Windows Analysis Report
http://www.7rgi820.xyz/

Overview

General Information

Sample URL:	http://www.7rgi820.xyz/
Analysis ID:	1522082
Tags:	openphish
Infos:

Detection

Score:	21
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Performs DNS queries to domains with low reputation

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49807 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49717 version: TLS 1.2

Networking

Performs DNS queries to domains with low reputation

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49807 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /redirect.js?v=1 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /main.b563a1b1790456b66383.css HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /compatTest.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main.d170792e946b7ff7d822.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /redirect.js?v=1 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /compatTest.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_websync_?authed=0&version=10.9.9+A HTTP/1.1Host: t.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_websync_?authed=0&version=10.9.9+A HTTP/1.1Host: telegram.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.7rgi820.xyzsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.7rgi820.xyz/main.b563a1b1790456b66383.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.7rgi820.xyzsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.7rgi820.xyz/main.b563a1b1790456b66383.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1112.ed47151a49708b83c7b9.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /notification.mp3 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: audioReferer: https://www.7rgi820.xyz/Accept-Language: en-US,en;q=0.9Range: bytes=0-
Source: global traffic	HTTP traffic detected: GET /main.d170792e946b7ff7d822.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_websync_?authed=0&version=10.9.9+A HTTP/1.1Host: t.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_websync_?authed=0&version=10.9.9+A HTTP/1.1Host: telegram.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7784.ec5164938531ffe545a2.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/1112.ed47151a49708b83c7b9.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7283.cf7f8932e13cf852ff81.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5193.006d97f0ae392264beae.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1112.ed47151a49708b83c7b9.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apis/guest/submit HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8287.cbb61367338b7a7d4a32.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/1112.ed47151a49708b83c7b9.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7784.ec5164938531ffe545a2.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5193.006d97f0ae392264beae.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6708.05075ec696cf1bca34b2.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7283.cf7f8932e13cf852ff81.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4486.9e0ff3ce0a0c5de4a575.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/1112.ed47151a49708b83c7b9.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site.webmanifest HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6708.05075ec696cf1bca34b2.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8074.274f30e4e4daca7d391c.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8287.cbb61367338b7a7d4a32.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5284.7277a1f1667fee359077.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://www.7rgi820.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5905.7740c1743540df2d6991.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/8074.274f30e4e4daca7d391c.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5985.e8d9d0762c377bb07b03.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/1112.ed47151a49708b83c7b9.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8074.274f30e4e4daca7d391c.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icon-192x192.png HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4486.9e0ff3ce0a0c5de4a575.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: QMNoSOReOtkLmVKgSxcAuQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /9357.a36365e0d807a0987518.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/8074.274f30e4e4daca7d391c.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5905.7740c1743540df2d6991.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5985.e8d9d0762c377bb07b03.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icon-192x192.png HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/8074.274f30e4e4daca7d391c.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /9357.a36365e0d807a0987518.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rlottie-wasm.wasm HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.7rgi820.xyz/8074.274f30e4e4daca7d391c.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rlottie-wasm.wasm HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: S67xSIF57Jj8qfXiOKgpOA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2-1.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 1FRMtCZMgMlQUswOLb+QTg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /blank.8dd283bceccca95a48d8.png HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /telegram-logo.1b2bb5b107f046ea9325.svg HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.7rgi820.xyz/main.b563a1b1790456b66383.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: qQWgg+GSkFSI3/HriCLDbw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: AiuT/gcbhxe/D+P/toEK/w==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 3NUa19YTFTpK+HzfQAdh+Q==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: SAWI5GHzAwiEJ3Z0mkJ/Vw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: k31zkW2PWjQ0H6NMi77Crw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.7rgi820.xyz
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: t.me
Source: global traffic	DNS traffic detected: DNS query: telegram.me
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: zws2.web.telegram.org
Source: global traffic	DNS traffic detected: DNS query: zws2-1.web.telegram.org

