122bfbb9f67e355340991deeacb167be9c12ad726b5a7c5779448dd0cc4af0cb

Resubmissions

03/02/2023, 00:32 UTC

230203-av1mzace7x 4

03/02/2023, 00:30 UTC

230203-atmpqace6t 4

02/02/2023, 23:07 UTC

230202-24ekmsca5w 1

02/02/2023, 20:25 UTC

230202-y7j3raae6s 4

28/01/2023, 03:21 UTC

230128-dwlrzsfd3s 4

28/01/2023, 03:18 UTC

230128-dtp2mafd2s 1

18/01/2023, 00:00 UTC

230118-aasrmaae75 8

Analysis

max time kernel
1249s
max time network
1389s
platform
windows7_x64
resource
win7-20220901-es
resource tags

arch:x64arch:x86image:win7-20220901-eslocale:es-esos:windows7-x64systemwindows
submitted
18/01/2023, 00:00 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

LauncherFenix-Minecraft-v7.exe
Size

397KB
MD5

d99bb55b57712065bc88be297c1da38c
SHA1

fb6662dd31e8e5be380fbd7a33a50a45953fe1e7
SHA256

122bfbb9f67e355340991deeacb167be9c12ad726b5a7c5779448dd0cc4af0cb
SHA512

3eb5d57faea4c0146c2af40102deaac18235b379f5e81fe35a977b642e3edf70704c8cedd835e94f27b04c8413968f7469fccf82c1c9339066d38d3387c71b17
SSDEEP

3072:puzvch1rugYc4wqYSRR756K7ItBjgXHUYCnlK:Wch1aIqYSRVM+unlK

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 48 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "58"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\launcherfenix.com.ar\Total = "58"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\launcherfenix.com.ar\ = "15364"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "26"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\launcherfenix.com.ar	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\launcherfenix.com.ar\Total = "15364"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\launcherfenix.com.ar\ = "26"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "15364"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\launcherfenix.com.ar\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\launcherfenix.com.ar\ = "58"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008fafc322508f6b41b6c9c3f86d89f2580000000002000000000010660000000100002000000040b3ebecee197ada17c34199574ed61dad45c317bc7a4344d0fe3a15bbea849d000000000e800000000200002000000084069462035d25eeb7c7ad354644650f653d3249041e32bbc7ec57c88f3db10e90000000a7452c567f7a539ac15d052e18f71b6eeb208249391df970ec6753ea8168bcd1242afae7267a5058011d4c3c7166911592b051e3ab3cb1d3000b255601f557845d5273272ce84716367783938fa10d511b25c7bb5041087a692cb20b7bff4abc02bef6294344645e8eb4794e2c9f9513c26d646be43c9ce9d19fc0c826bee80fa9402a480144401c88d36011e14aae0a400000008fef06fead5bfb534855080bed27dea4ffbcd8627afd5eb6363c59564642e9876b70b0257cd33bb497357f954d8a5e0bcdcf6966a4202fd65c08cb48e4542bb1	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\launcherfenix.com.ar\Total = "26"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000008fafc322508f6b41b6c9c3f86d89f25800000000020000000000106600000001000020000000ab75244050fc72195d6bb5fb9d54c2e444dd6d9bd6be1e72f897e40f916632a6000000000e80000000020000200000000931a262479d94b5485350faad2c973216407543d608337e0d463f2b71684339200000009d05b8f1a867854bd975c1cd6e06af886c3af98944386d9e41d7833dc7fafca640000000fd2694044fd6d04cf89a4ed36a88ab25b9a3835701f7fc719754fa4f6f7ff229b0d350bc29f0d8afbb75e0943ef1be56883ea6f51b397fcb09567ae4c1ef5323	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{92624C41-96C6-11ED-AF29-FA5B60022C16} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e024766fd32ad901	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4063495947-34355257-727531523-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
980	iexplore.exe

Suspicious use of SetWindowsHookEx 12 IoCs

pid	Process
1768	javaw.exe
1768	javaw.exe
1768	javaw.exe
1768	javaw.exe
1768	javaw.exe
1768	javaw.exe
980	iexplore.exe
980	iexplore.exe
1812	IEXPLORE.EXE
1812	IEXPLORE.EXE
1812	IEXPLORE.EXE
1812	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 14 IoCs

description	pid	Process	procid_target
PID 840 wrote to memory of 1768	840	LauncherFenix-Minecraft-v7.exe	28
PID 840 wrote to memory of 1768	840	LauncherFenix-Minecraft-v7.exe	28
PID 840 wrote to memory of 1768	840	LauncherFenix-Minecraft-v7.exe	28
PID 840 wrote to memory of 1768	840	LauncherFenix-Minecraft-v7.exe	28
PID 1768 wrote to memory of 980	1768	javaw.exe	29
PID 1768 wrote to memory of 980	1768	javaw.exe	29
PID 1768 wrote to memory of 980	1768	javaw.exe	29
PID 980 wrote to memory of 1812	980	iexplore.exe	31
PID 980 wrote to memory of 1812	980	iexplore.exe	31
PID 980 wrote to memory of 1812	980	iexplore.exe	31
PID 980 wrote to memory of 1812	980	iexplore.exe	31
PID 980 wrote to memory of 1812	980	iexplore.exe	31
PID 980 wrote to memory of 1812	980	iexplore.exe	31
PID 980 wrote to memory of 1812	980	iexplore.exe	31

C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft-v7.exe
"C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft-v7.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:840
- C:\Program Files\Java\jre7\bin\javaw.exe
  "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft-v7.exe"
  2⤵
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1768
- - C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://launcherfenix.com.ar/wope/register/
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:980
  - - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:980 CREDAT:275457 /prefetch:2
      4⤵
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:1812

Network

DNS

www.dropbox.com

javaw.exe

Remote address:

8.8.8.8:53

Request

www.dropbox.com

IN A

Response

www.dropbox.com

IN CNAME

www-env.dropbox-dns.com

www-env.dropbox-dns.com

IN A

162.125.8.18
DNS

files.launcherfenix.com.ar

javaw.exe

Remote address:

8.8.8.8:53

Request

files.launcherfenix.com.ar

IN A

Response

files.launcherfenix.com.ar

IN A

172.67.153.84

files.launcherfenix.com.ar

IN A

104.21.72.175
DNS

launchermeta.mojang.com

javaw.exe

Remote address:

8.8.8.8:53

Request

launchermeta.mojang.com

IN A

Response

launchermeta.mojang.com

IN CNAME

launcher-meta-cdn.azureedge.net

launcher-meta-cdn.azureedge.net

IN CNAME

launcher-meta-cdn.afd.azureedge.net

launcher-meta-cdn.afd.azureedge.net

IN CNAME

star-azureedge-prod.trafficmanager.net

star-azureedge-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0039.t-0009.fdv2-t-msedge.net

shed.dual-low.part-0039.t-0009.fdv2-t-msedge.net

IN CNAME

part-0039.t-0009.fdv2-t-msedge.net

part-0039.t-0009.fdv2-t-msedge.net

IN A

13.107.237.67

part-0039.t-0009.fdv2-t-msedge.net

IN A

13.107.238.67
DNS

profile.launcherfenix.com.ar

javaw.exe

Remote address:

8.8.8.8:53

Request

profile.launcherfenix.com.ar

IN A

Response

profile.launcherfenix.com.ar

IN A

172.67.153.84

profile.launcherfenix.com.ar

IN A

104.21.72.175
DNS

iniciolauncherfx.tumblr.com

javaw.exe

Remote address:

8.8.8.8:53

Request

iniciolauncherfx.tumblr.com

IN A

Response

iniciolauncherfx.tumblr.com

IN A

74.114.154.18

iniciolauncherfx.tumblr.com

IN A

74.114.154.22
GET

http://iniciolauncherfx.tumblr.com/

javaw.exe

Remote address:

74.114.154.18:80

Request

GET / HTTP/1.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/535.14 (KHTML, like Gecko) JavaFX/2.2 Safari/535.14
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Cache-Control: no-cache
Pragma: no-cache
Host: iniciolauncherfx.tumblr.com
Connection: keep-alive

Response

HTTP/1.1 302 Found

Server: openresty
Date: Wed, 18 Jan 2023 00:06:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Rid: 60cca50e0a48e34a138dffca00d4a096
P3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Frame-Options: deny
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552001
Location: https://iniciolauncherfx.tumblr.com/
X-UA-Compatible: IE=Edge,chrome=1
X-UA-Device: desktop
Vary: X-UA-Device, Accept
DNS

assets.tumblr.com

javaw.exe

Remote address:

8.8.8.8:53

Request

assets.tumblr.com

IN A

Response

assets.tumblr.com

IN A

192.0.77.40
DNS

px.srvcs.tumblr.com

javaw.exe

Remote address:

8.8.8.8:53

Request

px.srvcs.tumblr.com

IN A

Response

px.srvcs.tumblr.com

IN A

192.0.77.40
DNS

static.tumblr.com

javaw.exe

Remote address:

8.8.8.8:53

Request

static.tumblr.com

IN A

Response

static.tumblr.com

IN A

192.0.77.40
DNS

launcherfenix.com.ar

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

launcherfenix.com.ar

IN A

Response

launcherfenix.com.ar

IN A

172.67.153.84

launcherfenix.com.ar

IN A

104.21.72.175
GET

https://launcherfenix.com.ar/wope/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89 HTTP/1.1
Accept: text/css, */*
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=1353
etag: W/"60a56e17-549"
last-modified: Wed, 19 May 2021 19:59:19 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 4192
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoYNhq6LNxM%2BvQMr39np%2BFIr6GLPMRyWq8rl6KkU548S1niROZCGeKIdaA48EtSFUMjK2I5bYOUVL3IWl6cTcfO%2BlQSO0MYv0v8kC9neVJzobELr4SC57mzpAxJaPPVrv7snXaoffg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b334978d380eaf-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/style.css?ver=5.3.23

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/style.css?ver=5.3.23 HTTP/1.1
Accept: text/css, */*
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=42091
etag: W/"60b436d6-a46b"
last-modified: Mon, 31 May 2021 01:07:34 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 4192
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDk5Nb2CvrqKFxlL7ta7paTMbDoPBYjuNwacoNgWv4I1wuxSo5wI1JYGj5Hr4SZ0AZLGHu%2FoDuhrVo5ohmwjBZ4RFTMN8H2KR9A6C%2BqWC%2FremgwC78XGqKC3%2BHufwKj0%2B2K1uM5IqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b334979d490eaf-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/css/fancybox.css?ver=5.7.2

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/css/fancybox.css?ver=5.7.2 HTTP/1.1
Accept: text/css, */*
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=5812
etag: W/"60a56b8a-16b4"
last-modified: Wed, 19 May 2021 19:48:26 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 4192
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2F01i0SADAbKgrfuKhSkX1LR7q2bHjBvRpTl8k%2BL05haUQ5W3AYXQ%2BbVtlsWD5jowDLJ7vBc2tCCSfEZCMmVrzj%2BU6GRDh6n7n4Jj0ekAElsyUWDF1kLy8Nhxpu20uYI8k8m2blRMw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b33497dd810eaf-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
vary: Accept-Encoding
etag: W/"5fb4e3fe-2bd8"
x-powered-by: PleskLin
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 1121
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AKwfrFWxa0L0J9PNTQAi4dJlPC2GshssB9GDzkJx8O%2FmSWkcyTRu78hzZJu2lfOTddgLIJuDxIBKZbvFja0g64NG%2BHMdgztQsTaMH%2BKc8Bs22dkiNefIZv%2BBSoe4SrnIk83wpTcTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b334984de20eaf-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3329
etag: W/"60a56e17-d01"
last-modified: Wed, 19 May 2021 19:59:19 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 1121
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfCRxdKaElvBGRgfAp8cs9av0tj0m5mDEE4kibXu9Y6yqi9mTRrBtd3UpMAAaAmStSCXzCAXJHfODc0ta4zwgZ2SgUEWwqW5akDt%2BFUFqMeZ94mILELvRzJEZe2frt6tcGQThisItw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b334986e0e0eaf-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/js/jquery.fancybox.min.js?ver=5.7.2

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/js/jquery.fancybox.min.js?ver=5.7.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 19 May 2021 19:48:40 GMT
vary: Accept-Encoding
etag: W/"60a56b98-4fc3"
x-powered-by: PleskLin
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 1121
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rDEEyhvN4yh0PL09%2Bff2fj3Xkoz7dxtzUaMfPRx6sipkF1nrlwQb66RYzwjMNbl9hX0I0P1Tdl2e8amlK2disFMrEjgTEZBDAcCBJ5LlG52m3wUJR5pR7%2FS%2Fk8uQoLgTRSKovdXew%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b334989e580eaf-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/logo.png

