,e,EE(a.details),f)}else this.ea.publish("nonfatalerror",a),d=/^pp/.test(this.videoData.clientPlaybackNonce),this.Id(a.errorCode,a.details),d&&a.errorCode==="manifest.net.connect"&&(a="https://www.youtube.com/generate_204?cpn="+this.videoData.clientPlaybackNonce+"&t="+(0,g.Zt)(),mW(a,"manifest",function(h){b.K=!0;b.oa("pathprobe",h)},function(h){b.Id(h.errorCode, equals www.youtube.com (Youtube)
Source: chromecache_94.1.dr String found in binary or memory: a.ismb);this.Zp?(r=a.vss_host||"s.youtube.com",r==="s.youtube.com"&&(r=TO(this.Fa)||"www.youtube.com")):r="video.google.com";this.En=r;UO(this,a,!0);this.Ka=new oO;g.P(this,this.Ka);q=b?b.innertubeApiKey:Bs("",a.innertube_api_key);p=b?b.innertubeApiVersion:Bs("",a.innertube_api_version);r=b?b.innertubeContextClientVersion:Bs("",a.innertube_context_client_version);q=g.pr("INNERTUBE_API_KEY")||q;p=g.pr("INNERTUBE_API_VERSION")||p;l=g.pr("INNERTUBE_CONTEXT_CLIENT_CONFIG_INFO");m=g.hO(this);n=typeof this.j.c=== equals www.youtube.com (Youtube)
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: b=this.api.U();a=this.api.getVideoData();var c="";b.C||(b=g.YO(b),b.indexOf("www.")===0&&(b=b.substring(4)),c=g.bR(a)?"Watch on YouTube Music":b==="youtube.com"?"Watch on YouTube":g.DD("Watch on $WEBSITE",{WEBSITE:b}));this.updateValue("title",c)}; equals www.youtube.com (Youtube)
Source: chromecache_94.1.dr String found in binary or memory: g.Ka("Goog_AdSense_Lidar_getUrlSignalsList",s$a);var gva=ma(["//tpc.googlesyndication.com/sodar/",""]);var Rma=(new Date).getTime();var dla="://secure-...imrworldwide.com/ ://cdn.imrworldwide.com/ ://aksecure.imrworldwide.com/ ://[^.]*.moatads.com ://youtube[0-9]+.moatpixel.com ://pm.adsafeprotected.com/youtube ://pm.test-adsafeprotected.com/youtube ://e[0-9]+.yt.srs.doubleverify.com www.google.com/pagead/xsul www.youtube.com/pagead/slav".split(" "),ela=/\bocr\b/;var gla=/(?:\[|%5B)([a-zA-Z0-9_]+)(?:\]|%5D)/g;var t$a=0,u$a=0,v$a=0;var Io;Io=null;g.Ko=!1;g.Uo=1;g.To=Symbol("SIGNAL");g.Wo={version:0,TZ:0,xl:!1,dg:void 0,By:void 0,Ym:void 0,mL:0,ej:void 0,Gu:void 0,Kt:!1,ZO:!1,t1:function(){return!1}, equals www.youtube.com (Youtube)
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: g.YO=function(a){a=TO(a.Fa);return a==="www.youtube-nocookie.com"?"www.youtube.com":a}; equals www.youtube.com (Youtube)
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: g.jP=function(a){var b=g.YO(a);JJa.includes(b)&&(b="www.youtube.com");return a.protocol+"://"+b}; equals www.youtube.com (Youtube)
Source: chromecache_94.1.dr String found in binary or memory: g.k.getVideoUrl=function(a,b,c,d,e,f,h){b={list:b};c&&(e?b.time_continue=c:b.t=c);c=h?"music.youtube.com":g.YO(this);e=c==="www.youtube.com";!f&&d&&e?f="https://youtu.be/"+a:g.PO(this)?(f="https://"+c+"/fire",b.v=a):(f&&e?(f=this.protocol+"://"+c+"/shorts/"+a,d&&(b.feature="share")):(f=this.protocol+"://"+c+"/watch",b.v=a),ru&&(a=Hma())&&(b.ebc=a));return g.Ti(f,b)}; equals www.youtube.com (Youtube)
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: this.W.Ba&&(a.authuser=this.W.Ba);this.W.pageId&&(a.pageid=this.W.pageId);isNaN(this.cryptoPeriodIndex)||(a.cpi=this.cryptoPeriodIndex.toString());var e=(e=/_(TV|STB|GAME|OTT|ATV|BDP)_/.exec(g.wb()))?e[1]:"";e==="ATV"&&(a.cdt=e);this.G=a;this.G.session_id=d;this.qa=!0;this.B.flavor==="widevine"&&(this.G.hdr="1");this.B.flavor==="playready"&&(b=Number(jO(b.experiments,"playready_first_play_expiration")),!isNaN(b)&&b>=0&&(this.G.mfpe=""+b),this.qa=!1);b="";g.XN(this.B)?WN(this.B)?(d=c.B)&&(b="https://www.youtube.com/api/drm/fps?ek="+ equals www.youtube.com (Youtube)
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: var y2={};var w6a=/[&\?]action_proxy=1/,v6a=/[&\?]token=([\w-]*)/,x6a=/[&\?]video_id=([\w-]*)/,y6a=/[&\?]index=([\d-]*)/,z6a=/[&\?]m_pos_ms=([\d-]*)/,B6a=/[&\?]vvt=([\w-]*)/,n6a="ca_type dt el flash u_tz u_his u_h u_w u_ah u_aw u_cd u_nplug u_nmime frm u_java bc bih biw brdim vis wgl".split(" "),A6a="www.youtube-nocookie.com youtube-nocookie.com www.youtube-nocookie.com:443 youtube.googleapis.com www.youtubeedu.com www.youtubeeducation.com video.google.com redirector.gvt1.com".split(" "),q6a={android:"ANDROID", equals www.youtube.com (Youtube)