Source: unknown

HTTP traffic detected: POST /api/rcd HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveContent-Length: 18sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonAccept: */*Origin: https://www.7rgi820.xyzSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 29 Sep 2024 06:21:57 GMTTransfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Credentials: trueAccess-Control-Allow-Headers: Content-Type, AuthorizationAccess-Control-Allow-Methods: POST, GET, OPTIONSAccess-Control-Allow-Origin: *Vary: Accept-EncodingVersion: v1.0.0CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0C0qNz7%2B1%2BL68oBAeqSOFTqqDoa7g8AOOxslpy4C65O5Myp2fsOfJ0n%2Bxe%2BYGORuffOTee4JtyviuTbO08OsP20l0rzTFhsCrWQmvWj7Hc6%2FO5V6fzYrf2MQwcCc8ypiDd0%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8ca9e03f8f5f8c21-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:03 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-store
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:05 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:06 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:08 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:09 GMTContent-Type: text/htmlContent-Length: 169Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:10 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:10 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:11 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:12 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-store
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:12 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:13 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:13 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:14 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:15 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:16 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:17 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:18 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:18 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:19 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:20 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:21 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-store
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:21 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:22 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:23 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:24 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:25 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:26 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:27 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:28 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:29 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:30 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:30 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:31 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:32 GMTContent-Type: text/htmlContent-Length: 169Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:32 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:33 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:34 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:35 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:36 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:37 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:37 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:38 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:39 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:40 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:41 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:42 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:42 GMTContent-Type: text/htmlContent-Length: 169Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:43 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:44 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:45 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:45 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:46 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:47 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:48 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:49 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:50 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:51 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:52 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:52 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:53 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-store
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:53 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:54 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:55 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:56 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:57 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:58 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:59 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:00 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:00 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:01 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:02 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:03 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:04 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:04 GMTContent-Type: text/htmlContent-Length: 169Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:05 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:06 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:07 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:08 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:09 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000

Source: chromecache_142.2.dr, chromecache_116.2.dr	String found in binary or memory: http://telegram.org/dl
Source: chromecache_124.2.dr	String found in binary or memory: https://github.com/rastikerdar/vazirmatn
Source: chromecache_144.2.dr	String found in binary or memory: https://ss3.4sqi.net/img/categories_v2/
Source: chromecache_123.2.dr, chromecache_117.2.dr	String found in binary or memory: https://t.me/
Source: chromecache_144.2.dr	String found in binary or memory: https://t.me/_websync_
Source: chromecache_145.2.dr, chromecache_119.2.dr	String found in binary or memory: https://telam.jiwhek.xyz/telegram.html
Source: chromecache_144.2.dr	String found in binary or memory: https://telegram.me/_websync_;
Source: chromecache_144.2.dr	String found in binary or memory: https://web.telegram.org/
Source: chromecache_145.2.dr, chromecache_119.2.dr	String found in binary or memory: https://web.telegram.org/a
Source: chromecache_144.2.dr	String found in binary or memory: https://web.telegram.org/a/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49717 version: TLS 1.2

Source: classification engine

Classification label: sus21.troj.win@19/80@30/8

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2036,i,3166966534864182428,7417144755799098187,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.7rgi820.xyz/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3232 --field-trial-handle=2036,i,3166966534864182428,7417144755799098187,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2036,i,3166966534864182428,7417144755799098187,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3232 --field-trial-handle=2036,i,3166966534864182428,7417144755799098187,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.132	www.google.com	United States	15169	GOOGLEUS	false
149.154.167.99	zws2.web.telegram.org	United Kingdom	62041	TELEGRAMRU	false
172.67.172.191	www.7rgi820.xyz	United States	13335	CLOUDFLARENETUS	true
239.255.255.250	unknown	Reserved	unknown	unknown	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.21.30.104	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4
192.168.2.5

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
zws2.web.telegram.org	149.154.167.99	true
telegram.me	149.154.167.99	true
t.me	149.154.167.99	true
www.google.com	142.250.185.132	true
zws2-1.web.telegram.org	149.154.167.99	true
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com	217.20.57.34	true
www.7rgi820.xyz	172.67.172.191	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true