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/images/logo.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: image/png
Content-Length: 6260
Connection: keep-alive
last-modified: Wed, 19 May 2021 19:48:34 GMT
etag: "60a56b92-1874"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 1121
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcE18JVs7p0zWaDDtsoTvSof45uJG2AoUPgGgzMoDUvo1ZTTw%2FISc3nSNU1uQNGcr6wWwA4kYqUrS5pmUYXIY4bDGDZXYjdBoi5Ec%2FXsL36RGr2yP0vxn9eBaK%2BNr7sUKuAz2sWcNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b33498ae6e0eaf-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/header-right.png

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/images/header-right.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: image/png
Content-Length: 8484
Connection: keep-alive
last-modified: Wed, 19 May 2021 19:48:33 GMT
etag: "60a56b91-2124"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 1121
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAwno%2Bak2DUFHcFrUJX7N4wNrxAcDcPXAbpl87WToiWVI4mBnSk7XPck4gUvAbFuhYJ%2B8ngD67CPPtr%2FFdVC6K2Jq76rBwFGEDpIdfuCl3F7Bc%2FLax%2FrjEgwyFZn%2F3OjHy5tQdQ2IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b33498dea80eaf-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/aus-pagelink.png

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/images/aus-pagelink.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: image/png
Content-Length: 21830
Connection: keep-alive
last-modified: Wed, 19 May 2021 19:48:31 GMT
etag: "60a56b8f-5546"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfRhdtxfjPj18VitKVVVMRs2H9QB4UOD6NLasV%2B%2BpfuvqHoTuD1WZXMccG9IkOjdJ0PBxtTYupYfwv1GpKv%2FS9YuLG7%2B7Jqt4vQISy7skBUtYirgWIlVXriVrPkpF%2FXIvj3WprdEBw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b33498fec70eaf-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/register/

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/register/ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
x-powered-by: PHP/7.3.25
x-powered-by: PleskLin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
link: <https://launcherfenix.com.ar/wope/wp-json/>; rel="https://api.w.org/"
link: <https://launcherfenix.com.ar/wope/wp-json/wp/v2/pages/111>; rel="alternate"; type="application/json"
link: <https://launcherfenix.com.ar/wope/?p=111>; rel=shortlink
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0GI0EP62FqIeyEpBogfDNjv7IxUuw%2BNiALizujV1Jwh7SJpuLKhmaFzsI31dEx1eif2DDeU5hXOxvZJA7HKzdXIV2mvvQBbVJk5aq1v8Tq%2BPAhYrx%2BFVo%2Bx4H5nHp%2FPNsRTWMdNkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b3348c1dbfb960-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2 HTTP/1.1
Accept: text/css, */*
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
vary: Accept-Encoding
etag: W/"606cf3c4-e33b"
x-powered-by: PleskLin
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZWL13VzCYy0ciAV08ykPnxxE2OkFKqb7FM%2BEYFnNpI5biiJaMtwLqy9OwOxf%2F5NxRbgbl2bvT1%2F1EsM7w96T%2BsdvXoMpcyOYcCWwjdxcU10w3L%2BPdU13PADoWq2SaJpSsLZNGISLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b334978ee9b960-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/uploads/2018/08/LauncherFenix-4.8.5-Personaje-65x65.png

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/uploads/2018/08/LauncherFenix-4.8.5-Personaje-65x65.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: image/png
Content-Length: 4525
Connection: keep-alive
last-modified: Thu, 20 May 2021 04:20:18 GMT
etag: "60a5e382-11ad"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzU0wdIAQZLfSG5Cgv5slGpmz424uIDvgDGwc9GMdCX41eDFtapsfibMnlpIxeh%2BiNi8z33qWuNSFEcxiSn28AOIk5a7Il6QJfjneqwoNSXAk0tPLph4DcQbL11Smj6e6jd%2FNydqDg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b3349a9999b960-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
vary: Accept-Encoding
etag: W/"5ff5d754-3795"
x-powered-by: PleskLin
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxjixEzHViTySnVjk3Ib17B29CjBWkgNxG72cyTpH1SQeUXM1uAGJKoAFcACTHeDJ6U2qfqbbTfM6qCvk8WXfWcOpHCKhKG%2FNUaVmQEPW5u2dkQ%2BW6netqjtWmZ5c0QLiyrtNrTmtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b3349b6a3cb960-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:34 GMT
Content-Type: image/gif
Content-Length: 1009
Connection: keep-alive
last-modified: Wed, 19 May 2021 19:59:19 GMT
etag: "60a56e17-3f1"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phaL%2Bt0AKCZWZoXKyjDNNeKKhGgWuR6VqS42i9VO%2Frtytlj5yR5uEnZ94NxNo2sxKL%2BpIyGtOBS3tNRFX5RQnwExq93t%2FRuzhPXYMkL3LVb%2F%2B5B%2FqmdFVo6s1j8ey0lW4MPtJhehqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b3349eed39b960-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/favicon.ico

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: launcherfenix.com.ar
Connection: Keep-Alive
Cookie: _ga=GA1.3.277878364.1674001527; _gid=GA1.3.135050652.1674001527; _gat_gtag_UA_42563780_8=1; __gads=ID=065f8bea187d25d9-22718de351db00b9:T=1674001654:RT=1674001654:S=ALNI_MYDq837BmuElWMMt_-Rl9cULT9Gxg; __gpi=UID=00000ba49f626f7f:T=1674001654:RT=1674001654:S=ALNI_MYXNMfEp858VWdj_DwgXlSO91f6dg

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:35 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 30 Dec 2018 21:56:54 GMT
etag: W/"5c293f26-25be"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2l8AHfUsS%2BWA3hGZjN3UIlcKho0H%2BUQkcjtWDohsm9GXxgIU4dPbDgFHBFieilUnQloENqYo35siH%2B%2F%2Bj%2Bq1NmLxgpIGjZ4zhiT%2BkGKZ%2FTEuPMX1y8YSIBC9K%2F2dvqmqus3ecOV6A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b334a88d3cb960-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.20

