0a9b1014bd22f1cdd548b0e658f3bb5e07efb3e10cffb556a2efa4e7fe20aa1d

Analysis

max time kernel
117s
max time network
127s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
30/05/2024, 06:35 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

834c73ceb30008f563de737250cdce71_JaffaCakes118.html
Size

88KB
MD5

834c73ceb30008f563de737250cdce71
SHA1

ff780cb6fea127726c240c62c975a09898c0b4ef
SHA256

0a9b1014bd22f1cdd548b0e658f3bb5e07efb3e10cffb556a2efa4e7fe20aa1d
SHA512

4c9d1c1b39e40b2e2dc66a7282321b868a997bf907bf8b0054c409579e8084c843bdb90ed9e7bfc60e5bb092bd71944f9efa97ed20e3b14ce52036f73ce896fe
SSDEEP

1536:l0ag4cHJrcPM0Tw5zw2I7EjTPj7sJfS/zZ2mpFxt+zRIk2yw:Er8Twxw2RY+AmpFxtoRIkbw

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 38 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath = "C:\\Users\\Admin\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002d188ec2175d534d8b637fb06f0837aa000000000200000000001066000000010000200000008ca3bcd0ba9dd6403f8a3891659b2f44928a02adc3b5d919e3e5ad6e0214b91d000000000e800000000200002000000037d5201f9b551406eacf7ddc191e42dea03eef1e96f27a0b5999e394dcccf673200000006e4b95fc8fda456ae3338ca33da2f885e2b1860b1f9b0fb5ee1f500f93cb0ef640000000019c0b309a3af4d8945c43c3a40ee838e47bd04ad69ab1024efa19b648dd8c1900ac14d3257ca10e92b5ff45df6d6bab67fd7e99420ed7881d58c799d4c97148	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423212816"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 9047b1af5bb2da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D9E07131-1E4E-11EF-8A74-66F723737CE2} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002d188ec2175d534d8b637fb06f0837aa000000000200000000001066000000010000200000008c48bfce89ee11d45341b977a50c13b471ec60c985950989caf3571c73ab8974000000000e80000000020000200000004f6b424826c9755a666fae4ab808a3accce070fa9cbc133cf4edffbe0e063fd1900000000c04eabb7258dde7c1933f7996e006281fe442c069a7b51ebc6be9bff9be949cf86adef7852b50d929ea50c6ae072ce25f263d0bae37744399756273fa8c7528bcabfb681d6a07caefd966fc4a9fa86f740d9841fc4ca601b0566d1cbe59a0d5801977fdb701e3ce42175e2a115974a1efb75800083decc509344d4ab4c3eae6ad4b270314a1386a2a319dbfa511eb4340000000b1615bc88c1c30341b3e1248b139a05897d7b3aad21626c9df5bdfcfafc3f201cde343d3a643a3641bb13dc1f80c7d4e8bb1e97acc5718292aa86021f8d8bba7	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1964	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1964	iexplore.exe
1964	iexplore.exe
2976	IEXPLORE.EXE
2976	IEXPLORE.EXE
2976	IEXPLORE.EXE
2976	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1964 wrote to memory of 2976	1964	iexplore.exe	28
PID 1964 wrote to memory of 2976	1964	iexplore.exe	28
PID 1964 wrote to memory of 2976	1964	iexplore.exe	28
PID 1964 wrote to memory of 2976	1964	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\834c73ceb30008f563de737250cdce71_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1964
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1964 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2976

Network

DNS

ayeshapc.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ayeshapc.com

IN A

Response

ayeshapc.com

IN A

172.67.199.51

ayeshapc.com

IN A

104.21.68.225
DNS

bit.ly

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

bit.ly

IN A

Response

bit.ly

IN A

67.199.248.10

bit.ly

IN A

67.199.248.11
DNS

stats.wp.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

stats.wp.com

IN A

Response

stats.wp.com

IN A

192.0.76.3
GET

https://stats.wp.com/e-202031.js

IEXPLORE.EXE

Remote address:

192.0.76.3:443

Request

GET /e-202031.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: stats.wp.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 30 May 2024 06:35:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/14377-1704402358485.9985
Content-Encoding: gzip
Expires: Sun, 13 Apr 2025 05:17:30 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
X-nc: HIT lhr
Alt-Svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/plugins/secure-copy-content-protection/public/css/secure-copy-content-protection-public.css?ver=2.0.8

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/plugins/secure-copy-content-protection/public/css/secure-copy-content-protection-public.css?ver=2.0.8 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1505
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFPYtqopVjdOrGeEB1sdzDxj3GBH5r4Q4YUjBv9Xu6Peng8WxGe56QG%2BrMP8d0hzTT9yhSOzAH9v76fKuoNC1rqtlMovMuLCh252OucycxyiMEbTWg3QAMG%2FPBWDAcc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4df19be88b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/themes/schema-lite/js/customscripts.js?ver=5.4.2

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/themes/schema-lite/js/customscripts.js?ver=5.4.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1510
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NS3d2bM%2BeFRW7jOPUR7Y%2F0mmpLNsR79Jzw7tGMqhlBOgEfHYZ2ry82n0teID0jJTITfHvg0XzW4TE1PAklbgAtmUZkjPTc1M8fbXwwi717RLlrY7Je%2BjcB7FU21edUc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e02ab088b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/uploads/2019/01/aSc-TimeTables-Crack-2019-Full-With-Key-Download-Windows-Mac1-300x213.png