Contacted URLs

Name	Malicious	Reputation
https://www.7rgi820.xyz/api/rcd	false	unknown
https://www.7rgi820.xyz/8074.274f30e4e4daca7d391c.js	false	unknown
https://www.7rgi820.xyz/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2	false	unknown
https://www.7rgi820.xyz/notification.mp3	false	unknown
https://www.7rgi820.xyz/icon-192x192.png	false	unknown
https://www.7rgi820.xyz/apis/guest/submit	false	unknown
https://t.me/_websync_?authed=0&version=10.9.9+A	false	unknown
https://a.nel.cloudflare.com/report/v4?s=QS2nscNd1sjkXRuIEP5iZ%2FKl74uwoGIw6Jifq934fTQc9M4lgsuwUqYvd4oPFeQj%2FVIl6wuENZBm9VcmH%2FUg7RY5wht2738zaffOQtidR2S4r0ZMxHcWkPENFOxwDYekV%2FE%3D	false	unknown
https://www.7rgi820.xyz/main.b563a1b1790456b66383.css	false	unknown
https://www.7rgi820.xyz/8287.cbb61367338b7a7d4a32.js	false	unknown
https://www.7rgi820.xyz/site.webmanifest	false	unknown
https://www.7rgi820.xyz/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2	false	unknown
https://a.nel.cloudflare.com/report/v4?s=TMrvi6GOMPGQJmEzn3fyDriDKoc63jC9PEZ0QAZRnZtMkim9cEBD4lzUB1zLU4MyUFU7MQxH2GaikranVntGQTiLVALYQLjMXatK7UCZFETaSK10o7zJcWt761HfUdeTsSA%3D	false	unknown
https://www.7rgi820.xyz/7283.cf7f8932e13cf852ff81.js	false	unknown
https://www.7rgi820.xyz/5193.006d97f0ae392264beae.js	false	unknown
https://www.7rgi820.xyz/5284.7277a1f1667fee359077.js	false	unknown
https://www.7rgi820.xyz/main.d170792e946b7ff7d822.js	false	unknown
https://www.7rgi820.xyz/4486.9e0ff3ce0a0c5de4a575.js	false	unknown
https://www.7rgi820.xyz/compatTest.js	false	unknown
https://zws2-1.web.telegram.org/apiw1	false	unknown
https://www.7rgi820.xyz/	false	unknown
https://zws2-1.web.telegram.org/apiws	false	unknown
https://zws2.web.telegram.org/apiw1	false	unknown
https://zws2.web.telegram.org/apiws	false	unknown
https://www.7rgi820.xyz/5985.e8d9d0762c377bb07b03.js	false	unknown
https://telegram.me/_websync_?authed=0&version=10.9.9+A	false	unknown
https://www.7rgi820.xyz/6708.05075ec696cf1bca34b2.js	false	unknown
https://www.7rgi820.xyz/7784.ec5164938531ffe545a2.js	false	unknown
https://www.7rgi820.xyz/favicon.ico	false	unknown
https://www.7rgi820.xyz/blank.8dd283bceccca95a48d8.png	false	unknown
https://www.7rgi820.xyz/redirect.js?v=1	false	unknown
https://www.7rgi820.xyz/rlottie-wasm.f013598f1b2ba719f25e.js	false	unknown
https://www.7rgi820.xyz/1112.ed47151a49708b83c7b9.js	false	unknown
https://www.7rgi820.xyz/5905.7740c1743540df2d6991.js	false	unknown
https://www.7rgi820.xyz/9357.a36365e0d807a0987518.js	false	unknown
https://www.7rgi820.xyz/telegram-logo.1b2bb5b107f046ea9325.svg	false	unknown
https://www.7rgi820.xyz/rlottie-wasm.wasm	false	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 05:21:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	30E66C52A9981C7FD264D4251E43E535	9AC5C02A2F0182C1ACE1CD35D1B8FE578DB178F9	B85F7CCF8D2C756D14964C89D9F97FED38F8523F0AD082960CF16DB4EDED23E8
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 05:21:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	6AF8D987AC4966C63A0804494FC9324C	28CE5AD9840B88FB2C707490B9A72D47457509D3	A31E172413979069B5744726BBBE2A71CB16CC978C57E54248EAA8C32CA964ED
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	8888C4C52080F41A48260EC0C12FD831	5A2E8B7D5C689595F941039538237764B94A29E4	7F3FB8BF6DC7DD13DFF57928374981164C9CDEAF7DBF88CB58EC0FFA07F1E742
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 05:21:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	14ABFC1561C510C66FD5E47E167E235A	54A1F5C0731DEF0CF19E29720E93FFE2730BE880	0B8F2AFDCF4BF65514A9455FE91B222FD0AAB611EE2AB3B574ECEF35BB65C4B0
