Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

6612bd599b...8.html

windows7-x64

1

6612bd599b...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 04:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6612bd599bb3e53f94d38de3024045fc_JaffaCakes118.html

  • Size

    36KB

  • MD5

    6612bd599bb3e53f94d38de3024045fc

  • SHA1

    b96e2981dcab1c1478ab4838f3a67289f40d46ba

  • SHA256

    f79c791fc805b295541918395b3af496cb15c225513dd0656956c56a4fcb2ffd

  • SHA512

    7680494cc6b786950c8f3e610444c2ee934bc2c161c291cb0db61a8c373e7d5cdf2ef59a1daef289eb70ddccc5d5acf7a97a429c346c024011fb029aae2a250c

  • SSDEEP

    768:zwx/MDTHik88hARuZPX1E1XnXrFLxNLlDNoPqkPTHlnkM3Gr6ThZOg6f9U56lLRt:Q/LbJxNVNufSM/P8EK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6612bd599bb3e53f94d38de3024045fc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1912 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2504

Network

  • flag-us
    DNS
    saltworld.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    saltworld.net
    IN A
    Response
    saltworld.net
    IN A
    104.21.11.155
    saltworld.net
    IN A
    172.67.166.97
  • flag-us
    DNS
    coinhive.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    coinhive.com
    IN A
    Response
    coinhive.com
    IN A
    172.67.165.117
    coinhive.com
    IN A
    104.21.57.186
  • flag-us
    DNS
    www.gravatar.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.gravatar.com
    IN A
    Response
    www.gravatar.com
    IN A
    192.0.73.2
  • flag-us
    GET
    http://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:80
    Request
    GET /avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
  • flag-us
    GET
    http://saltworld.net/forums/public/style_images/master/f_icon_read.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/style_images/master/f_icon_read.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/style_images/master/f_icon_read.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMKNI6JQaJlFJt%2Bz9f6JJsRxCQcR8L1AomvSqsYGamGEvdwd9WnkVYPXxSXpfOTEEmfzf7iMf1w25MxzcmLHXxvz3LpI1HgEn0uWXXUKkW1KCxfnQ2rZwjdflCEyodvr"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c54fa96521-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/style_images/master/feed.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/style_images/master/feed.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:30 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/style_images/master/feed.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1jdkIe1b9gJmA2Ctle4K4en07sWxv%2F3BwTRcaeFg3kjcWchZZPAQZQW19K86jwYiefW%2FIrHPOGe%2F9O34OXeLM9sWmrpL0T6hIRASPJeI5LaKagCTccyPLKIYB2sldUR"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c5bff56521-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:80
    Request
    GET /avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
  • flag-us
    GET
    http://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:80
    Request
    GET /avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
  • flag-us
    GET
    http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2MluWChm%2FyuKw%2FFPuoGibMAlFMdCcalH8%2FUV%2Fyj8LK7XsNnWrIiYRViszUb6gDQeOl08DNZuBRtM88P5TVtJ1ocgn%2Bua3zJphiG9bF3EYUyRNnkVfXRJJ1aVfOWo7LF"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c54d5e419d-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/style_images/master/useropts_arrow.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/style_images/master/useropts_arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/style_images/master/useropts_arrow.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zVBAdm1khYYk0YXSStDgzisQyl0%2FpXpnt5oCkr6UFjPmhoQA3C9JTh5aTzYFOoqp4CjP7wGKHUJCzee%2Bp8PfD%2FbcNWnfWBw%2Bzlbbgce2xNHtFHA9eSNZ%2FUiMMXr3RFZT"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c54a9c9494-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/style_images/master/top.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/style_images/master/top.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:30 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/style_images/master/top.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfYtiTO4bbuV1Aa47velsOlqGk0Qo3OBUg8Dw0qp92ESLx601YfcLFMByc5j4qKqTCkE2uuY3xAkLfsJizKDyRMHWd6i60T575oWchnek%2BLRMhnYbmriHuXgwu0B5c50"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c5bae49494-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://coinhive.com/lib/coinhive.min.js
    IEXPLORE.EXE
    Remote address:
    172.67.165.117:443
    Request
    GET /lib/coinhive.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: coinhive.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Wed, 22 May 2024 04:57:30 GMT
    Content-Type: application/x-javascript
    Content-Length: 1115
    Connection: keep-alive
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Content-Encoding: gzip
    ETag: "806233d282cfd71:0"
    Last-Modified: Tue, 02 Nov 2021 00:44:41 GMT
    Set-Cookie: ARRAffinity=2c67d33be6b9592c13d11097748916f7e95d849041273820c139acf9e6d026ba;Path=/;HttpOnly;Secure;Domain=coinhive.com
    Set-Cookie: ARRAffinitySameSite=2c67d33be6b9592c13d11097748916f7e95d849041273820c139acf9e6d026ba;Path=/;HttpOnly;SameSite=None;Secure;Domain=coinhive.com
    Vary: Accept-Encoding
    X-Powered-By: ASP.NET