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.20 HTTP/1.1
Accept: text/css, */*
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
etag: W/"60a56e17-8ff4"
last-modified: Wed, 19 May 2021 19:59:19 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wf9qPHdTGxFi2BQj3rkvd4MvSn60xdXnMwpbvnifRvSYed9tNEQayNcInPAGzS7ynWtQI13Ylud7%2FixT9SrFdZY8i8zxB3PUlAEfT2wVBI3scZTAjGpqb7ef6Qk5Sx%2FxZGWYuVDfcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b33497ebcdb8be-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/uploads/2018/12/LauncherFenix-5.2-Web-65x65.jpg

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/uploads/2018/12/LauncherFenix-5.2-Web-65x65.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: image/jpeg
Content-Length: 2682
Connection: keep-alive
last-modified: Thu, 20 May 2021 04:20:18 GMT
etag: "60a5e382-a7a"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmCHiJv34VzzJDrbyGNVNFkQUrrWvcFVq5qeCa8tyL9j9%2F1tpTgKcuJX6jmaFZI70%2BLRbNWPlOf2JSDZ7%2FlOR%2B9usam6879%2BWNL6KxPvUKuw6Lf0e5w7XfUjLT27%2F%2F0RgQV0mO6M1w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b3349afeb7b8be-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
vary: Accept-Encoding
etag: W/"5f7dedd5-15d98"
x-powered-by: PleskLin
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBhCR%2FTd40a1eUkY0pXGevLoVquKsv3RhogKc%2BUJu3Zr4XZliO5Vok0V3rfN1ODdwQXJM204SeAy7J8eeCxRtGxvm5cxHng85iK%2F1WsiDAKdJ%2FAoI9lmyeqttu%2Ff7F8rw8Sa4O7ZRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b334980e710a69-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/uploads/2018/10/1.13.2-65x65.jpg

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/uploads/2018/10/1.13.2-65x65.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: image/jpeg
Content-Length: 2123
Connection: keep-alive
last-modified: Thu, 20 May 2021 04:20:18 GMT
etag: "60a5e382-84b"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQ8d%2B4%2BgZZeM81Aj676KdFOdPWYeJxwCZz%2FbI921PrpqS6UiBjMQRWabnXbxRUboghqQ6X1K8o53WOIguBftIkWMSyO7KpijMXMbLvekkDHGR8QUq7YKMF%2FFS7FKxU9qwGdGeUbrFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b3349b39f30a69-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.20

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.20 HTTP/1.1
Accept: text/css, */*
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
etag: W/"60a56e17-1baf8"
last-modified: Wed, 19 May 2021 19:59:19 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 4192
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVkfTIsXVKxq%2BgLtw0gIsxQCYfC15B%2Bgj7qBA3%2FaUUAnjw0fd6MgJE4dc8wBvIudk%2BzdGiXzJaVxAGeqT99uCQlVRV8JRH7E4FrRuYZAaWMXb1A0PTDOecQmeD04hlGKNpBhJbr%2Ftw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b33497fff60bde-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/js/navigation.js?ver=5.7.2

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/js/navigation.js?ver=5.7.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3177
etag: W/"60a56b99-c69"
last-modified: Wed, 19 May 2021 19:48:41 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 5789
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bARn8awH4NQAlN%2BU1DExWzvNwvMl8SxE1CRsAZL1dg1UJg5Dt%2Ff%2Bl4%2Ba9k2%2BWwxs6pp39t9hNaP%2F7AMHB8CN3Y9FBB93Z0VHTwuv6f7U6UsrbZGyG5gOwQgsKuho5nBvo5iljU6g8w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b33498585c0bde-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/js/jquery.easing.min.js?ver=5.7.2

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/js/jquery.easing.min.js?ver=5.7.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 19 May 2021 19:48:39 GMT
vary: Accept-Encoding
etag: W/"60a56b97-8fe"
x-powered-by: PleskLin
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 5774
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qYbkNu2Zvfb%2FYVEbrYxlPoPONZRUvJ8uWCdc%2Bh0c39W8qFBmL%2BU6clqGKRWRaFdo92DHnHVWnO5PSHRJF%2FXbT5xrYSsA51dDxS6uFF0O2rqOSgJLBNpXPU6haTCocmBs04HfIqWow%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b33498787f0bde-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-includes/js/wp-embed.min.js?ver=5.7.2

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-includes/js/wp-embed.min.js?ver=5.7.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
vary: Accept-Encoding
etag: W/"5ff5d754-592"
x-powered-by: PleskLin
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRxRkOuJNzcDybQ9%2FYtf1B50qNEKRxZK4KNWtRQQP%2FEfSTkP9sdNaK%2F6QrNKZ7MIiwwTjRaKxQSpskOW9wJ9RIzAybilEI%2BaLlIL5OfkICzo5OxnBuVHzj%2BVKWIJBVqqf6m0eif2dA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b33498a8a20bde-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/uploads/2018/08/1.13.1-65x65.jpg

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/uploads/2018/08/1.13.1-65x65.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: image/jpeg
Content-Length: 1747
Connection: keep-alive
last-modified: Thu, 20 May 2021 04:20:18 GMT
etag: "60a5e382-6d3"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJge52vFQyIvABnLN6g6lZM6oY7myIzPMvIa9h4CV4KZFGaylg0uVl4eMJv0jIkYUlVSIXdKv84IdmNizK0QpcNdWvqc7WA1gvQCdpeCpNVI7GCFe2GXT4bRMnk87TOG8NUEttJ9zg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b3349bcc840bde-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/bg.jpg

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/images/bg.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:34 GMT
Content-Type: image/jpeg
Content-Length: 61931
Connection: keep-alive
last-modified: Wed, 19 May 2021 19:48:32 GMT
etag: "60a56b90-f1eb"
x-powered-by: PleskLin
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAi2HbdmVhPN7pLoeRTMC1EbL2UjlUEXiLOjeHrSAc%2F6KDNkBSlcHKlbO3OUwUsEOWLavFgHtZqZyFWMggqqwW2uWRQ2woRR9DfT0a%2F2kXu%2FzohIKILhuEsxnarcuvjwHc22XSXgVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b3349ecf4f0bde-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://launcherfenix.com.ar/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 10 Jan 2023 19:37:12 GMT
ETag: W/"63bdbe68-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=co2BHO7gX6wUz8Du6i3A4RRJSFw%2BSISUJpv9%2Bm0OVxKJFC5QoQZMb0JVll0E5LpkmI2RIh%2FRbaqyddqL3bv6i3plyj3EPuj27MBZMDMIM5OuQ7YUlVrWOLHleP3EQroiVNJ%2BBezE5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b334985a9f1b03-AMS
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Fri, 20 Jan 2023 00:27:32 GMT
Cache-Control: max-age=172800
Cache-Control: public
Content-Encoding: gzip
GET