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 05:21:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	ECFABB67FDD0BC1DF016776CDF69F627	28FDFF77C4C9DB2F11AA7BCFC26E32A1C799408F	C6170CAEF36E5EAFC4FFD8D9751F54D1E0C6389A95958410D274160B156C1A29
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 05:21:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	37C7D95B51B7B92A86F3B00F9F8AA16D	C8FD9C35EC1DE1E83A7BBFA0103FECB6FD420B62	350086510E9C3CED97E248C01A08B1B9ED5DB027A495D2E1CCF39B0B27A03E2E
Chrome Cache Entry: 101	PNG image data, 192 x 192, 8-bit colormap, non-interlaced	1A1650D2C76BFC1AC484646C19E495B9	FE58D66042CE9241226F5DA9370230285FF604FC	6E587A62C9D7A97F25265AB5EB29D101AD2E36810042A4116D2DD29DA96B0BF8
Chrome Cache Entry: 102	ASCII text, with very long lines (8401), with no line terminators	CD8EFD3773A85ADAEBEAF90A147B100B	A4B75B53E91202C8CA4DD9B4512DE0F1DA8D6AD6	518FB787943FB6541E3F20DA8D3EBA3D85C72579ABC9D3347AA3D1819A2ECEE5
Chrome Cache Entry: 103	ASCII text, with very long lines (65536), with no line terminators	F349CBB33BFC126CD36AB9F4F7FEC74A	62AA005C5EE1B787BE1D029C17C7443758CF7509	FE4B2EA52CABC79B19B0974CC4F1B0771EBE4BA1051C58FCF8E9190049811355
Chrome Cache Entry: 104	Unicode text, UTF-8 text, with very long lines (65471), with no line terminators	779D2DA5D5294D9B8366D86E3E6DE452	F1B037707B0E573BC740BB290BC8514E4E49B66C	ADFFD9405CA77158EB6EB39E576C0EDBAF8D7DA3BF9D496901D3C0A6AC34D653
Chrome Cache Entry: 105	ASCII text, with no line terminators	262FEB8503B044AF240237F810406CE4	ACA7475A7A6B85E20F8DC97C870A5865AECF7075	A6AE2FC3B1B9099D1AA88FA7A4B57812A23C6C2206D8BEB902156FE6A04EB68C
Chrome Cache Entry: 106	ASCII text, with very long lines (27299)	FD52B116FF6279DB879045FF2574631E	4C3A58DCE9000B4657125C9B171EF9287DCB822E	EA2F52D3ECB825CC2623915D1E13BEBCEE2F85D2D65D6D4014EB5224BA748A8B
Chrome Cache Entry: 107	ASCII text, with very long lines (27299)	FD52B116FF6279DB879045FF2574631E	4C3A58DCE9000B4657125C9B171EF9287DCB822E	EA2F52D3ECB825CC2623915D1E13BEBCEE2F85D2D65D6D4014EB5224BA748A8B
Chrome Cache Entry: 108	ASCII text, with very long lines (2502), with no line terminators	A609C7BA383D01BE3CF1BCE9D24FEA67	B45C5B071A85A3A787DDFBBDA91E49F2324D769C	90413945BC39F6827588E6A033C3DE8F32A357F5E3BD4D1D2AA7CD6A0967596C
Chrome Cache Entry: 109	Unicode text, UTF-8 text, with very long lines (10022), with no line terminators	4C1C14D941033D3B814303189ED15574	74981C22A6CCB7D83A496039B38F4A0C4491755B	1BB41C144ADF380CE9A633EFEADF6C722900B53680528ABC64E6B42FEA9186AC
Chrome Cache Entry: 110	ASCII text, with very long lines (65536), with no line terminators	F349CBB33BFC126CD36AB9F4F7FEC74A	62AA005C5EE1B787BE1D029C17C7443758CF7509	FE4B2EA52CABC79B19B0974CC4F1B0771EBE4BA1051C58FCF8E9190049811355
Chrome Cache Entry: 111	ASCII text, with very long lines (65536), with no line terminators	46648D77DD491AA690F065C72BCBA0C8	0C06EB281C296BEC1D6A5BA710E94392689A90DC	145628CFA23F0607ACD86035CA9EE8F3179C980D848D52564BCFF7334DB4AF10
Chrome Cache Entry: 112	HTML document, Unicode text, UTF-8 text, with very long lines (45662), with no line terminators	457E2565CB233C6D639301829CEB2259	CF9FDBBE140399879351DB1EC06B2BB8D52B5915	1E558FA5165600833C41EDBFE0027B85139933B73D83572FAA36A9870F68A7E9
Chrome Cache Entry: 113	Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo	EBA09B6A457792C52FC610B5F9F974B3	95E6E0F7648E28EA21BC434054EA59ABA3A35AEA	86093551F5A7F68C7DCAC947BD8DC54C6A79DD9A5D83F7E40116D640EB28C7D6
Chrome Cache Entry: 114	ASCII text, with very long lines (2502), with no line terminators	A609C7BA383D01BE3CF1BCE9D24FEA67	B45C5B071A85A3A787DDFBBDA91E49F2324D769C	90413945BC39F6827588E6A033C3DE8F32A357F5E3BD4D1D2AA7CD6A0967596C