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/uploads/2019/01/aSc-TimeTables-Crack-2019-Full-With-Key-Download-Windows-Mac1-300x213.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:52 GMT
Content-Length: 1375
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFxe99DaSwGQNQu6XY1laqgkvmbR%2B00lqHaRHV1JzW4oUqk516MCJePtO92RjRfOktgrCyvsVbGa%2Fra%2FXiUCp%2FNwSoVJfKSU8lpmW83xHHsWdEnz82oLqoYpVP3kXZ0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e17c2f88b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1430
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46tb29HkZhwK0N0VRcMS3if2%2Fc69DHqN9GOfE7LVVGx60d1yiLeP2xj%2F30vs7u6HveLYgO4mLgyN6GeYoGrvvy4MfnXPzmP0udUxFew7eA6%2Fmf9uQoC32JL938HpYcM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4df2fa7385c-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1432
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQ9Xw%2B0Zd9xQVUiDgs9%2BVBQcKRvL2rOZVRukxSb56KKHraxl0XTh5wkLC9c0SusBpSQkbvqIwFEYNn%2BxOEg%2F0G%2BYcNDmQrYjQgEk6kAVyz%2FBvis6mrus2YJekAMqFTo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e078c8385c-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/uploads/2018/12/Screenshot_2-187x150.png

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/uploads/2018/12/Screenshot_2-187x150.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:52 GMT
Content-Length: 1394
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDdtmg%2FxWB02x15wGfdWMZOSx%2FDbwdyeGDPZnhEtkc0ENnNb271SD%2F0Tu1XR313aXA%2F4OOsFKPkkSpHFQEHBGHiJi7ZnRRaDJbKV3%2BwFBRmZICkRXFgXMxbKO9uiUhA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e189dc385c-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.6.1

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/plugins/jetpack/css/jetpack.css?ver=8.6.1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1499
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zjb92t85zbO%2FHruKMHi1sbzCsMwz8ynL2htYyZiUm7GJb7yUEURXGUrdvpHP5IXzRzWLsaLqD08q%2Fn2lr61LNGJ6Z2AJA4nqAnPo8rZFuVno%2Fyy8xj45LPM0gJhx0rg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4dee987941e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/plugins/social-locker/bizpanda/assets/css/lockers.min.css?ver=145

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/plugins/social-locker/bizpanda/assets/css/lockers.min.css?ver=145 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1524
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BK0AqHKHI7zhlxGXg3WC3euacb4B442Juuea%2BSpeHI4BDE3HVXGEdYqBLcnnQtskXQE7%2FE4YnWmV4TmMVbRjikGF45UEmCMn8bH5otIEHWUMRF7lLXRUuQNJMDqIEYI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e01a6e941e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/plugins/post-ratings/assets/jquery.raty.js?ver=3.0

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/plugins/post-ratings/assets/jquery.raty.js?ver=3.0 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:52 GMT
Content-Length: 1428
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nP8SPs8v2BQbodnZD%2BFUQ5K%2FNXN%2BlgJ6jM8JXsR4dMH3Qc1t0vqMYCfwliBoQIQRkyOuzgFJMDPJbatZx06nK521NK7PvYgKQl9kuxJESRihV%2BDpQc3xc3kNl7mcG%2B4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e15b93941e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.2 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1406
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZChpFEOn2SGi3o2qqrkDPdqPB88brp1s%2BYPjGlE7rzUHWNgOr%2BrbCaCCJE2wMS02ShnQEz6ebW64Hy2eoF3Kl4oAPFhiydb1%2B9Zdh0rCtQOfXtUVokQfT4IXUHvJjFY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4defdbb9407-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/plugins/social-locker/bizpanda/assets/css/theme.secrets.min.css?ver=145

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/plugins/social-locker/bizpanda/assets/css/theme.secrets.min.css?ver=145 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1426
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1dlmpYkbYiOj%2BkLn9PypP7bWL6TRGJeGO2WiHPZS1%2Bbz%2BxtqSpOPfMXgPUXnrkthgvfBUapp7xtJ%2FWL%2FuAFetGUMtXizUzP6roC5q%2Bp8Me64xbAqUGRTQ900rtZHYiA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e01ed89407-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-includes/js/wp-embed.min.js?ver=5.4.2

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-includes/js/wp-embed.min.js?ver=5.4.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:52 GMT
Content-Length: 1585
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUvAygdqt5wJ15g4qHo%2BeKnGVh9XpA9NIhGUxJXbfqZuFaspIHvqEBRJ%2BtFPZGJLs8PS9ilcTj1ZxjPQk2hMvfJMyvQZgXcgfYdHd8bVzk6CUScoTErgtluOoZY4VAY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e1584c9407-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/plugins/post-ratings/assets/jquery.raty.css?ver=3.0

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/plugins/post-ratings/assets/jquery.raty.css?ver=3.0 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1487
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8H6ID3d6p7xLbTQD%2BmPnZ5RlnZKEYSh8b1yV%2FpS87XP1ScHfA0OculRk7ZAicB8YGntgpqX2jX8PkbCrJbbHcrPIX6sjq5gpGWho55wHe2AUjAyD6cEM2DgyI1tOIQ0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4dee8fb7333-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/plugins/secure-copy-content-protection/public/js/secure-copy-content-protection-public.js?ver=2.0.8

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/plugins/secure-copy-content-protection/public/js/secure-copy-content-protection-public.js?ver=2.0.8 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1481
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L389KJf5UYYdzQZNDBavGEweVccTu5deVmYg5iHdBmGFhvg0DO39XYwOxNiD%2FwUePQBRmQ6AjEz423dL4dIk0FVNdDdLrG456rHYI6ocyzszxYMdfo9K6QZZ2FfEudU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e029df7333-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/plugins/post-ratings/js/post-ratings.js?ver=3.0

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/plugins/post-ratings/js/post-ratings.js?ver=3.0 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1452
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CjHbFTaCtXR3LJfE%2F8j2qvGuopBI7%2BB3pQQDp5bYdCwlEP%2FtQSTMvLq42EQkP9jTW3dadJ5pznz34BrGvtc%2BBQZdrDcAlLO3fqeNYGBRwBaqwM5LG6G1ugsvhl9yf0w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e0ba4d7333-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/uploads/2019/01/360-Total-Security-Crack-10.2.0.1251-With-Key-2019-Download-Premium-210x150.png