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/js/jquery.mousewheel.min.js?ver=5.7.2

IEXPLORE.EXE

Remote address:

172.67.153.84:443

Request

GET /wope/wp-content/themes/launcher-fenix/js/jquery.mousewheel.min.js?ver=5.7.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 19 May 2021 19:48:40 GMT
vary: Accept-Encoding
etag: W/"60a56b98-a31"
x-powered-by: PleskLin
Content-Encoding: gzip
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52pq59bolVc8%2BKImKKrY7cSVjghlmAWVSo2E2WCiW8KKRARzeaG1RELZDAhfBjAR2%2FXDku62Xd5vc3xAR2CfW326Tlc1v4Q6U3koIjyz2IsHnGjxXppUApv2QsP6Jh3gP81CQ4Y6bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78b334989ae41b03-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

textures.launcherfenix.com.ar

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

textures.launcherfenix.com.ar

IN A

Response

textures.launcherfenix.com.ar

IN A

104.21.72.175

textures.launcherfenix.com.ar

IN A

172.67.153.84
GET

https://textures.launcherfenix.com.ar/avatar/ed6c66baa7878bd167af180929b40df47cb396c5d31abd0457e0440545d0ab22

IEXPLORE.EXE

Remote address:

104.21.72.175:443

Request

GET /avatar/ed6c66baa7878bd167af180929b40df47cb396c5d31abd0457e0440545d0ab22 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: textures.launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: application/octet-stream
Content-Length: 197
Connection: keep-alive
last-modified: Sun, 30 Dec 2018 00:51:52 GMT
etag: "5c2816a8-c5"
expires: Thu, 18 Jan 2024 00:27:33 GMT
Cache-Control: max-age=31536000
x-powered-by: PleskLin
access-control-allow-origin: https://launcherfenix.com.ar
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uxT04XbpExFUi7AUpdFqK9kExqOTY6YgXMYfMyDjuazvxZluG8UDMpQlyM6%2FUnUcMYORubNzv%2BhTHIu4ll4C7nvfBY5tKrYxuGsu%2BgPXlU%2FHXtj9OIJIQGsaWDSopN55jXEEbLWZj9F9iklfAbOkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b33498894bb7de-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://textures.launcherfenix.com.ar/avatar/c9badffdc6d4d69385a2ef5a1ceeabb356bf0e871b8c69e276d62317b929125b

IEXPLORE.EXE

Remote address:

104.21.72.175:443

Request

GET /avatar/c9badffdc6d4d69385a2ef5a1ceeabb356bf0e871b8c69e276d62317b929125b HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: textures.launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:32 GMT
Content-Type: application/octet-stream
Content-Length: 359
Connection: keep-alive
last-modified: Thu, 13 Dec 2018 02:59:23 GMT
etag: "5c11cb0b-167"
expires: Tue, 16 Jan 2024 11:53:29 GMT
Cache-Control: max-age=31536000
x-powered-by: PleskLin
access-control-allow-origin: https://launcherfenix.com.ar
CF-Cache-Status: HIT
Age: 131643
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QK4ldSVWWjrOK8BHlPBJpiSOu%2FG%2BghA12C8EUMf%2FhzsLHjsLGTjH7Ytu%2BpC5cZnZSsDwLZyeRtxkFiZsuOaRc5%2FHZUOWvRrANRw7cMkNefKgasUqd9iwNCZeNStc0GySIUldFQgZrsg8Z0odLX%2Biag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b3349878800bde-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://textures.launcherfenix.com.ar/avatar/06f28e288e9472c9761542d056d1f136380af2cca975a09cda648a5d2c0a73e3

IEXPLORE.EXE

Remote address:

104.21.72.175:443

Request

GET /avatar/06f28e288e9472c9761542d056d1f136380af2cca975a09cda648a5d2c0a73e3 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: textures.launcherfenix.com.ar
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Wed, 18 Jan 2023 00:27:33 GMT
Content-Type: application/octet-stream
Content-Length: 252
Connection: keep-alive
last-modified: Fri, 10 Sep 2021 01:12:15 GMT
etag: "613ab0ef-fc"
expires: Thu, 18 Jan 2024 00:27:33 GMT
Cache-Control: max-age=31536000
x-powered-by: PleskLin
access-control-allow-origin: https://launcherfenix.com.ar
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcwfESfcwtyjAgjgBogoIWyzTJoHxGdfLmsL%2FZmCMDqATbEYOGrfDLp48zt3QsetNBkEQxRzSpvOaJJ%2BlI0gLn2iG1%2BnTIzfvvlm8I90MoR9jZ51KIlPKp5X4%2BNb6qMyG0yYHb4QPe1fE0Cb0R90kA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b33498a8a50bde-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

www.paypalobjects.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.paypalobjects.com

IN A

Response

www.paypalobjects.com

IN CNAME

ppo.glb.paypal.com

ppo.glb.paypal.com

IN CNAME

paypal.map.fastly.net

paypal.map.fastly.net

IN A

151.101.2.133

paypal.map.fastly.net

IN A

151.101.66.133

paypal.map.fastly.net

IN A

151.101.130.133

paypal.map.fastly.net

IN A

151.101.194.133
GET

https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif

IEXPLORE.EXE

Remote address:

151.101.2.133:443

Request

GET /en_US/GB/i/btn/btn_donateCC_LG.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.paypalobjects.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 2857
Cache-Control: s-maxage=31536000, public,max-age=3600
Content-Type: image/gif
Dc: ccg11-origin-www-1.paypal.com
Etag: "pVHXPb+MBLiRl7V57NNkwtYz60afvaFcsfsaRPDZLmE"
Fastly-Io-Info: ifsz=2858 idim=160x47 ifmt=gif ofsz=2857 odim=160x47 ofmt=gif
Fastly-Stats: io=1
Paypal-Debug-Id: 73a222928fa21
Timing-Allow-Origin: https://www.paypal.com,https://www.sandbox.paypal.com
Traceparent: 00-000000000000000000073a222928fa21-32028a5e37fe4150-01
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 18 Jan 2023 00:27:33 GMT
X-Served-By: cache-sjc10049-SJC, cache-ams21031-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 45758, 1301
X-Timer: S1674001653.164005,VS0,VE0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31557600
GET

https://www.paypalobjects.com/es_XC/i/scr/pixel.gif

IEXPLORE.EXE

Remote address:

151.101.2.133:443

Request

GET /es_XC/i/scr/pixel.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.paypalobjects.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 42
Cache-Control: s-maxage=31536000, public,max-age=3600
Content-Type: image/gif
Dc: ccg11-origin-www-1.paypal.com
Etag: "EMKH4Lmcv0jpPecX1lsuI9JDUC4i6ZE+vkcq+Tq/75s"
Fastly-Io-Info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
Fastly-Stats: io=1
Paypal-Debug-Id: acc1567d88e2c
Timing-Allow-Origin: https://www.paypal.com,https://www.sandbox.paypal.com
Traceparent: 00-0000000000000000000acc1567d88e2c-e88724395bcd2b84-01
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 18 Jan 2023 00:27:33 GMT
X-Served-By: cache-sjc10023-SJC, cache-ams21031-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 616, 2
X-Timer: S1674001653.170225,VS0,VE0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31557600
DNS

googleads.g.doubleclick.net

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

216.58.214.2
GET

https://googleads.g.doubleclick.net/pagead/html/r20230112/r20190131/zrt_lookup.html

IEXPLORE.EXE

Remote address:

216.58.214.2:443

Request

GET /pagead/html/r20230112/r20190131/zrt_lookup.html HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: googleads.g.doubleclick.net
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 4387
X-XSS-Protection: 0
Date: Tue, 17 Jan 2023 23:28:43 GMT
Expires: Tue, 31 Jan 2023 23:28:43 GMT
Cache-Control: public, max-age=1209600
ETag: 10353107486223812946
Content-Type: text/html; charset=UTF-8
Age: 3530
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3288702287375926&output=html&adk=1812271804&adf=3025194257&lmt=1674001527&plat=1%3A1049600%2C2%3A1049600%2C3%3A3145728%2C4%3A3145728%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Flauncherfenix.com.ar%2Fwope%2Fregister%2F&ea=0&pra=5&wgl=1&dt=1674001525863&bpp=18&bdt=1340&idt=160&shv=r20230112&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1929714006097&frm=20&pv=2&ga_vid=277878364.1674001527&ga_sid=1674001527&ga_hid=869283691&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1263&bih=626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1910015521427820&tmod=1377162274&nvt=1&eae=2&fc=1920&docm=11&brdim=0%2C54%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C1280%2C626&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=1&ifi=1&uci=a!1&dtd=1219

IEXPLORE.EXE

Remote address:

216.58.214.2:443

Request

GET /pagead/ads?client=ca-pub-3288702287375926&output=html&adk=1812271804&adf=3025194257&lmt=1674001527&plat=1%3A1049600%2C2%3A1049600%2C3%3A3145728%2C4%3A3145728%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Flauncherfenix.com.ar%2Fwope%2Fregister%2F&ea=0&pra=5&wgl=1&dt=1674001525863&bpp=18&bdt=1340&idt=160&shv=r20230112&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1929714006097&frm=20&pv=2&ga_vid=277878364.1674001527&ga_sid=1674001527&ga_hid=869283691&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1263&bih=626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1910015521427820&tmod=1377162274&nvt=1&eae=2&fc=1920&docm=11&brdim=0%2C54%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C1280%2C626&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=1&ifi=1&uci=a!1&dtd=1219 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: googleads.g.doubleclick.net
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 00:27:35 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 0
Set-Cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jan-2023 00:42:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires: Wed, 18 Jan 2023 00:27:35 GMT
Transfer-Encoding: chunked
DNS

partner.googleadservices.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

partner.googleadservices.com

IN A

Response

partner.googleadservices.com

IN CNAME

partner46.googleadservices.com

partner46.googleadservices.com

IN A

142.251.36.2
GET

https://partner.googleadservices.com/gampad/cookie.js?domain=launcherfenix.com.ar&callback=_gfp_s_&client=ca-pub-3288702287375926&gpid_exp=1

IEXPLORE.EXE

Remote address:

142.251.36.2:443

Request

GET /gampad/cookie.js?domain=launcherfenix.com.ar&callback=_gfp_s_&client=ca-pub-3288702287375926&gpid_exp=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: partner.googleadservices.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 00:27:34 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked
DNS

tpc.googlesyndication.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

142.250.179.193
GET

https://tpc.googlesyndication.com/sodar/sodar2.js

IEXPLORE.EXE

Remote address:

142.250.179.193:443

Request

GET /sodar/sodar2.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: tpc.googlesyndication.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Date: Wed, 18 Jan 2023 00:27:35 GMT
Expires: Wed, 18 Jan 2023 00:27:35 GMT
Cache-Control: private, max-age=3000
ETag: "1637097310169751"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked
GET

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

IEXPLORE.EXE

Remote address:

142.250.179.193:443

Request

GET /sodar/sodar2/225/runner.html HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: https://launcherfenix.com.ar/wope/register/
Accept-Language: es-ES
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: tpc.googlesyndication.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Length: 5046
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 18 Jan 2023 00:02:56 GMT
Expires: Thu, 18 Jan 2024 00:02:56 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 21 Jun 2021 20:47:05 GMT
Content-Type: text/html
Age: 1479
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DNS