Chrome Cache Entry: 115	ASCII text, with very long lines (43818), with no line terminators	143EBA15D9D42855B9B3EC3B8D50A6A0	600654C91C81CE65F0A5AF6B8530D677E0B6474C	265694A7FE5B39174CCF0D0888B161FA3352056A27F9863D6C7A8CCEB4982E84
Chrome Cache Entry: 116	HTML document, ASCII text, with very long lines (413)	DA7800EA928A021F2539AB41E6F2323E	0141DA1DC85CA8F34212F3DDE2FAC9BF61F5ADB7	15C24EC2B4CB94F24E66750F09E7071E5659E20A5ED926F69F565E20A81027CF
Chrome Cache Entry: 117	Unicode text, UTF-8 text, with very long lines (65533), with no line terminators	CE183D7C76B164905DE3C1759C97AA50	EE379A174E5B307F33993826DE19CF72B2426264	196E722F2AE8C2CE5707179AA91D921F0525B1420562902AFBADF43EACB3B5F2
Chrome Cache Entry: 118	WebAssembly (wasm) binary module version 0x1 (MVP)	ADE36C82F1C7643DA3EF1244EC008DA5	19654576F8D08FEE41F8DCE3E8F21E61084B9589	F186EFB3D724331C5D36813D3BBBE512630F9E199F4667F3C4AA43F3FEC6CF14
Chrome Cache Entry: 119	ASCII text	6EA7D7DC767CE7E92A6E01C7A3FA69D7	9CDF6FF82455DF1351E53E86EE0A9781012EAD5B	F3267D78CB220DDC7BD4A3FE3FED46A05F8DC69611D5523E7443B2E4AFAA2CBB
Chrome Cache Entry: 120	ASCII text, with very long lines (65536), with no line terminators	4441938EE433D3657C20D454D352A336	DD67121D7FDA7C17BE196F60C72DFA06BCB5BC6F	659BF63501A8054EF0EEDDA3DEC466DBC1E9A1B2C4D5D59A285B005215E16679
Chrome Cache Entry: 121	Unicode text, UTF-8 text, with very long lines (65471), with no line terminators	779D2DA5D5294D9B8366D86E3E6DE452	F1B037707B0E573BC740BB290BC8514E4E49B66C	ADFFD9405CA77158EB6EB39E576C0EDBAF8D7DA3BF9D496901D3C0A6AC34D653
Chrome Cache Entry: 122	ASCII text, with very long lines (65536), with no line terminators	4441938EE433D3657C20D454D352A336	DD67121D7FDA7C17BE196F60C72DFA06BCB5BC6F	659BF63501A8054EF0EEDDA3DEC466DBC1E9A1B2C4D5D59A285B005215E16679
Chrome Cache Entry: 123	Unicode text, UTF-8 text, with very long lines (65533), with no line terminators	CE183D7C76B164905DE3C1759C97AA50	EE379A174E5B307F33993826DE19CF72B2426264	196E722F2AE8C2CE5707179AA91D921F0525B1420562902AFBADF43EACB3B5F2
Chrome Cache Entry: 124	ASCII text, with very long lines (10891)	61B057B4B7F8E4CBD24C039830E4B235	431DB711E068D1FBF6CCC192C650D764323F9B30	AAA8B742C441F359A0F72D891425E6B4AD07D438711FD0506386EF29924297D7
Chrome Cache Entry: 125	Unicode text, UTF-8 text, with very long lines (18247), with no line terminators	E8988EAD1F3D78462E4F747AADD22F95	677EF45F87ED0CAEA16629CA02A4BD77B655B46A	845EE9EA5C6350DC0E64C83C7476D2B515E83EC673A4DC7C48D2325C046F4B5E
Chrome Cache Entry: 126	HTML document, Unicode text, UTF-8 text, with very long lines (45662), with no line terminators	457E2565CB233C6D639301829CEB2259	CF9FDBBE140399879351DB1EC06B2BB8D52B5915	1E558FA5165600833C41EDBFE0027B85139933B73D83572FAA36A9870F68A7E9
Chrome Cache Entry: 127	Unicode text, UTF-8 text, with very long lines (18247), with no line terminators	E8988EAD1F3D78462E4F747AADD22F95	677EF45F87ED0CAEA16629CA02A4BD77B655B46A	845EE9EA5C6350DC0E64C83C7476D2B515E83EC673A4DC7C48D2325C046F4B5E
Chrome Cache Entry: 128	ASCII text, with very long lines (21341)	4ED38BFE5A91818DC89B8E94B809C616	768694610FAF78CC071230229C990821C456E2FB	A0A5BD8A76F26757141750073DDDABA0527A2E3A3BE9A4566A46AB4FD13F1C28
Chrome Cache Entry: 129	ASCII text, with very long lines (65536), with no line terminators	46648D77DD491AA690F065C72BCBA0C8	0C06EB281C296BEC1D6A5BA710E94392689A90DC	145628CFA23F0607ACD86035CA9EE8F3179C980D848D52564BCFF7334DB4AF10
Chrome Cache Entry: 130	PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced	91E42DB1C66C0B276ABF6234DC50B2EB	C1986AF3C26609B8B7D8933F99C51C1A89E9EA6B	63EF318D96B5D0D0CEBA6E04A4E622B1158335CDC67C49E27839132C6F655058