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BdqPUxYw3keL0PKlLi8OaNSeXi0o2tpWTWQ3m71s4DpQBlTU%2BwUHRrcKzvXKCEzwzaVTMfBrK10%2BWk%2FbjpI3YLtCMHddLTpc6TkTGT7Zi35wWv%2BWBJIHuVz6AuQESBI%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 887a39c7be46417f-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q8x2dCWWAFtDUGgtukfytXVh%2BTTEn3qVOAsbud%2FWqc7tgi5%2BlZKcvyqU1ewEOi4plVccAfbRguhkoSblMpGYFQBzQeoQkRYN7HoKE%2FHsR%2F4nc074v4ssv3QnDfCASGHY"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 887a39c54d7b63ac-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRTR%2BFi4XZciJx2VG8LD7MEfDo4gaQX%2FTULeyxWkWcoGvaJHSApH5Is1%2FZx4fSmaq1iHK5tkPjyugRoF7R%2BnNP6yff7DG8SHGWukmjkbN%2FWfYodx0MFvjDadGXccPMXA"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 887a39c54e2edc6f-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7skGZo4AGYY4O80XZPmufoWhB1oXRPt%2B5mROHkyAQ2Pwv%2FfHg1BkFJCOuFyHWVwHUmeOSdEvmNJnpBewXkVYBViWmKkHu1pLe0Z96xUhpumnxTV3E0FIRcf0mZU3qrav"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c548b623c0-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/uploads/profile/photo-44563.gif?_r=1448768805 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZPKhUDU3wcUCUZAKh12eD3X2EB%2Fb%2B%2BKwANa5cEUhKBb%2BbFofS1ifML7%2FGko1s1f4NZTdYOVmEg20vBgpZCyuGpMnKj1%2FJpktuW4tJbUh1t7rcZRzwoXLgN9FCcx6W0S"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c5b8ff23c0-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:443
    Request
    GET /avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Server: nginx
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 0
    Connection: keep-alive
    Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
    Link: <https://gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png>; rel="canonical"
    X-Redirect-By: WordPress
    Location: http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    Expires: Wed, 22 May 2024 05:02:29 GMT
    Cache-Control: max-age=300
    X-nc: HIT lhr 1
    Alt-Svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:443
    Request
    GET /avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: image/png
    Content-Length: 22655
    Connection: keep-alive
    Last-Modified: Tue, 22 Sep 2020 02:57:25 GMT
    Link: <https://gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png>; rel="canonical"
    Content-Disposition: inline; filename="6ab9cf9740f754d0565ec0f4b1250e8e.png"
    Access-Control-Allow-Origin: *
    Expires: Wed, 22 May 2024 05:02:29 GMT
    Cache-Control: max-age=300
    X-nc: HIT lhr 4
    Alt-Svc: h3=":443"; ma=86400
    Accept-Ranges: bytes
  • flag-us
    GET
    https://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:443
    Request
    GET /avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Server: nginx
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 0
    Connection: keep-alive
    Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
    Link: <https://gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png>; rel="canonical"
    X-Redirect-By: WordPress
    Location: http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    Expires: Wed, 22 May 2024 05:02:29 GMT
    Cache-Control: max-age=300
    X-nc: HIT lhr 3
    Alt-Svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FldTwSkB8ih6by2%2BRoLx9jOE1y04zXjgoU8qkRjXPU%2B%2BWxrMQxrhItMzjPAydiheSWX6Rx2wDpSJZOOiSJH2O1QKJByrU9lKld5bSr6a0kiFFOB4HX%2BUnf3zcb%2BuZDbj"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c7bfe46437-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qfFj%2FDxoOYLNUHIYxWWsXN0G5MyDxZNaWS4VjbApNGdSnclaHwwLV3b4dXHOEet%2FzAmNo7JPutRQWjI%2FhrMfffbAaYDFAz9T5yfQXjq0bJEawiUo3Upn9T1UovxnR1Wg"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c8281d6437-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/style_images/master/useropts_arrow.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/style_images/master/useropts_arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/style_images/master/useropts_arrow.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZZZfet7UPlC0fisTCA0L1%2BSm7iFxsh6MyHfxUpbwJt8bYdQhBLIwffsulFB51HxduaGT1m%2F6R0CX0OABuShFv2ZDplZjUfEjIhZVF0RdVsudiBi%2FcZky5fVLu4vxf7Nw"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c888606437-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/style_images/master/f_icon_read.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/style_images/master/f_icon_read.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/style_images/master/f_icon_read.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTLOOKsP2CQkahJiTZgrZwaEEk9gu1WTfezmZfBFE7yCLLLICG65CF7X0vQSb9ghf4OF2UPALbq7np8nvY8v9XuLdOX9c%2B56YyU2HLUs%2BLL7jZ2wKhOJ%2BsBb80y3L5mN"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c908ac6437-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:31 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dPZ4ShXapFlbMM2fjj%2FDnSmtCrBUiAG2gBHJXtEm2geBrlZZ6ZklS%2BPw6v%2FvkS1CWL19VPXb8wb2Opbm6cPg8pd6HbNFZpawrb5atJfzVdSqfbz5z%2BQxy309x95WL8dF"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 887a39c968f76437-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:30 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jTcyOMxY8zvVtHM95SwkySztjpX5fXWaoEa0oW9QOun%2FT8msjpdjnGiu81ylJzmPBxPrBxz4GD0mv%2FnnhEp%2FliFLi9BQ%2Foqd%2FolIslWewgkTfH%2BjE6%2FWKHxgHuTQ8zDP"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 887a39c7b9c6954a-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    gamingw.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    gamingw.net
    IN A
    Response
    gamingw.net
    IN A
    104.21.65.85
    gamingw.net
    IN A
    172.67.160.162
  • flag-us
    GET
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 22 May 2024 04:57:31 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVL7HrcOlpCicviuzigFLBihsGjFCXyeWzVozjx0qNVnHklzSvRM3jsgKWGARLqjvWA6hdA3oqPQgEm6ROAwI2%2Fnszl92X8PQeTw0iaxUXLwk%2Fpn32eqn0l1Xhtlvw%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c94e24949a-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 22 May 2024 04:57:31 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxXupDJqRB7s3ofL%2Bnop1Lr6dS4u2hU%2Bt0PTSs8sTgLFTGTEUK2nIwhyHq09DD%2BjOJF1mKMrHMKi7jvpsO7U58Mv35mb9%2BBOVOafT3ABtSnl9JA0MCngmlvj1scH7A%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c94ba045a1-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/style_images/master/useropts_arrow.png
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/style_images/master/useropts_arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 22 May 2024 04:57:31 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: EXPIRED