fe0.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

fe0.google.com

IN A

Response

162.125.8.18:443

www.dropbox.com

tls

javaw.exe

408 B
219 B
5
5
162.125.8.18:443

www.dropbox.com

tls

javaw.exe

408 B
219 B
5
5
162.125.8.18:443

www.dropbox.com

tls

javaw.exe

408 B
219 B
5
5
172.67.153.84:443

files.launcherfenix.com.ar

tls

javaw.exe

12.0kB
496.9kB
242
433
13.107.237.67:443

launchermeta.mojang.com

tls

javaw.exe

354 B
132 B
3
3
172.67.153.84:80

profile.launcherfenix.com.ar

javaw.exe

190 B
92 B
4
2
74.114.154.18:80

http://iniciolauncherfx.tumblr.com/

http

javaw.exe

697 B
1.3kB
6
5

HTTP Request

GET http://iniciolauncherfx.tumblr.com/

HTTP Response

302
74.114.154.18:443

iniciolauncherfx.tumblr.com

tls

javaw.exe

1.6kB
16.1kB
16
19
192.0.77.40:443

assets.tumblr.com

tls

javaw.exe

1.6kB
7.8kB
15
16
192.0.77.40:443

assets.tumblr.com

tls

javaw.exe

1.5kB
7.2kB
13
12
192.0.77.40:443

px.srvcs.tumblr.com

tls

javaw.exe

1.8kB
7.1kB
14
16
192.0.77.40:443

px.srvcs.tumblr.com

tls

javaw.exe

2.2kB
7.0kB
13
15
192.0.77.40:443

static.tumblr.com

tls

javaw.exe

1.5kB
5.8kB
12
10
172.67.153.84:443

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/aus-pagelink.png

tls, http

IEXPLORE.EXE

6.4kB
73.2kB
56
86

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/style.css?ver=5.3.23

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/css/fancybox.css?ver=5.7.2

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/js/jquery.fancybox.min.js?ver=5.7.2

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/logo.png

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/header-right.png

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/aus-pagelink.png

HTTP Response

200
172.67.153.84:443

https://launcherfenix.com.ar/favicon.ico

tls, http

IEXPLORE.EXE

4.6kB
44.5kB
40
65

HTTP Request

GET https://launcherfenix.com.ar/wope/register/

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/uploads/2018/08/LauncherFenix-4.8.5-Personaje-65x65.png

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/favicon.ico

HTTP Response

200
172.67.153.84:443

https://launcherfenix.com.ar/wope/wp-content/uploads/2018/12/LauncherFenix-5.2-Web-65x65.jpg

tls, http

IEXPLORE.EXE

2.0kB
21.5kB
19
27

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.20

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/uploads/2018/12/LauncherFenix-5.2-Web-65x65.jpg

HTTP Response

200
172.67.153.84:443

https://launcherfenix.com.ar/wope/wp-content/uploads/2018/10/1.13.2-65x65.jpg

tls, http

IEXPLORE.EXE

2.3kB
40.0kB
27
44

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/uploads/2018/10/1.13.2-65x65.jpg

HTTP Response

200
172.67.153.84:443

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/bg.jpg

tls, http

IEXPLORE.EXE

5.7kB
124.0kB
66
112

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.20

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/js/navigation.js?ver=5.7.2

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/js/jquery.easing.min.js?ver=5.7.2

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-includes/js/wp-embed.min.js?ver=5.7.2

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/uploads/2018/08/1.13.1-65x65.jpg

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/images/bg.jpg

HTTP Response

200
172.67.153.84:443

https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/js/jquery.mousewheel.min.js?ver=5.7.2

tls, http

IEXPLORE.EXE

1.7kB
8.1kB
13
15

HTTP Request

GET https://launcherfenix.com.ar/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

HTTP Response

200

HTTP Request

GET https://launcherfenix.com.ar/wope/wp-content/themes/launcher-fenix/js/jquery.mousewheel.min.js?ver=5.7.2

HTTP Response

200
104.21.72.175:443

textures.launcherfenix.com.ar

tls

IEXPLORE.EXE

726 B
3.1kB
9
9
104.21.72.175:443

https://textures.launcherfenix.com.ar/avatar/ed6c66baa7878bd167af180929b40df47cb396c5d31abd0457e0440545d0ab22

tls, http

IEXPLORE.EXE

1.1kB
5.2kB
8
8

HTTP Request

GET https://textures.launcherfenix.com.ar/avatar/ed6c66baa7878bd167af180929b40df47cb396c5d31abd0457e0440545d0ab22

HTTP Response

200
104.21.72.175:443

https://textures.launcherfenix.com.ar/avatar/06f28e288e9472c9761542d056d1f136380af2cca975a09cda648a5d2c0a73e3

tls, http

IEXPLORE.EXE

1.6kB
5.4kB
9
8

HTTP Request

GET https://textures.launcherfenix.com.ar/avatar/c9badffdc6d4d69385a2ef5a1ceeabb356bf0e871b8c69e276d62317b929125b

HTTP Response

200

HTTP Request

GET https://textures.launcherfenix.com.ar/avatar/06f28e288e9472c9761542d056d1f136380af2cca975a09cda648a5d2c0a73e3

HTTP Response

200
151.101.2.133:443

www.paypalobjects.com

tls

IEXPLORE.EXE

712 B
5.9kB
8
9
151.101.2.133:443

https://www.paypalobjects.com/es_XC/i/scr/pixel.gif

tls, http

IEXPLORE.EXE

1.7kB
12.0kB
12
16

HTTP Request

GET https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/es_XC/i/scr/pixel.gif

HTTP Response

200
216.58.214.2:443

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3288702287375926&output=html&adk=1812271804&adf=3025194257&lmt=1674001527&plat=1%3A1049600%2C2%3A1049600%2C3%3A3145728%2C4%3A3145728%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Flauncherfenix.com.ar%2Fwope%2Fregister%2F&ea=0&pra=5&wgl=1&dt=1674001525863&bpp=18&bdt=1340&idt=160&shv=r20230112&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1929714006097&frm=20&pv=2&ga_vid=277878364.1674001527&ga_sid=1674001527&ga_hid=869283691&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1263&bih=626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1910015521427820&tmod=1377162274&nvt=1&eae=2&fc=1920&docm=11&brdim=0%2C54%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C1280%2C626&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=1&ifi=1&uci=a!1&dtd=1219

tls, http

IEXPLORE.EXE

2.5kB
13.1kB
13
16

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/html/r20230112/r20190131/zrt_lookup.html

HTTP Response

200

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3288702287375926&output=html&adk=1812271804&adf=3025194257&lmt=1674001527&plat=1%3A1049600%2C2%3A1049600%2C3%3A3145728%2C4%3A3145728%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Flauncherfenix.com.ar%2Fwope%2Fregister%2F&ea=0&pra=5&wgl=1&dt=1674001525863&bpp=18&bdt=1340&idt=160&shv=r20230112&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1929714006097&frm=20&pv=2&ga_vid=277878364.1674001527&ga_sid=1674001527&ga_hid=869283691&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1263&bih=626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1910015521427820&tmod=1377162274&nvt=1&eae=2&fc=1920&docm=11&brdim=0%2C54%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C1280%2C626&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=1&ifi=1&uci=a!1&dtd=1219