Chrome Cache Entry: 131	MS Windows icon resource - 3 icons, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48 with PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	1635ED0E8715C40D4BED875B7494A93A	CA2C72821B30194B9B6DAF9C8C0CE1723FE54614	504B4621E486970F8C1721D5297561C9F33296F516C83FBB33A0FF3F4F7C1357
Chrome Cache Entry: 132	ASCII text, with very long lines (43818), with no line terminators	143EBA15D9D42855B9B3EC3B8D50A6A0	600654C91C81CE65F0A5AF6B8530D677E0B6474C	265694A7FE5B39174CCF0D0888B161FA3352056A27F9863D6C7A8CCEB4982E84
Chrome Cache Entry: 133	Web Open Font Format (Version 2), TrueType, length 11056, version 1.0	07DB243DB21ED0A6B4FF05FF429686B7	5D62925FDD7ED8E80F206D095ED093994F13D276	CE897833AC6E362DF7C91AC8223FE511C6DEFCF33964928A81004600A2DD4C2E
Chrome Cache Entry: 134	ASCII text, with very long lines (8401), with no line terminators	CD8EFD3773A85ADAEBEAF90A147B100B	A4B75B53E91202C8CA4DD9B4512DE0F1DA8D6AD6	518FB787943FB6541E3F20DA8D3EBA3D85C72579ABC9D3347AA3D1819A2ECEE5
Chrome Cache Entry: 135	SVG Scalable Vector Graphics image	67EDAAF1408D2278DB9F10FBC5690ADA	5CF2B6BA80881A1A8D48963A094D0D410022932A	ADE1DDEC66F6E98E30D8A56B01E7DD9D2C84A8F4DAC51BC88D2AB5BC6E5D1A62
Chrome Cache Entry: 136	MS Windows icon resource - 3 icons, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48 with PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	1635ED0E8715C40D4BED875B7494A93A	CA2C72821B30194B9B6DAF9C8C0CE1723FE54614	504B4621E486970F8C1721D5297561C9F33296F516C83FBB33A0FF3F4F7C1357
Chrome Cache Entry: 137	ASCII text, with very long lines (21341)	4ED38BFE5A91818DC89B8E94B809C616	768694610FAF78CC071230229C990821C456E2FB	A0A5BD8A76F26757141750073DDDABA0527A2E3A3BE9A4566A46AB4FD13F1C28
Chrome Cache Entry: 138	JSON data	380929FC234CD3312DF9B76886EDB3F6	90A81A29FB36AF658509EF9FB5D2648AF9A135D4	AC46FD5680C1929E49CADE11A2186E222CBDA6146CCA49F3C995CCC0F7AD1616
Chrome Cache Entry: 139	WebAssembly (wasm) binary module version 0x1 (MVP)	ADE36C82F1C7643DA3EF1244EC008DA5	19654576F8D08FEE41F8DCE3E8F21E61084B9589	F186EFB3D724331C5D36813D3BBBE512630F9E199F4667F3C4AA43F3FEC6CF14
Chrome Cache Entry: 140	PNG image data, 192 x 192, 8-bit colormap, non-interlaced	1A1650D2C76BFC1AC484646C19E495B9	FE58D66042CE9241226F5DA9370230285FF604FC	6E587A62C9D7A97F25265AB5EB29D101AD2E36810042A4116D2DD29DA96B0BF8
Chrome Cache Entry: 141	ASCII text, with very long lines (10367), with no line terminators	96EF59C5330EDA8A6049DC0850B9D2C3	3293C0574AC9CD31A37F9AD740CEBD8D0D0AEE69	1F105F736A0AEAC0E3D3C6CF76B3DA36820054850484015B8BEFA243E1BEF253
Chrome Cache Entry: 142	HTML document, ASCII text, with very long lines (413)	DA7800EA928A021F2539AB41E6F2323E	0141DA1DC85CA8F34212F3DDE2FAC9BF61F5ADB7	15C24EC2B4CB94F24E66750F09E7071E5659E20A5ED926F69F565E20A81027CF
Chrome Cache Entry: 143	ASCII text, with very long lines (10367), with no line terminators	96EF59C5330EDA8A6049DC0850B9D2C3	3293C0574AC9CD31A37F9AD740CEBD8D0D0AEE69	1F105F736A0AEAC0E3D3C6CF76B3DA36820054850484015B8BEFA243E1BEF253
Chrome Cache Entry: 144	HTML document, ASCII text, with very long lines (3035), with no line terminators	A349FFAA0B0D51B58256F5E58644178E	EDFAF1A19EDEA4688313306381D373B6C6B75F69	F4795526CFEA7F5547CE5D33D0A656D79D6C93BD9E94AF4A4D9EE935B9C5672D
Chrome Cache Entry: 145	ASCII text	6EA7D7DC767CE7E92A6E01C7A3FA69D7	9CDF6FF82455DF1351E53E86EE0A9781012EAD5B	F3267D78CB220DDC7BD4A3FE3FED46A05F8DC69611D5523E7443B2E4AFAA2CBB
Chrome Cache Entry: 146	Web Open Font Format (Version 2), TrueType, length 11016, version 1.0	15FA3062F8929BD3B05FDCA5259DB412	6FF06A34F68AD0324DDEC1BBE4D453C959178B36	5D1BC9B443F3F81FA4B4AD4634C1BB9702194C1898E3A9DE0AB5E2CDC0E9F479