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I6ov%2BEQAOaqjkZSz2WBvqao6ZgUIaDgbD3GYG8ya99XJNzhE1Ce1ofKRCCd1OIqMpP25VW8NXMsttZLRdt3M2wMzjmH9T5pDoaZeP%2FpQn%2F8ZyJKAfUj6l%2BTzc3Y49Q%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39c9da846322-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 22 May 2024 04:57:33 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1yfLDMwLW7KZ%2Fd5kf932lHMqMOvTzFozNQNT%2BVLf5bSHPEn3ymSSIJnCbaZZYclco%2BvqA8mqomIUKmvMpGM8ZH0MoEd0CouvTZ9Ftfk8wR6QET5BXUkDpIRDCvjsCw%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 887a39d5fa876322-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/uploads/profile/photo-44563.gif?_r=1448768805 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:29 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tsfP0ROtc2NH9JHZNwE1xYAdzaZzGGYgHsD1NpV5TfyKH3EigB4C3YlG43Zc5WcQSG55%2BI7wbHBe%2FaLhCnkYfxfRV9Rj4eMttR2bdQ19shCVWAOJTJHIgpiXmcSO%2B8y%2F"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39ca4cd9dd1f-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/style_images/master/feed.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/style_images/master/feed.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:30 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/style_images/master/feed.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQYuweXr4g6YYM83Kg0F%2BW0jXORWXTnkjWuLK8eUAOBwoYlKImhzKpi2n3UhvwZA0c3jsI74W12Y%2Bf5Q%2BCXMr6%2B%2FjrqDbRFj%2B4ipGiq8Wd7ZrsB2U1Bd5lYrIC8uVTk9"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39cf9f62dd1f-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/style_images/master/f_icon_read.png
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/style_images/master/f_icon_read.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 22 May 2024 04:57:32 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: EXPIRED
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkn0yV%2Bn9Can5u6gxbAPjfbdHYzEdcbv7hsQUxY2eCmsUZ8H83OBbuocq1tN8TvrE0knBWafU1Jq3vxfWB17nBPY7SS4X4kG6BSPJETb0sf6QBhwGaXZC0DKQGrqBw%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39ca4ee47731-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/style_images/master/top.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/style_images/master/top.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Wed, 22 May 2024 04:57:30 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/style_images/master/top.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmPoGmj3W8G6bDTPjHhALt15JEGRMxNgv6RiEXJt4u%2B6P8mwY%2FJb0MezO2QxZAGGiVq7pZcS8mhtXycN1X6xfn9%2BKc1ZZIDALQj29MAzhNgLAcu94lXD00oHoWVmkJS7"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39cf9e1993fe-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    i1.wp.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    i1.wp.com
    IN A
    Response
    i1.wp.com
    IN A
    192.0.77.2
  • flag-us
    GET
    https://gamingw.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/uploads/profile/photo-44563.gif?_r=1448768805 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 22 May 2024 04:57:32 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: EXPIRED
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vosJ3iWFgwHQeOuwz2k4qR7Enp7rxRHzK03drThNCphnQrVjd2q%2Fre77Y129lEpM9e9FTupjVQf6peFnWdpXD2Uv49FXwSxN2sYxZnbCqFC8A10azhJewg5x0m5YPA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39cbcf254596-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.77.2:80
    Request
    GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i1.wp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 File Not Found
    Server: nginx
    Date: Wed, 22 May 2024 04:57:33 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-nc: EXPIRED lhr 7
    Alt-Svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.77.2:80
    Request
    GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i1.wp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 File Not Found
    Server: nginx
    Date: Wed, 22 May 2024 04:57:30 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-nc: UPDATING lhr 7
    Alt-Svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/style_images/master/top.png
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/style_images/master/top.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 22 May 2024 04:57:32 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: EXPIRED
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntJOGGFFbcbKHXNl2jGOIPwxYiqTFIRA%2FvePmqUtoEtXyDb0qgwNqYFmoAlTrEEWBPBdtpVVbHjKPE6dm7xigcMgI0fn57cTfafZhwH0VhE%2FS4gNZSjhg4uwp5dwPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39d0dde694d8-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/style_images/master/feed.png
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/style_images/master/feed.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 22 May 2024 04:57:33 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: EXPIRED
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X7JofRg3Ffj4a3s2tpS4zyLDRbmSaGP6PtqCPzCSAwv2y2DiT%2FyCYYU0MxDCKXgepudy4wwyY82oAcrS26PvFEluQllJUVt%2BGExGGh7OKwBDsCJBXYhJOfXSdaTQeA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 887a39d4b926657c-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 22 May 2024 04:57:32 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fquB0kYOPghvoRWp6j3WwiIfTwuqSzTZEDrs0OUn%2Bzw0uyC5XY%2FCevlGc%2FIHskch45iKIYOxdl7h8TPyjHHFR0zP5QTUD%2BtCUSmNgQcSjXnsEsmF9G8UPycKYhgpeA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 887a39d4bcb9653a-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-gb
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    216.58.213.14:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 17168
    Date: Wed, 22 May 2024 03:23:28 GMT
    Expires: Wed, 22 May 2024 05:23:28 GMT
    Cache-Control: public, max-age=7200
    Age: 5645
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.55.97.181
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.55.97.181
  • 192.0.73.2:80
    http://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    http
    IEXPLORE.EXE
    686 B
     713 B
     6
    5