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/uploads/2019/01/360-Total-Security-Crack-10.2.0.1251-With-Key-2019-Download-Premium-210x150.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:52 GMT
Content-Length: 1449
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3R542nf8bLfrAKxST4Pa%2BXfKhU1KUOkn%2FeUT8KQxOqhwlkvIJZOaB1Tz1KpyPV6AizWl2vR%2Bd%2F27GRgDQGqNfdZme8IUEXt1m3R5dDQSocHF85YGeTJr5JOKMuQJVOg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e1cb0d7333-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1501
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MV5tjMYU%2BQzOcdPPvIckZI7DJJyAdDBGuZSV80fwFirqrxB0gAEi93mgtct0VLj%2BRjoQ%2FteBbXWRCyRKLPe6fIyUQA9gkc%2B8RR13d%2FbMWDPc902v0KdtmaQyNCbTo3Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4df0ded4195-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/themes/schema-lite/style.css?ver=5.4.2

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/themes/schema-lite/style.css?ver=5.4.2 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1544
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRSDpHuMSpzHt8eXVmryP582ggFui%2BUOtolRaAkxa2fI3M95n%2B9kCIvkk4tHS%2Fc9vAUCJ57McsfF6%2FkeTUwgMSw0KUsccTfeyEzBMVLhJsBeX9V88%2BGWKos2Hw0hOCw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e02f014195-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-includes/js/comment-reply.min.js?ver=5.4.2

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-includes/js/comment-reply.min.js?ver=5.4.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:52 GMT
Content-Length: 1457
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X4h57Gyx1Cd2w6%2BuXB5gpOFFuNNue37%2F%2FAEfjv2Uqu6lb5VSQcNLd7vVTy7DnFDkt6qI8DbXC9Qb8sUsNh4d%2Fn5Q%2FeWyafQQjbZ9najA2a54W8V4HJqxrU0q03R7kG8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e148084195-LHR
alt-svc: h3=":443"; ma=86400
DNS

pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

pki.goog

IN A

Response

pki.goog

IN A

216.239.32.29
DNS

pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

pki.goog

IN A

Response

pki.goog

IN A

216.239.32.29
DNS

pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

pki.goog

IN A

Response

pki.goog

IN A

216.239.32.29
DNS

pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

pki.goog

IN A

Response

pki.goog

IN A

216.239.32.29
DNS

pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

pki.goog

IN A

Response

pki.goog

IN A

216.239.32.29
DNS

pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

pki.goog

IN A

Response

pki.goog

IN A

216.239.32.29
DNS

pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

pki.goog

IN A

Response

pki.goog

IN A

216.239.32.29
DNS

pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

pki.goog

IN A

Response

pki.goog

IN A

216.239.32.29
GET

http://pki.goog/gsr1/gsr1.crt

IEXPLORE.EXE

Remote address:

216.239.32.29:80

Request

GET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 30 May 2024 06:23:45 GMT
Expires: Thu, 30 May 2024 07:13:45 GMT
Cache-Control: public, max-age=3000
Age: 725
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
GET

http://pki.goog/gsr1/gsr1.crt

IEXPLORE.EXE

Remote address:

216.239.32.29:80

Request

GET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 30 May 2024 06:05:30 GMT
Expires: Thu, 30 May 2024 06:55:30 GMT
Cache-Control: public, max-age=3000
Age: 1820
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
GET

http://pki.goog/gsr1/gsr1.crt

IEXPLORE.EXE

Remote address:

216.239.32.29:80

Request

GET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 30 May 2024 06:23:45 GMT
Expires: Thu, 30 May 2024 07:13:45 GMT
Cache-Control: public, max-age=3000
Age: 725
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
GET

http://pki.goog/gsr1/gsr1.crt

IEXPLORE.EXE

Remote address:

216.239.32.29:80

Request

GET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 30 May 2024 06:05:30 GMT
Expires: Thu, 30 May 2024 06:55:30 GMT
Cache-Control: public, max-age=3000
Age: 1820
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
GET

http://pki.goog/gsr1/gsr1.crt

IEXPLORE.EXE

Remote address:

216.239.32.29:80

Request

GET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 30 May 2024 06:23:45 GMT
Expires: Thu, 30 May 2024 07:13:45 GMT
Cache-Control: public, max-age=3000
Age: 725
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
GET

http://pki.goog/gsr1/gsr1.crt

IEXPLORE.EXE

Remote address:

216.239.32.29:80

Request

GET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 30 May 2024 06:05:30 GMT
Expires: Thu, 30 May 2024 06:55:30 GMT
Cache-Control: public, max-age=3000
Age: 1820
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
GET

http://pki.goog/gsr1/gsr1.crt

IEXPLORE.EXE

Remote address:

216.239.32.29:80

Request

GET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 30 May 2024 06:05:30 GMT
Expires: Thu, 30 May 2024 06:55:30 GMT
Cache-Control: public, max-age=3000
Age: 1820
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
GET

http://pki.goog/gsr1/gsr1.crt

IEXPLORE.EXE

Remote address:

216.239.32.29:80

Request

GET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 30 May 2024 06:05:30 GMT
Expires: Thu, 30 May 2024 06:55:30 GMT
Cache-Control: public, max-age=3000
Age: 1820
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
DNS

www.microsoft.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
DNS

www.microsoft.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
DNS

www.microsoft.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
DNS

www.microsoft.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
GET

https://ayeshapc.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1500
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FHuv4LhohcOBWUDD1zZHduDawkC8uouPRp4wEIuNvrPsCgLG%2FsmCNd70DNbzdJzSu4djJm%2FN9bFI0BfK87VjmzpIBXgIWfEqcoee2eG%2BY4mTbCueHwIqGvaNfke278%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4df4f7293e8-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1525
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07mrgpYtbGg%2F5W793h5TOilvY3mVhdRHNKXUnT8G1Svpk8e2%2BSEPrELpXgctCwQuEiIivTfJ5Yo1GT0dkRgZs3Mn1Ljycj5PWAf%2BwB0CqRJUoKuyc0DVY05OkaLnvXc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e0587b93e8-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/uploads/2018/12/Bitdefender-Total-Security-2019-Crack-With-Keygen-Download-Key-Code-210x150.jpg

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/uploads/2018/12/Bitdefender-Total-Security-2019-Crack-With-Keygen-Download-Key-Code-210x150.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:52 GMT
Content-Length: 1409
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BC24cuESu7m8qAwv9NWrDq3havZc7c8GAqZVX54Jzw%2Brovx8V0WwJoRLc5hEMAnOx%2FUKfB7%2F9pJjwvW4HsxjtXaPiRqx2aKtSvP%2BwWd6lE5aBXRh%2Bytyb3pRFFhjI6s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e1b9be93e8-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.4.2

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.4.2 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1464
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9eOCWobTvLkZ7GQGUImEVTFJPtr1C8ssI6LaVsL58Zudmdcqmr9Aob0r6SHvzqaIWvLmk9Sk1zIrRkEuwQwTnnCDWwJReQUmpZbWrbqEPDDgf3vy3FTA%2FK2lh2UE%2Bg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4df2dda653c-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/plugins/social-locker/bizpanda/assets/js/lockers.min.js?ver=145

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/plugins/social-locker/bizpanda/assets/js/lockers.min.js?ver=145 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:51 GMT
Content-Length: 1565
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ITrtZeoXkk0VbqDEKJ4lTV3xtFSEBaXeo6ZdwaUMtwre3xbgdcqnQCzttEi5zMCaiNqETqRcL2EWTB%2FVF6yUEZ6TBNtilAsEapf8HprofLyyKWsbZSP4B4LFBzfHt4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e04efb653c-LHR
alt-svc: h3=":443"; ma=86400
GET

https://ayeshapc.com/wp-content/uploads/2019/01/aSc-TimeTables-Crack-2019-Full-With-Key-Download-Windows-Mac.jpg

IEXPLORE.EXE

Remote address:

172.67.199.51:443

Request

GET /wp-content/uploads/2019/01/aSc-TimeTables-Crack-2019-Full-With-Key-Download-Windows-Mac.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ayeshapc.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 30 May 2024 06:35:52 GMT
Content-Length: 1531
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
cf-edge-cache: no-cache
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BN41iAXSHQCtjQgK05tsYokivB6HBtDNtJ%2FDMu3ijMn3ukplqsKENDsmNg6AGB%2B1qhMy1v5V0HS02J90aNVvhhzD9%2BZudjwiZWLF1yc9VAdJZMuvySEpIu9Sg5lUoIE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88bcb4e1580c653c-LHR
alt-svc: h3=":443"; ma=86400
GET

http://www.bing.com/favicon.ico

iexplore.exe

Remote address:

23.62.61.160:80

Request

GET /favicon.ico HTTP/1.1
Accept: */*
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko
Host: www.bing.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Cache-Control: public, max-age=15552000
Content-Length: 4286
Content-Type: image/x-icon
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
X-EventID: 65d4c65a538b4afa839064a00a9b728a
UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-+F5kGRSFPCuHDPk8f7Po0fttTEsC9TyM4t+ZD7xNcas='; base-uri 'self';report-to csp-endpoint
Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: A265F6639C05488182DB1302B90CE8B1 Ref B: BRU30EDGE0617 Ref C: 2024-02-22T08:31:31Z
Date: Thu, 30 May 2024 06:36:00 GMT
Connection: keep-alive
X-CDN-TraceID: 0.9c3d3e17.1717050960.1ad98d7e
DNS

iexplore.exe

Remote address:

23.62.61.160:80

Response

HTTP/1.0 408 Request Time-out

Server: AkamaiGHost
Mime-Version: 1.0
Date: Thu, 30 May 2024 06:36:35 GMT
Content-Type: text/html
Content-Length: 314
Expires: Thu, 30 May 2024 06:36:35 GMT

67.199.248.10:443

bit.ly

tls

IEXPLORE.EXE

721 B
4.1kB
9
8
192.0.76.3:443

https://stats.wp.com/e-202031.js

tls, http

IEXPLORE.EXE

1.2kB
7.6kB
14
14

HTTP Request

GET https://stats.wp.com/e-202031.js

HTTP Response

200
172.67.199.51:443

https://ayeshapc.com/wp-content/uploads/2019/01/aSc-TimeTables-Crack-2019-Full-With-Key-Download-Windows-Mac1-300x213.png

tls, http

IEXPLORE.EXE

2.2kB
12.8kB
16
20

HTTP Request

GET https://ayeshapc.com/wp-content/plugins/secure-copy-content-protection/public/css/secure-copy-content-protection-public.css?ver=2.0.8

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/themes/schema-lite/js/customscripts.js?ver=5.4.2

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/uploads/2019/01/aSc-TimeTables-Crack-2019-Full-With-Key-Download-Windows-Mac1-300x213.png

HTTP Response

200
192.0.76.3:443

stats.wp.com

tls

IEXPLORE.EXE

743 B
4.1kB
10
9
67.199.248.10:443

bit.ly

tls

IEXPLORE.EXE

721 B
4.1kB
9
8
67.199.248.10:443

bit.ly

tls

IEXPLORE.EXE

721 B
4.1kB
9
8
172.67.199.51:443

https://ayeshapc.com/wp-content/uploads/2018/12/Screenshot_2-187x150.png

tls, http

IEXPLORE.EXE

2.0kB
12.7kB
15
20

HTTP Request

GET https://ayeshapc.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/uploads/2018/12/Screenshot_2-187x150.png