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49807 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49717 version: TLS 1.2

Networking

Performs DNS queries to domains with low reputation

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: www.7rgi820.xyz

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49807 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /redirect.js?v=1 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /main.b563a1b1790456b66383.css HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /compatTest.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main.d170792e946b7ff7d822.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /redirect.js?v=1 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /compatTest.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_websync_?authed=0&version=10.9.9+A HTTP/1.1Host: t.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_websync_?authed=0&version=10.9.9+A HTTP/1.1Host: telegram.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.7rgi820.xyzsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.7rgi820.xyz/main.b563a1b1790456b66383.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.7rgi820.xyzsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.7rgi820.xyz/main.b563a1b1790456b66383.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1112.ed47151a49708b83c7b9.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /notification.mp3 HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: audioReferer: https://www.7rgi820.xyz/Accept-Language: en-US,en;q=0.9Range: bytes=0-
Source: global traffic	HTTP traffic detected: GET /main.d170792e946b7ff7d822.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_websync_?authed=0&version=10.9.9+A HTTP/1.1Host: t.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_websync_?authed=0&version=10.9.9+A HTTP/1.1Host: telegram.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7784.ec5164938531ffe545a2.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/1112.ed47151a49708b83c7b9.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7283.cf7f8932e13cf852ff81.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5193.006d97f0ae392264beae.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1112.ed47151a49708b83c7b9.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apis/guest/submit HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8287.cbb61367338b7a7d4a32.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/1112.ed47151a49708b83c7b9.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7784.ec5164938531ffe545a2.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5193.006d97f0ae392264beae.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6708.05075ec696cf1bca34b2.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7283.cf7f8932e13cf852ff81.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4486.9e0ff3ce0a0c5de4a575.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/1112.ed47151a49708b83c7b9.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site.webmanifest HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6708.05075ec696cf1bca34b2.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8074.274f30e4e4daca7d391c.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8287.cbb61367338b7a7d4a32.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5284.7277a1f1667fee359077.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://www.7rgi820.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5905.7740c1743540df2d6991.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/8074.274f30e4e4daca7d391c.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5985.e8d9d0762c377bb07b03.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/1112.ed47151a49708b83c7b9.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8074.274f30e4e4daca7d391c.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icon-192x192.png HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4486.9e0ff3ce0a0c5de4a575.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: QMNoSOReOtkLmVKgSxcAuQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /9357.a36365e0d807a0987518.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/8074.274f30e4e4daca7d391c.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5905.7740c1743540df2d6991.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5985.e8d9d0762c377bb07b03.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icon-192x192.png HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.7rgi820.xyz/8074.274f30e4e4daca7d391c.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /9357.a36365e0d807a0987518.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rlottie-wasm.wasm HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.7rgi820.xyz/8074.274f30e4e4daca7d391c.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rlottie-wasm.wasm HTTP/1.1Host: www.7rgi820.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: S67xSIF57Jj8qfXiOKgpOA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2-1.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 1FRMtCZMgMlQUswOLb+QTg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /blank.8dd283bceccca95a48d8.png HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.7rgi820.xyz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /telegram-logo.1b2bb5b107f046ea9325.svg HTTP/1.1Host: www.7rgi820.xyzConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.7rgi820.xyz/main.b563a1b1790456b66383.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: qQWgg+GSkFSI3/HriCLDbw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: AiuT/gcbhxe/D+P/toEK/w==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 3NUa19YTFTpK+HzfQAdh+Q==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: SAWI5GHzAwiEJ3Z0mkJ/Vw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiws HTTP/1.1Host: zws2.web.telegram.orgConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.7rgi820.xyzSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: k31zkW2PWjQ0H6NMi77Crw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bitsSec-WebSocket-Protocol: binary
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apiw1 HTTP/1.1Host: zws2.web.telegram.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.7rgi820.xyz
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: t.me
Source: global traffic	DNS traffic detected: DNS query: telegram.me
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: zws2.web.telegram.org
Source: global traffic	DNS traffic detected: DNS query: zws2-1.web.telegram.org