    HTTP Request

    GET http://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    301
  • 104.21.11.155:80
    http://saltworld.net/forums/public/style_images/master/feed.png
    http
    IEXPLORE.EXE
    975 B
     2.4kB
     8
    8

    HTTP Request

    GET http://saltworld.net/forums/public/style_images/master/f_icon_read.png

    HTTP Response

    302

    HTTP Request

    GET http://saltworld.net/forums/public/style_images/master/feed.png

    HTTP Response

    302
  • 192.0.73.2:80
    http://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    http
    IEXPLORE.EXE
    686 B
     713 B
     6
    5

    HTTP Request

    GET http://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    301
  • 192.0.73.2:80
    http://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    http
    IEXPLORE.EXE
    686 B
     713 B
     6
    5

    HTTP Request

    GET http://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    301
  • 104.21.11.155:80
    http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    http
    IEXPLORE.EXE
    722 B
     1.6kB
     6
    6

    HTTP Request

    GET http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css

    HTTP Response

    302
  • 172.67.165.117:443
    coinhive.com
    tls
    IEXPLORE.EXE
    819 B
     5.8kB
     11
    10
  • 104.21.11.155:80
    http://saltworld.net/forums/public/style_images/master/top.png
    http
    IEXPLORE.EXE
    977 B
     2.4kB
     8
    8

    HTTP Request

    GET http://saltworld.net/forums/public/style_images/master/useropts_arrow.png

    HTTP Response

    302

    HTTP Request

    GET http://saltworld.net/forums/public/style_images/master/top.png

    HTTP Response

    302
  • 172.67.165.117:443
    https://coinhive.com/lib/coinhive.min.js
    tls, http
    IEXPLORE.EXE
    1.2kB
     8.1kB
     13
    13