HTTP Response

200
172.67.199.51:443

https://ayeshapc.com/wp-content/plugins/post-ratings/assets/jquery.raty.js?ver=3.0

tls, http

IEXPLORE.EXE

2.0kB
12.8kB
15
20

HTTP Request

GET https://ayeshapc.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.6.1

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/plugins/social-locker/bizpanda/assets/css/lockers.min.css?ver=145

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/plugins/post-ratings/assets/jquery.raty.js?ver=3.0

HTTP Response

200
172.67.199.51:443

https://ayeshapc.com/wp-includes/js/wp-embed.min.js?ver=5.4.2

tls, http

IEXPLORE.EXE

2.1kB
12.9kB
17
21

HTTP Request

GET https://ayeshapc.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/plugins/social-locker/bizpanda/assets/css/theme.secrets.min.css?ver=145

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-includes/js/wp-embed.min.js?ver=5.4.2

HTTP Response

200
172.67.199.51:443

https://ayeshapc.com/wp-content/uploads/2019/01/360-Total-Security-Crack-10.2.0.1251-With-Key-2019-Download-Premium-210x150.png

tls, http

IEXPLORE.EXE

2.6kB
15.2kB
18
24

HTTP Request

GET https://ayeshapc.com/wp-content/plugins/post-ratings/assets/jquery.raty.css?ver=3.0

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/plugins/secure-copy-content-protection/public/js/secure-copy-content-protection-public.js?ver=2.0.8

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/plugins/post-ratings/js/post-ratings.js?ver=3.0

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/uploads/2019/01/360-Total-Security-Crack-10.2.0.1251-With-Key-2019-Download-Premium-210x150.png

HTTP Response

200
172.67.199.51:443

https://ayeshapc.com/wp-includes/js/comment-reply.min.js?ver=5.4.2

tls, http

IEXPLORE.EXE

2.0kB
12.9kB
16
20

HTTP Request

GET https://ayeshapc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/themes/schema-lite/style.css?ver=5.4.2

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-includes/js/comment-reply.min.js?ver=5.4.2

HTTP Response

200
216.239.32.29:80

http://pki.goog/gsr1/gsr1.crt

http

IEXPLORE.EXE

351 B
1.8kB
5
4

HTTP Request

GET http://pki.goog/gsr1/gsr1.crt

HTTP Response

200
216.239.32.29:80

http://pki.goog/gsr1/gsr1.crt

http

IEXPLORE.EXE

351 B
1.8kB
5
4

HTTP Request

GET http://pki.goog/gsr1/gsr1.crt

HTTP Response

200
216.239.32.29:80

http://pki.goog/gsr1/gsr1.crt

http

IEXPLORE.EXE

351 B
1.8kB
5
4

HTTP Request

GET http://pki.goog/gsr1/gsr1.crt

HTTP Response

200
216.239.32.29:80

http://pki.goog/gsr1/gsr1.crt

http

IEXPLORE.EXE

351 B
1.8kB
5
4

HTTP Request

GET http://pki.goog/gsr1/gsr1.crt

HTTP Response

200
216.239.32.29:80

http://pki.goog/gsr1/gsr1.crt

http

IEXPLORE.EXE

351 B
1.8kB
5
4

HTTP Request

GET http://pki.goog/gsr1/gsr1.crt

HTTP Response

200
216.239.32.29:80

http://pki.goog/gsr1/gsr1.crt

http

IEXPLORE.EXE

351 B
1.8kB
5
4

HTTP Request

GET http://pki.goog/gsr1/gsr1.crt

HTTP Response

200
216.239.32.29:80

http://pki.goog/gsr1/gsr1.crt

http

IEXPLORE.EXE

351 B
1.8kB
5
4

HTTP Request

GET http://pki.goog/gsr1/gsr1.crt

HTTP Response

200
216.239.32.29:80

http://pki.goog/gsr1/gsr1.crt

http

IEXPLORE.EXE

351 B
1.8kB
5
4

HTTP Request

GET http://pki.goog/gsr1/gsr1.crt

HTTP Response

200
172.67.199.51:443

https://ayeshapc.com/wp-content/uploads/2018/12/Bitdefender-Total-Security-2019-Crack-With-Keygen-Download-Key-Code-210x150.jpg

tls, http

IEXPLORE.EXE

2.1kB
12.8kB
15
20

HTTP Request

GET https://ayeshapc.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/uploads/2018/12/Bitdefender-Total-Security-2019-Crack-With-Keygen-Download-Key-Code-210x150.jpg

HTTP Response

200
172.67.199.51:443

https://ayeshapc.com/wp-content/uploads/2019/01/aSc-TimeTables-Crack-2019-Full-With-Key-Download-Windows-Mac.jpg

tls, http

IEXPLORE.EXE

2.1kB
12.9kB
14
20

HTTP Request

GET https://ayeshapc.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.4.2

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/plugins/social-locker/bizpanda/assets/js/lockers.min.js?ver=145

HTTP Response

200

HTTP Request

GET https://ayeshapc.com/wp-content/uploads/2019/01/aSc-TimeTables-Crack-2019-Full-With-Key-Download-Windows-Mac.jpg

HTTP Response

200
67.199.248.10:443

bit.ly

tls

IEXPLORE.EXE

753 B
4.1kB
9
8
67.199.248.10:443

bit.ly

tls

IEXPLORE.EXE

534 B
379 B
6
5
67.199.248.10:443

bit.ly

tls

IEXPLORE.EXE

707 B
4.1kB
8
8
23.62.61.160:80

http://www.bing.com/favicon.ico

http

iexplore.exe

588 B
5.8kB
8
8

HTTP Request

GET http://www.bing.com/favicon.ico

HTTP Response

200
23.62.61.160:80

www.bing.com

http

iexplore.exe

288 B
694 B
6
4

HTTP Response

408
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.6kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.6kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