Source: chromecache_94.1.dr String found in binary or memory: xIa=function(a,b){if(!a.j["0"]){var c=new WE("0","fakesb",{video:new SE(0,0,0,void 0,void 0,"auto")});a.j["0"]=b?new $M(new g.IL("http://www.youtube.com/videoplayback"),c,"fake"):new rN(new g.IL("http://www.youtube.com/videoplayback"),c,new LM(0,0),new LM(0,0))}}; equals www.youtube.com (Youtube)
Source: global traffic DNS traffic detected: DNS query: v1.bcit.pro
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: wybiral.github.io
Source: global traffic DNS traffic detected: DNS query: www.youtube.com
Source: global traffic DNS traffic detected: DNS query: i.ibb.co
Source: global traffic DNS traffic detected: DNS query: i.ytimg.com
Source: global traffic DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic DNS traffic detected: DNS query: static.doubleclick.net
Source: global traffic DNS traffic detected: DNS query: play.google.com
Source: global traffic DNS traffic detected: DNS query: upload.wikimedia.org
Source: unknown HTTP traffic detected: POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1Host: www.youtube.comConnection: keep-aliveContent-Length: 10847sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-YouTube-Ad-Signals: dt=1722725371146&flash=0&frm=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C0%2C0&vis=1&wgl=true&ca_type=imagesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-Goog-Request-Time: 1722725374931Content-Type: application/jsonX-Goog-Event-Time: 1722725374931X-YouTube-Utc-Offset: -240X-YouTube-Client-Name: 56X-YouTube-Client-Version: 1.20240730.01.00X-YouTube-Time-Zone: America/New_YorkX-Goog-Visitor-Id: CgtjLTk0c2ozVTJ0dyj657q1BjIKCgJVUxIEGgAgVw%3D%3Dsec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.youtube.comX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.youtube.com/embed/live_yt_tv?autoplay=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=FNX2SHzrs5Q; VISITOR_INFO1_LIVE=c-94sj3U2tw; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgVw%3D%3D
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100cache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1251date: Sat, 03 Aug 2024 22:49:28 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100cache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1251date: Sat, 03 Aug 2024 22:49:28 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100cache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1251date: Sat, 03 Aug 2024 22:49:28 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://api.jquery.com/jQuery.browser
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://bugs.jquery.com/ticket/12282#comment:15
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_(NS_ERROR_NOT_A
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://jquery.com/
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://jquery.org/license
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://json.org/json2.js
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://perfectionkills.com/detecting-event-support-without-browser-sniffing/
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://sizzlejs.com/
Source: chromecache_105.1.dr, chromecache_94.1.dr, chromecache_99.1.dr, chromecache_90.1.dr String found in binary or memory: http://tools.ietf.org/html/rfc1950
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: chromecache_94.1.dr String found in binary or memory: http://www.youtube.com/videoplayback
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: http://youtube.com/drm/2012/10/10
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: http://youtube.com/streaming/metadata/segment/102015
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: http://youtube.com/streaming/otf/durations/112015
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: http://youtube.com/yt/2012/10/10
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://admin.youtube.com
Source: chromecache_121.1.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.js
Source: chromecache_121.1.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://angular.io/license
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: https://developer.mozilla.org/en/Security/CSP
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://docs.google.com/get_video_info
Source: chromecache_121.1.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4iaVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4saVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4taVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5caVI