    HTTP Request

    GET https://coinhive.com/lib/coinhive.min.js

    HTTP Response

    200
  • 104.21.11.155:80
    http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    http
    IEXPLORE.EXE
    590 B
     1.3kB
     6
    5

    HTTP Request

    GET http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js

    HTTP Response

    302
  • 104.21.11.155:80
    http://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    http
    IEXPLORE.EXE
    619 B
     1.3kB
     6
    5

    HTTP Request

    GET http://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0

    HTTP Response

    302
  • 104.21.11.155:80
    http://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    http
    IEXPLORE.EXE
    1.1kB
     2.7kB
     8
    8

    HTTP Request

    GET http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js

    HTTP Response

    302

    HTTP Request

    GET http://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805

    HTTP Response

    302
  • 192.0.73.2:443
    https://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    tls, http
    IEXPLORE.EXE
    1.2kB
     4.8kB
     11
    9

    HTTP Request

    GET https://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    302
  • 192.0.73.2:443
    https://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    tls, http
    IEXPLORE.EXE
    1.8kB
     28.8kB
     23
    30

    HTTP Request

    GET https://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    200
  • 192.0.73.2:443
    https://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    tls, http
    IEXPLORE.EXE
    1.3kB
     5.6kB
     13
    11

    HTTP Request

    GET https://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    302
  • 104.21.11.155:443
    https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    tls, http
    IEXPLORE.EXE
    3.2kB
     10.3kB
     18
    19

    HTTP Request

    GET https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js

    HTTP Response

    302

    HTTP Request

    GET https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css

    HTTP Response

    302

    HTTP Request

    GET https://saltworld.net/forums/public/style_images/master/useropts_arrow.png

    HTTP Response

    302

    HTTP Request

    GET https://saltworld.net/forums/public/style_images/master/f_icon_read.png

    HTTP Response

    302

    HTTP Request

    GET https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js

    HTTP Response

    302
  • 104.21.11.155:443
    https://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    tls, http
    IEXPLORE.EXE
    1.2kB
     6.5kB
     10
    11

    HTTP Request

    GET https://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0

    HTTP Response

    302
  • 104.21.65.85:443
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    tls, http
    IEXPLORE.EXE
    1.3kB
     7.2kB
     10
    11

    HTTP Request

    GET https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    tls, http
    IEXPLORE.EXE
    1.3kB
     7.2kB
     10
    11

    HTTP Request

    GET https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    tls, http
    IEXPLORE.EXE
    1.6kB
     8.3kB
     12
    14

    HTTP Request

    GET https://gamingw.net/forums/public/style_images/master/useropts_arrow.png

    HTTP Response

    404

    HTTP Request

    GET https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js

    HTTP Response

    404
  • 104.21.11.155:443
    https://saltworld.net/forums/public/style_images/master/feed.png
    tls, http
    IEXPLORE.EXE
    1.6kB
     7.3kB
     12
    12

    HTTP Request

    GET https://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805

    HTTP Response

    302

    HTTP Request

    GET https://saltworld.net/forums/public/style_images/master/feed.png

    HTTP Response

    302
  • 104.21.65.85:443
    https://gamingw.net/forums/public/style_images/master/f_icon_read.png
    tls, http
    IEXPLORE.EXE
    1.1kB
     6.7kB
     10
    11

    HTTP Request

    GET https://gamingw.net/forums/public/style_images/master/f_icon_read.png

    HTTP Response

    404
  • 104.21.11.155:443
    https://saltworld.net/forums/public/style_images/master/top.png
    tls, http
    IEXPLORE.EXE
    1.2kB
     6.4kB
     11
    10

    HTTP Request

    GET https://saltworld.net/forums/public/style_images/master/top.png

    HTTP Response

    302
  • 104.21.65.85:443
    https://gamingw.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    tls, http
    IEXPLORE.EXE
    1.1kB
     6.7kB
     10
    11

    HTTP Request

    GET https://gamingw.net/forums/uploads/profile/photo-44563.gif?_r=1448768805

    HTTP Response

    404
  • 192.0.77.2:80
    http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    http
    IEXPLORE.EXE
    658 B
     856 B
     7
    6

    HTTP Request

    GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

    HTTP Response

    404
  • 192.0.77.2:80
    http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    http
    IEXPLORE.EXE
    606 B
     555 B
     6
    6

    HTTP Request

    GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/public/style_images/master/top.png
    tls, http
    IEXPLORE.EXE
    1.1kB
     6.7kB
     10
    11

    HTTP Request

    GET https://gamingw.net/forums/public/style_images/master/top.png

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/public/style_images/master/feed.png
    tls, http
    IEXPLORE.EXE
    1.1kB
     6.7kB
     10
    11