779 B
7.6kB
9
12

8.8.8.8:53

ayeshapc.com

dns

IEXPLORE.EXE

58 B
90 B
1
1

DNS Request

ayeshapc.com

DNS Response

172.67.199.51

104.21.68.225
8.8.8.8:53

bit.ly

dns

IEXPLORE.EXE

52 B
84 B
1
1

DNS Request

bit.ly

DNS Response

67.199.248.10

67.199.248.11
8.8.8.8:53

stats.wp.com

dns

IEXPLORE.EXE

58 B
74 B
1
1

DNS Request

stats.wp.com

DNS Response

192.0.76.3
8.8.8.8:53

pki.goog

dns

IEXPLORE.EXE

54 B
70 B
1
1

DNS Request

pki.goog

DNS Response

216.239.32.29
8.8.8.8:53

pki.goog

dns

IEXPLORE.EXE

54 B
70 B
1
1

DNS Request

pki.goog

DNS Response

216.239.32.29
8.8.8.8:53

pki.goog

dns

IEXPLORE.EXE

54 B
70 B
1
1

DNS Request

pki.goog

DNS Response

216.239.32.29
8.8.8.8:53

pki.goog

dns

IEXPLORE.EXE

54 B
70 B
1
1

DNS Request

pki.goog

DNS Response

216.239.32.29
8.8.8.8:53

pki.goog

dns

IEXPLORE.EXE

54 B
70 B
1
1

DNS Request

pki.goog

DNS Response

216.239.32.29
8.8.8.8:53

pki.goog

dns

IEXPLORE.EXE

54 B
70 B
1
1

DNS Request

pki.goog

DNS Response

216.239.32.29
8.8.8.8:53

pki.goog

dns

IEXPLORE.EXE

54 B
70 B
1
1

DNS Request

pki.goog

DNS Response

216.239.32.29
8.8.8.8:53

pki.goog

dns

IEXPLORE.EXE

54 B
70 B
1
1

DNS Request

pki.goog

DNS Response

216.239.32.29
8.8.8.8:53

www.microsoft.com

dns

IEXPLORE.EXE

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

www.microsoft.com

dns

IEXPLORE.EXE

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

www.microsoft.com

dns

IEXPLORE.EXE

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

www.microsoft.com

dns

IEXPLORE.EXE

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
3aad0e0b63ea2e695fc7c66728e66a14

SHA1
7ef347e0f3b8142005a2b58b459aef7efe975955

SHA256
9fdfce09257f87385d6ef10feea5f0d164ecd425ddd10ad0714bf1bc6feb5ef6

SHA512
3cb287ef51c870e2847258ee983b9522aff217336b6b60096a7dd868a3a270bfe2df161e5c17df963ae9cc7c290892da373ec3904f93f8d8ee59e51ff4d16cef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24

Filesize
889B

MD5
3e455215095192e1b75d379fb187298a

SHA1
b1bc968bd4f49d622aa89a81f2150152a41d829c

SHA256
ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99

SHA512
54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

Filesize
724B

MD5
8202a1cd02e7d69597995cabbe881a12

SHA1
8858d9d934b7aa9330ee73de6c476acf19929ff6

SHA256
58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5

SHA512
97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
e5fc143dc9e922f6668a19056214ecf4

SHA1
05d2c77aa850253fb09c69311dfb670440dcd624

SHA256
0d98825cf69400d66b5b1565fb1bcf4498c70c2f455148bbc5d14caaf7170ea6

SHA512
a22b78e8422fa0b3144384d84011cb20ff60314e5592a951863436767b1410ce430ff62e8fb5462dd4bcb02512c003f91fc58a833647fb757f45a73b409a2ac4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
7b1293024731a90ed052816f105d57bb

SHA1
18f9fde5e3d418e1d2b25ae66f46e584b4befc06

SHA256
479cb11daef6b1df4c31625c350a3bebd9188620a2a9275bede8587775541c54

SHA512
ab405c95606e17e45b53d3a7e68aca93f0fd1f78332c7cfbad098233999ef9fdb5f1276e68509c155bb6929f683082decbce4e1cc7c4b073445fabf03aba1765

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bc8444b31c232f3bf5350b8704b88df0

SHA1
232e11c9e7b4f59ee24f49186794d74c2780427c

SHA256
f54362f13f8b3400ac40aabe49673acfb987080bc1941a19592c385c3690183f

SHA512
454eb7c04946f53c4182d2860c7e0d35f7ae3ba5bb016ab51ac97e1b82d715375606cda989df25b57d026466b8e7e5b00beb0b0b86c718f76cf032d6f148e439

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
619f8acaccecb6e684e8ff494e8f3218

SHA1
831236aa063efb7b57ce091c01afc13a411eb89f

SHA256
9fa26c876788115f10f7cfec3b014d9a1ae999889637e430045da6c4b35d09a9

SHA512
488ba8259f1097c0008046f0d88634a7fdf83e719f8ced9c7a5ef192620b349113502297ec5174b7b6083b97f6ef836fa0d91440f7e6b85335c9fb54783984ac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8812257a12a5bdd2caa0e9d65225e4df

SHA1
d8e140ef9edd1d283c9f5e4ea5bca1fa1d2eef83

SHA256
82885925abcaeb05cc7e9a168ece11c6c127ea59267dddaf7ec7157cee7323af

SHA512
eca64aa80d0d69b3980ad9ee1ac84e6659171f7440145f368ed16d7a0c68c105b97f8eac7a477beff925543e348c1d09749c6c2933f28f143ea030862faa96b2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
87cece4c4bf82f5fcdf659ed0b06379a