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 29 Sep 2024 06:21:57 GMTTransfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Credentials: trueAccess-Control-Allow-Headers: Content-Type, AuthorizationAccess-Control-Allow-Methods: POST, GET, OPTIONSAccess-Control-Allow-Origin: *Vary: Accept-EncodingVersion: v1.0.0CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0C0qNz7%2B1%2BL68oBAeqSOFTqqDoa7g8AOOxslpy4C65O5Myp2fsOfJ0n%2Bxe%2BYGORuffOTee4JtyviuTbO08OsP20l0rzTFhsCrWQmvWj7Hc6%2FO5V6fzYrf2MQwcCc8ypiDd0%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8ca9e03f8f5f8c21-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:03 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-store
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:05 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:06 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:08 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:09 GMTContent-Type: text/htmlContent-Length: 169Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:10 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:10 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:11 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:12 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-store
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:12 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:13 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:13 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:14 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:15 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:16 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:17 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:18 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:18 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:19 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:20 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:21 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-store
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:21 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:22 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:23 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:24 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:25 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:26 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:27 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:28 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:29 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:30 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:30 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:31 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:32 GMTContent-Type: text/htmlContent-Length: 169Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:32 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:33 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:34 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:35 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:36 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:37 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:37 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:38 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:39 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:40 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:41 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:42 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:42 GMTContent-Type: text/htmlContent-Length: 169Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:43 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:44 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:45 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:45 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:46 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:47 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:48 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:49 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:50 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:51 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:52 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:52 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:53 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-store
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:53 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:54 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:55 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:56 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:57 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:58 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:22:59 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:00 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:00 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:01 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:02 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:03 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:04 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:04 GMTContent-Type: text/htmlContent-Length: 169Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:05 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:06 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:07 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:08 GMTContent-Type: text/htmlContent-Length: 169Connection: closePragma: no-cacheCache-control: no-storeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Sun, 29 Sep 2024 06:23:09 GMTContent-Type: text/htmlContent-Length: 169Connection: closeAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: POST, OPTIONSAccess-Control-Allow-Headers: origin, content-typeAccess-Control-Max-Age: 1728000

Source: chromecache_142.2.dr, chromecache_116.2.dr	String found in binary or memory: http://telegram.org/dl
Source: chromecache_124.2.dr	String found in binary or memory: https://github.com/rastikerdar/vazirmatn
Source: chromecache_144.2.dr	String found in binary or memory: https://ss3.4sqi.net/img/categories_v2/
Source: chromecache_123.2.dr, chromecache_117.2.dr	String found in binary or memory: https://t.me/
Source: chromecache_144.2.dr	String found in binary or memory: https://t.me/_websync_
Source: chromecache_145.2.dr, chromecache_119.2.dr	String found in binary or memory: https://telam.jiwhek.xyz/telegram.html
Source: chromecache_144.2.dr	String found in binary or memory: https://telegram.me/_websync_;
Source: chromecache_144.2.dr	String found in binary or memory: https://web.telegram.org/
Source: chromecache_145.2.dr, chromecache_119.2.dr	String found in binary or memory: https://web.telegram.org/a
Source: chromecache_144.2.dr	String found in binary or memory: https://web.telegram.org/a/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49717 version: TLS 1.2

Source: classification engine

Classification label: sus21.troj.win@19/80@30/8

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2036,i,3166966534864182428,7417144755799098187,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.7rgi820.xyz/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3232 --field-trial-handle=2036,i,3166966534864182428,7417144755799098187,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2036,i,3166966534864182428,7417144755799098187,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3232 --field-trial-handle=2036,i,3166966534864182428,7417144755799098187,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1522082
Product:	CloudBasic
Start time:	08:20:52
Start date:	29.09.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://www.7rgi820.xyz/

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://www.7rgi820.xyz/

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://www.7rgi820.xyz/