    HTTP Request

    GET https://gamingw.net/forums/public/style_images/master/feed.png

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    tls, http
    IEXPLORE.EXE
    1.2kB
     7.3kB
     11
    13

    HTTP Request

    GET https://gamingw.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0

    HTTP Response

    404
  • 216.58.213.14:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    812 B
     18.3kB
     12
    16

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 216.58.213.14:80
    www.google-analytics.com
    IEXPLORE.EXE
    190 B
     92 B
     4
    2
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.6kB
     9
    12
  • 8.8.8.8:53
    saltworld.net
    dns
    IEXPLORE.EXE
    59 B
     91 B
     1
    1

    DNS Request

    saltworld.net

    DNS Response

    104.21.11.155
    172.67.166.97

  • 8.8.8.8:53
    coinhive.com
    dns
    IEXPLORE.EXE
    58 B
     90 B
     1
    1

    DNS Request

    coinhive.com

    DNS Response

    172.67.165.117
    104.21.57.186

  • 8.8.8.8:53
    www.gravatar.com
    dns
    IEXPLORE.EXE
    62 B
     78 B
     1
    1

    DNS Request

    www.gravatar.com

    DNS Response

    192.0.73.2

  • 8.8.8.8:53
    gamingw.net
    dns
    IEXPLORE.EXE
    57 B
     89 B
     1
    1

    DNS Request

    gamingw.net

    DNS Response

    104.21.65.85
    172.67.160.162

  • 8.8.8.8:53
    i1.wp.com
    dns
    IEXPLORE.EXE
    55 B
     71 B
     1
    1

    DNS Request

    i1.wp.com

    DNS Response

    192.0.77.2

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
     230 B
     1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.55.97.181

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
     230 B
     1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.55.97.181

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    42ec5770289464501816636a2483c868

    SHA1

    09aeaf57096a6d980118b8f6abb5db5774bf64a2

    SHA256

    a10adc0e46f5e662f36b0afea903f9332ac3476db31a960e28768bdd27cd8894

    SHA512

    245ab7a4e06cc5773cea5ce052b3887a1f80c2b926bf9ec13ea2498f75b80aad58142251cd5ae3f59c63174be3794956a557af2653a357752a8dfc5142f4d106

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    6358ed887294be2a743fc0486e56ccc7

    SHA1

    765204dc4af2534fc0ccc5d7e7685f0f73628ba3

    SHA256

    53edc756f9bc93858ae9658f4413d7bbe2bf8a01511f9e3aaa7b558f083bcbfc

    SHA512

    0d6dfa424ec57447aff192f6e87e38cd206602dbd9504e540233a193f1680720f409f31d54d7911eb7677845b3167d17735d4e4bacf397565e9089463d75ff65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cedb01580cfa53d75e59427a85cb49b

    SHA1

    42645f8c1a598c64b9e71524a38b02414d2a2565

    SHA256

    44e70def3c6c24ec1842a2394c97b880e9e6c30617a114539bb07d1056d95d56

    SHA512

    85e9bc20c95152cdf489a52dfb9bb1158c13e64113c4d6d081d3dd4ebda68cd29e3164478d3a511cf3f6dec60ec91084259a549ff50dc90a118cd15436e57241

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d99f3894a093a972afe91d3aa90083e9

    SHA1

    c54addacbb5eded7e0e3c440656a24396d95f497

    SHA256

    2f125f64b18fe154eab24de33399ea769271576a22b76d9714d576d0ca9dab19

    SHA512

    bfe38722826477087516a8da44a0ed63e3f8566187bd66718958fe61667204a8676d17ba225cc6828061bbd3f9f2cf00977610b16239afa37fb68c30fc8275dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c2417d237c6d9d725a173d86d33a7c9

    SHA1

    10e7d9a3074d79d57d4d82ab1ac138c8040bd2b3

    SHA256

    05acaccc3b78b6368f401935d46d324aa88af9286d1ed150821a331f49e0d072

    SHA512

    ba1201d64e222920c7c5cde0e5b07044c468bc614c50e1ccf5283be61f23a2d06f8ce1dc13070001080b01ee6768efe4245df0624853dfa2327a3e154cd6cdcb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b524e8bcd450165ef8dd2b37b5a1c8a4

    SHA1

    2892d16fbf8e45afb2f300a3829901275d87cb59

    SHA256

    03f46f160fc7b9841e0db02f6b25f73d3de5fd73e3b97ff1fc1b405d9e5c4d3f

    SHA512

    c7f290f39424798f6ccc4b75df5e6be1c3ea3d42a13f76720756151d98004a4051dac1207b8acc4a7443da04129248231b49ad984ec943df2bd909de82840a11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c36f6f42190019d4f8789531928d91a