SHA1
58bfd80828b38a44a8d23d2a7ddb0130fb316321

SHA256
6c68896e8721a8c71d66f415ef336faccc86cbca54d215b77078214bcfbb315f

SHA512
0da160698661c7de12fe1cd30ed7b884d18113fbbd882d18a10971db4d11e51d80984ec02afdf0c0be27b2b9ea3d8db8975d3918a667066b663ea52c4b63d890

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1ccf35a9ac2918795278533c0f826512

SHA1
e28aaa464ea36a3f4bcbfebe364833135f875474

SHA256
d299f2b93e1b136a05e77cbc3916012f40fa64cfff6ccf540ce2c93bf0c616b8

SHA512
be0c18fe1f2e77b36a7e3de623fd4fe56d539926c8c322ce29e799eae75116788e48f6f1c8f6be6a13bbf106d48d7b66bc6697092b538ab55372d5970b1a28b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ad3baf9fda271980cc22ce995a10b13d

SHA1
9f6dbb0bec4dddc23d5ea1947b43c3029ad3d690

SHA256
627515c24ce3e340e57920858873389bf65e4f0a876a6855469e23172aa4b460

SHA512
4013ee242a499041cc628f08db7235c857c3adac90218c753f99ec9867a48fac5049b1f55a11a63f318631f8cce4bb5021a83605c274c2d99c0b1f70c3b33627

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d0990af3097fcbc400b142ae21025052

SHA1
56209ef0a389dc72dd3df010323ff8292e33425a

SHA256
2c893a9835467a0dd7b4629989b4c35794ba468369b148c1183c431b03896377

SHA512
8144b20b27849cff0562446833a94da478c8fe04a196bdcbb4ecfc420ae09c12eeaa05b684136276699ae91a98f1d77cc1b989fd5116d931c7f0fc0ca8aaf0d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9e9e4c996aa38f04b90ab6a8a2db0581

SHA1
ed8deeb30999abe7798e7a41bd3c8136bf6599e9

SHA256
faa11a163c1305851f643b74945b390d7a0bc54eccf41e4b59acf84bf8eaf27e

SHA512
7df098e3e3d048c6a6dbf1bb937a813040b33bf1351cba438e3e4a1c06a7c9738c86aec69973bc74dd429c228e5cb087b99572a87b5cc6151590bbeb4bdcdcda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
09c7e27c05437ac014eb2089623edd52

SHA1
5e223d7b9afdca9fa49e7e11a27699fecf049919

SHA256
1b3da19f51d2a55f1ae87b05d1a4579fe3aa4cb53016098e2ada067adb1e6460

SHA512
c437fb4762770db84024d459ce3188206ed75a5d074448d1d3eeec5e25fa1d75f2637e3662146187b23e810529b92bb3206c3b2bdcd0812518ccc2d2faab0600

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
05fd0e37ac25b80fc5ab436522e0cfe4

SHA1
b454a29d6fc91988609dc81148fbf37be97816b2

SHA256
2d0eb4267b038782d47ddef7affb51c770f43d6e526a28c21859558f6fb9dac6

SHA512
370a7c17695bd85538419508925e23f92670cc5d19c582a7afb2fc6f8627c0da1414c4de395fb5cf50de9ad2a4c2a5223f977b3518574386d5ca91637de8763f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1afa1b0196d9448a974b40b69c58558c

SHA1
b9b6b361b8b02b37313814f1c1812fe1827a3cc5

SHA256
a7fe5c48a51733bc98374e5985affcb956a1636b41d2a230c51d18466af43395

SHA512
47bfd0c1894411ab362bf0eaf9fb5335460cc775e66ec0f20b0937c16e497dea486cbd7111b27e7b6b773728f85bdadeab1ab012715e87d5bd6b01d7ad9fff18

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bb0d3f28a62f228bcd7a30011d3aa8ae

SHA1
39675dfccd6301d09e78e9a15d015706c481b54d

SHA256
17bead97b4c00a5e1dfa95b4a5ac301bc38562891e0598eb75912f57e79f3079

SHA512
cc5ad64b1445f7d973311fcf1f87f66fad237e25d30ea23eefffef10af921d92b778b3c51ea80d7ac7ec10b15dfe562d5c28b8b06135edd9fb2ac6ae73cfa3f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
60f6e572f373cce19de41a10214ff5f3

SHA1
c06a21b3f4460f2109c3737ff6ed3f698f66b022

SHA256
2151004ade79aeeade4a3aee99df527f23ac561565b7b014cdfab3623ae4b4a5

SHA512
db852520ffefa5310ae470b934eb19e2f5b32031f24de1c6c1ed75fbbdc360bc0dc7cd75d62373a2d11d3ce944576a4ef54879de83212ca51fcdacd0165673e5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4d4601e2ec0e027dd04caebf6f6e11df

SHA1
773b9784ff86f9b19d44749b98ad454fafc474ac

SHA256
496461a41a3c92f160a0c83d078e173927e57f1733576fae5d16c158654c3dab

SHA512
fea8da3461bb6ea9dffdd5b5254bc6d3db9fc74d6d2e2a1b5449c4f20022615f39698faddcc5f0025d06496d10ce4088d37259cd7c409c11b2ccf48cb7ca2732

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b0ff237fa0dc1be9014f7211123e1e83

SHA1
27c47fd801e5b5341059ea24c921e173f3901480

SHA256
1afa01b6037984794f4864cf85786b612632a3b3b7385c827232e77daa1f9d05

SHA512
f66841f97ac3617bea98d70520d7cfb4a09beb80966d1f667e31c851972d6fd70fc87405c34a964e95e7a621b610556b50f82d204e52ffb61e024e44bcd7f6f3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
92bee35bfd0d60694d852dd6a1a0e51b