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_109.1.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_122.1.dr, chromecache_113.1.dr String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: chromecache_105.1.dr, chromecache_94.1.dr, chromecache_99.1.dr, chromecache_90.1.dr String found in binary or memory: https://github.com/madler/zlib/blob/master/zlib.h
Source: chromecache_121.1.dr String found in binary or memory: https://i.ibb.co/HxzYpT2/Instagram.jpg
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://i.ytimg.com/vi/
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://jnn-pa.googleapis.com
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://music.youtube.com
Source: chromecache_90.1.dr String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_94.1.dr String found in binary or memory: https://redux.js.org/api/store#subscribelistener
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-4-store#creating-a-store-with-enhancers
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-4-store#middleware
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-6-async-logic#using-the-redux-thunk-middleware
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://support.google.com/youtube/?p=missing_quality
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://support.google.com/youtube/?p=noaudio
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://support.google.com/youtube/?p=report_playback
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://support.google.com/youtube/answer/6276924
Source: chromecache_121.1.dr String found in binary or memory: https://upload.wikimedia.org/wikipedia/commons/thumb/9/95/Instagram_logo_2022.svg/1200px-Instagram_l
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://viacon.corp.google.com
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://www.googleapis.com/certificateprovisioning/v1/devicecertificates/create?key=AIzaSyB-5OLKTx2i
Source: chromecache_106.1.dr, chromecache_100.1.dr String found in binary or memory: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://www.gstatic.com/ytlr/img/sign_in_avatar_default.png?rn=
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://www.youtube.com/api/drm/fps?ek=
Source: chromecache_121.1.dr String found in binary or memory: https://www.youtube.com/embed/live_yt_tv?autoplay=1
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://www.youtube.com/generate_204?cpn=
Source: chromecache_121.1.dr String found in binary or memory: https://wybiral.github.io/code-art/projects/tiny-mirror/index.css
Source: chromecache_121.1.dr String found in binary or memory: https://wybiral.github.io/code-art/projects/tiny-mirror/index.js
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://youtu.be/
Source: chromecache_94.1.dr String found in binary or memory: https://youtube.com/api/drm/fps?ek=uninitialized
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://youtubei.googleapis.com/youtubei/
Source: chromecache_105.1.dr, chromecache_94.1.dr String found in binary or memory: https://yurt.corp.google.com
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49736 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49740 version: TLS 1.2
Source: classification engine Classification label: mal56.win@22/60@36/19
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2760 --field-trial-handle=2608,i,17192106613044617387,2455478797431729721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://v1.bcit.pro/2131005010/Instagram.com.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3224 --field-trial-handle=2608,i,17192106613044617387,2455478797431729721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5844 --field-trial-handle=2608,i,17192106613044617387,2455478797431729721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2760 --field-trial-handle=2608,i,17192106613044617387,2455478797431729721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3224 --field-trial-handle=2608,i,17192106613044617387,2455478797431729721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5844 --field-trial-handle=2608,i,17192106613044617387,2455478797431729721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Google Drive.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk Jump to behavior