    SHA1

    5aab9c40a639e6db53966f086e579b4b3ab77238

    SHA256

    ccfb4463828087eab522d436ca0b3b47d59870a35544a9ba679915f4618380f1

    SHA512

    c2b0984b860117b67870b414e162a789153734fefc916fa59dc7b317b79d82bcaf6732a44b6bb4f2378f9fba7570086908199230c9517852b60c4bc350e10de5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5bbc2669d0941efa045a4049f209038

    SHA1

    119dca20ca18c31a934f5e7b6de8d4e25f98b276

    SHA256

    23cc3968d3cafbb161050e705e150ad160c13e59f8a49d010128389e5e4391df

    SHA512

    fcb7c643a40eef4c854199937534c2e755ba9c5a20f9ad89ac2330180234c5d72dedbaad3b26708d9341565230e3a006736d87f3558ab0a862672573a5549ef0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b11750646096034b511022a9fefcaa0b

    SHA1

    2f62fb5af9da2b431c6cba5e3b6e92c144b0290d

    SHA256

    6fb5ef21ff5a36fa1dc189f7eb843546da871358dba93854c651c2ca82971824

    SHA512

    1718f4a6e35ca70fab03e0d01e2afe0312be1b5027fb115d3876bfab0871e9fafe8260581469ec3955734665d02fb0f36da69c47bc1b72f7e4ff43a6a3187742

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6fa2668847fe3f4c5313709b268194e2

    SHA1

    d4c8f7243f5f2e6e3e74293b3d6e98e3ceee40aa

    SHA256

    1bde0008d1198826cda82a9706881b18d11a183eb696f3ae348064ebac039811

    SHA512

    9edafdfffbb0b9c2003f0736265ad85db49c7ef28e563db945541d8dbe235c945c00d1d139a0c3af8906d5d30dd4fd0c49b196a6c47161f19a9de9ba2ac35397

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fbaad70fb5e165f43169cf27181db10

    SHA1

    e81e6c9b3d4cc60e39b3501b16c9097bcebc1894

    SHA256

    ca0cbd80686b66045159fe577eeb129a7ebc0089d92a18fdbabc03c99bf0da1d

    SHA512

    be4a4686ed7fb2c3c761917943d643bedf708e9251b006cc829cf3b31b578396500cfeccc92bef1bacd8d68985d9ceff94617ec6e40cfb868e083573d5f90a01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86b432fcd71ce49e41b8b3554fdce310

    SHA1

    07cc71284c80111f455813ee4f509b9ac705b961

    SHA256

    f2373d1f6645a57a03412aaade53eb66df770622b6d0107977df23698a4174ca

    SHA512

    a820adad6a6c4c75b72d7337ffb98f5cac40bf699bcf86e9568c7fbeb2e89fa32aebbf38aae83fbe9d2c8311dc67566c07cf079f04c52fabbfff8dc52e2dace4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72a7cab4879bc5bb190ad345bd6b6867

    SHA1

    f90a6b8d2df1765748fd7f91e9937454b74d85da

    SHA256

    cacc6cd2eb4d6cd98024f8299f0047409ba06f60bc53cdd5bd690cc3365dfdfa

    SHA512

    62b63c449f33819f2547c23af99f7bd3d25c23092bd835a605fa5952ec529de443c44cdd46f2aeaae633953440f095a2744423b1b280dd376b4b057294ada8a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc869927c60ddec670435d0a342b61a7

    SHA1

    e59cbae5bc60ed117949d228bdb5eb930b1bde1c

    SHA256

    360ea6cfa787c07640dd20d9f1dbde1f17da75a8b823da174ff237a73d70e3c8

    SHA512

    4ee5eb4986d4e68f7c28681b14cb9bf4b93928cb3e6d6286fc692a14af78c7558e481f2b36063debae3129bbad4b89d998095fcfb81fbbec753ad1ad8c346999

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0d75bdf96e1e8664376411b8005775c

    SHA1

    fe52150eae3abe41fc03da05b50088feb9beee6b

    SHA256

    a42eac6415787e66c7c01b31fba3c67d1001a90fc3c5b21598454692c660b4f7

    SHA512

    63663258e9e02f530746599e1f66d2c5b1ba5d24f6993d40d8d4a29faf8b23c746dc8d0d54f3b3a1654ec8c575ca1b7ea3e70472599bb470f7f44d1624215864

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b6ca8abb4631a9d6113f807ef59f4c9