HTTP Response

200
216.58.214.2:443

googleads.g.doubleclick.net

tls

IEXPLORE.EXE

672 B
4.9kB
8
8
142.251.36.2:443

partner.googleadservices.com

tls

IEXPLORE.EXE

673 B
4.7kB
8
8
142.251.36.2:443

https://partner.googleadservices.com/gampad/cookie.js?domain=launcherfenix.com.ar&callback=_gfp_s_&client=ca-pub-3288702287375926&gpid_exp=1

tls, http

IEXPLORE.EXE

1.2kB
5.8kB
9
9

HTTP Request

GET https://partner.googleadservices.com/gampad/cookie.js?domain=launcherfenix.com.ar&callback=_gfp_s_&client=ca-pub-3288702287375926&gpid_exp=1

HTTP Response

200
142.250.179.193:443

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

tls, http

IEXPLORE.EXE

1.7kB
19.3kB
15
21

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2.js

HTTP Response

200

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

HTTP Response

200
142.250.179.193:443

tpc.googlesyndication.com

tls

IEXPLORE.EXE

670 B
4.7kB
8
8

8.8.8.8:53

www.dropbox.com

dns

javaw.exe

61 B
111 B
1
1

DNS Request

www.dropbox.com

DNS Response

162.125.8.18
8.8.8.8:53

files.launcherfenix.com.ar

dns

javaw.exe

72 B
104 B
1
1

DNS Request

files.launcherfenix.com.ar

DNS Response

172.67.153.84

104.21.72.175
8.8.8.8:53

launchermeta.mojang.com

dns

javaw.exe

69 B
304 B
1
1

DNS Request

launchermeta.mojang.com

DNS Response

13.107.237.67

13.107.238.67
8.8.8.8:53

profile.launcherfenix.com.ar

dns

javaw.exe

74 B
106 B
1
1

DNS Request

profile.launcherfenix.com.ar

DNS Response

172.67.153.84

104.21.72.175
8.8.8.8:53

iniciolauncherfx.tumblr.com

dns

javaw.exe

73 B
105 B
1
1

DNS Request

iniciolauncherfx.tumblr.com

DNS Response

74.114.154.18

74.114.154.22
8.8.8.8:53

assets.tumblr.com

dns

javaw.exe

63 B
79 B
1
1

DNS Request

assets.tumblr.com

DNS Response

192.0.77.40
8.8.8.8:53

px.srvcs.tumblr.com

dns

javaw.exe

65 B
81 B
1
1

DNS Request

px.srvcs.tumblr.com

DNS Response

192.0.77.40
8.8.8.8:53

static.tumblr.com

dns

javaw.exe

63 B
79 B
1
1

DNS Request

static.tumblr.com

DNS Response

192.0.77.40
8.8.8.8:53

launcherfenix.com.ar

dns

IEXPLORE.EXE

66 B
98 B
1
1

DNS Request

launcherfenix.com.ar

DNS Response

172.67.153.84

104.21.72.175
8.8.8.8:53

textures.launcherfenix.com.ar

dns

IEXPLORE.EXE

75 B
107 B
1
1

DNS Request

textures.launcherfenix.com.ar

DNS Response

104.21.72.175

172.67.153.84
8.8.8.8:53

www.paypalobjects.com

dns

IEXPLORE.EXE

67 B
195 B
1
1

DNS Request

www.paypalobjects.com

DNS Response

151.101.2.133

151.101.66.133

151.101.130.133

151.101.194.133
8.8.8.8:53

googleads.g.doubleclick.net

dns

IEXPLORE.EXE

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

216.58.214.2
8.8.8.8:53

partner.googleadservices.com

dns

IEXPLORE.EXE

74 B
114 B
1
1

DNS Request

partner.googleadservices.com

DNS Response

142.251.36.2
8.8.8.8:53

tpc.googlesyndication.com

dns

IEXPLORE.EXE

71 B
87 B
1
1

DNS Request

tpc.googlesyndication.com

DNS Response

142.250.179.193
8.8.8.8:53

fe0.google.com

dns

IEXPLORE.EXE

60 B
110 B
1
1

DNS Request

fe0.google.com

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\309axvf\imagestore.dat

Filesize
13KB

MD5
db7e419c2b444d6df7c58653f1d50c37

SHA1
728a7501d195cc8bafb58bac378bac54113f819f

SHA256
eac553530e7b40f652fb8efab37b36a8743d99909fbb3925a30ad979dd3c39c2

SHA512
8347a41698c78a41581b81ffc58cccb1f5f81dd256adca506f5f77036d0feb476ab75b3f0651ae7b24822a9a68364a4eac8ee9cdea83bb6399bd21f5742f6036

Download Submit
memory/840-54-0x0000000076441000-0x0000000076443000-memory.dmp

Filesize
8KB

Download
memory/1768-70-0x0000000001E70000-0x0000000001E7A000-memory.dmp

Filesize
40KB

Download
memory/1768-67-0x0000000002060000-0x0000000005060000-memory.dmp

Filesize
48.0MB

Download
memory/1768-68-0x0000000000180000-0x000000000018A000-memory.dmp

Filesize
40KB

Download
memory/1768-69-0x0000000001E70000-0x0000000001E7A000-memory.dmp

Filesize
40KB

Download
memory/1768-56-0x000007FEFBF31000-0x000007FEFBF33000-memory.dmp

Filesize
8KB

Download
memory/1768-71-0x0000000001E70000-0x0000000001E7A000-memory.dmp

Filesize
40KB

Download
memory/1768-73-0x0000000002060000-0x0000000005060000-memory.dmp

Filesize
48.0MB

Download
memory/1768-74-0x0000000000180000-0x000000000018A000-memory.dmp

Filesize
40KB

Download
memory/1768-75-0x0000000001E70000-0x0000000001E7A000-memory.dmp

Filesize
40KB

Download
memory/1768-76-0x0000000001E70000-0x0000000001E7A000-memory.dmp

Filesize
40KB

Download
memory/1768-77-0x0000000001E70000-0x0000000001E7A000-memory.dmp

Filesize
40KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response