    SHA1

    7aacf3469de003c7b319659c95f4fea0fe9333db

    SHA256

    685b8218224011a7ae593f1e6ecafa469ed12e79503cee5b8f6c6592262ed2b8

    SHA512

    00aa69fa858cebf6639cf9ddd6af2065280c17c2f4b8667d53cfb32f3072d28c90fab61c459db100cfe8d0bb79f8bb0eb9fa6fd35b72d331f992b6b6bf0b054d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9acc08b227827031730f5083629884a0

    SHA1

    c6f825bd3d3e848784412acccb3a289a9d578631

    SHA256

    445bf9a31deae638597248eaebda229898532c98f96505093b0db079aec583f8

    SHA512

    c11080cab46565ea46b5c1ac91bf3b92938d7df49c56abb6ef6ce749ab8e213affc752ac43ad704df35388a8a6db293344e023f6ce9f3513fdb8ed1e2586e354

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4affe00665de9f3a2b3e6399bb34469

    SHA1

    39d0977f79e35214e7da798a751249726b0ce1e3

    SHA256

    0957ffe3f5c175f7ec91489369228f2fa103895f5d2b76f4457d3a74deacb840

    SHA512

    3c13a92503d691607641cf7aa8a10a2d825e2c39fb780c581e03d54ca72909acc404735afba04b3e6f0a736f14b7ac0cb3a76d6215763dbe57658085e7710418

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6408c6481e0bae706a4161788637ab7b

    SHA1

    e7565a84bf0c29c6f66780e9a36b469866b31285

    SHA256

    4924445fcc37661e76683aeec9a326827b27b2c5edacccea567a133969bd3571

    SHA512

    3150d9ad8924b09288b53670dab5bff0ddc0efa94714bf8765238cd6f65a53ab279158d48fd87b449977e0a54998ee151a327d38483585bf65309fb967c5121b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c6710fa803bf10264d47e17786b6d63

    SHA1

    f71e2f1fe4260945d3ef5849c70c669098dc7508

    SHA256

    291ab2b2666263677a4113494b0cad1356cbd63b52fabcba369f8bd2355ddaf2

    SHA512

    877e8edde1d6ae2d4043d12d1abb2ea63c04e5852e01e108081b1edd8614a750c835a44ac0bc3e039ff532013ba15eaeec34744d7179f03d08b6a71a33395031

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7df9c759eff148b513c3451d6a31959a

    SHA1

    92c8118484de18764ad406b6635fffda73fb76d8

    SHA256

    fcec2809e33496353ad47d872e7692afdba18ab83d7c93c1723fa01ac4166823

    SHA512

    b3f8a4124201f0383d98c26395da10758dbda93bfa53328eee6fe6f7b28a3627bf658b4d96eff9cdf65cce30eff889dbffded569b3739fa2d9da55669817d513

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6df31d436486aa2813e516a8056b7ac3

    SHA1

    c7b3953039b27f0a437e581c6cb82cd15982c171

    SHA256

    454b22662b943f55dc26b772301923c4f56d80636167a11e8d7c511bf2a0f0c2

    SHA512

    c09efd12293fb7c69281dc4063a54e1e41ef156f655d4bd7e97d51716cec1ba32383ba1e4133cf885db324553232b3f797f27ddfea754284f4e363be3684cb3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fb5683979b7df5f38d660ea4b267567

    SHA1

    866fe5b6aa59b1acdd0ecefacb9edeb964d0e808

    SHA256

    4347e3252ad919a91e8803c54d20388cdeaa538701fbd6435f26010f337baba0

    SHA512

    0e3ce0df3ee3b3da278dafeae03c8ce516c7edfed08666fe6991857faf98fb6d8b47b18e9498b3152a9a3d2514c1b912dc748a37a987186eaf50d09ad0c1b92c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
    Filesize

    392B

    MD5

    893ad2d37fa30e1fb7bcf3db8a973013

    SHA1

    be58e76e2fc310ae049053dcb8a1c38ff60ab520

    SHA256

    2b3f385c347d4410b07a4ae2d39dcebd0728ea27035052348d3eaa81e0ebde42

    SHA512

    71dfb85361ec3dacd2366f79bcd3ef9b22eb7ebf1be4be74ddd139de5b6c1cc7516073e42d70772fe3f38de90f690547e291c3e51b904cc3423235f9a4062023

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    44274f553006b7fd11b66177c7fd456b

    SHA1

    4ba4337b0b26b71cc468170a60da724dae19118d

    SHA256

    c96ca0f1e128d69cc5cfcc0882e2264f530370290bd82cea97a5b6947169b97b

    SHA512

    72a1b1ee3cf83123d3f5997e564e28aadb6360c8f24e68298185eefcb020e32e6254edc6ae0e2072d93778dba263333f47ad70e9ff19447a35bd34c171bad11f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD1D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD2F.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE08.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.