SHA1
949bc1dc90e3de5cb0615df8d999ea193453c97d

SHA256
d6e6491171517e59801ca902cbcd09b57ccf1e5e26cd4c0b6c5587c18f8f2b49

SHA512
2a5dfa860441a513f99d4573209a723534b948e44455eb424546637e79cbc80f3b29c6dcff7867d555041939a37d1adb10e5f8c616dbc6480be077175b058010

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a3b90f11a7e19c70081a6e5f27b1eb73

SHA1
21874769e159d0036faec49f8769c195c8877ed8

SHA256
8d3754e788d2b11e99165ca42648fbbcdb4320e0ef3ad39223bbc4e6d5606b86

SHA512
5aee1a11ffd43de7eb0992a08dc85cc93f6d75ac8da542486fad76065847c73cb316538664e5aac8e910db2bbed632c8ba8e2377f0c45162146197a51dfbddd9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7428a56fde4dcd1fc9790e6d003d3d1d

SHA1
f6369823756abd40f113beff78e7d34675877c16

SHA256
c353d42e086421fa77dac83191d36a521e5920627dd6978936e850406a24e915

SHA512
9d224d259962147acc8087d05e768b7666c589b66d0911da7c5121a5ee91661ef2ba8deff9d1c1e1842a1c46be12b42174e323d164aff572b640cb0c53cf0ae1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
dd2e0a44dfc7f776f5969f8327e90268

SHA1
1dc872ba3f6f6c3bd6362629d9a5df7efe4cd05a

SHA256
a258a19e680fe3bf926c7b2fb3d4bb1d2170e4a194e62e5f546c4b95ab00fde1

SHA512
da12ef51f6d3e461c6aae62b8e1345200ac2590131463cd4d2cd442762b0fc9b3d57ca92072336e210f896959643cf9e25227f1e5e975c88170bbe3551e47a74

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7bd3d20359eb4e928bdec0481b709d08

SHA1
bcba911fa8a768e440528806e31feea42b8030e7

SHA256
babf7e90c20143e96179ab920f6e89e557939b7abc2eaa0785ef7ed09543306e

SHA512
78b834dcbb75446ef3b6dd73abcf9086b352b04d0ac41b230131e3c4fb282277fcd00650965d5c769232bfe0e9502296afd0d3ff7a0b541a3689d2040f8ace22

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9882fc0a591f2d2c0797dde005cacac5

SHA1
82cc810cad52395a41dd4f2ae8c978a8e0368dde

SHA256
51d3200a87b27e5ce045bf2ac2f1938e7c472c9bb37fb2b33d5757711877aa1e

SHA512
5c4c9d9feca015541df50356b2ae535ddf73131f972e10e3390b1ae1a75491506185f918daa6dfe6d5193b1c3af1a89b4ab7a84dcec31162aab73b3b788a7efb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
760eafed23d9633cbb16645f54527cbf

SHA1
d1c54854a89d4d7c2934cc65ad12852754aa4cf1

SHA256
ee6f3a216ea11df2643e85a2462765eedf152937b26b8ab597d37e554937c1f8

SHA512
3386c53cb32c33207d311a6b4f2185d7445b556f44011dc7041f898dc4e3e60d11ce71b0e521e45b4018c9b9de9bc107da138ffb2f3a0d5208cf4792e74faf11

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d4138f112b89e5f9bc016b5f08df8b91

SHA1
f76f00b9ab7862f7573ce13bbd5cc50fb5092c10

SHA256
54614d3b869350506b2ad9a5e865e99533ff7d0af484b6197de4cc8191a491aa

SHA512
7664db48c936641f0c315145b48100da5e98effee8e0ab7fbf45575b68a4d8de55df932569a52b1ca158521c276b3de1f026e6f2e7a4a40769eb503f2d1a2b00

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
74c094ed1461d2ce45140a89532abadf

SHA1
e76b43acf78faf7adc90a747471bed7c77f77091

SHA256
fe14b92682b2881a42304b3bc489b1ec067a5843a6c8c518c7ff0f0988262ba6

SHA512
4df09677800eb7f71d4bbb0ef1eff6b67f7eacb77e56c45de6b1850e9a7a4a241f723f7c7ec960538310fe22d7cf5c3f85245edd18b21566e062835129a442a8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2c5a03df6874f8ad543953cbb420dea3

SHA1
f2e7588fbbb8025c62adde4aea816a73cfc5d01a

SHA256
ef4eac1f93696500c702d759336970848a5d9f6cd18b44be56b4ee06e3de73f2

SHA512
c856b03799485b6bcba4bd3ff124f7cd13d05fa7585f543ea459e7cef78353ae726d39d1f8afdb5c45dadbafd2f6a9f98033aa4ac35de600233caf4025bc788a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
282f778858d15dc997e1e6d6cac31601

SHA1
a67927e0c06cdd18b74eb47e973db4ca846dc7e0

SHA256
31bc760bf36ff01c733ebf3a57ec42b00f9255343bae7ae7e98f4a6a91dd9017

SHA512
d1531c61825a8c6ba4ba61a198bbdb2b7ab4a43ea0c4d54d30c0d422eb2187b0139fb62b55652ebfa5b77518b89bc3a11821ff3f25c0858678393c49d3c438c4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
64c6eccfc85ab52e1ed486321c056d83

SHA1
cb88fe1ad8829e50e54c99c493cb3b3b9f20c486

SHA256
8266024c608a6d335f0006719cdfea2897bd689b91d1d231eb7126f6ee86de01

SHA512
e25f1e52adcf4e927fddc1a2824cd6d5813982a6d2e410514057b10d05b356690143c253bd0342006769f5879af834ae92b093c04949aa68fc11b3835300147d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
541a40edb203ab2a53203f84e5577ce9

SHA1
0cf326b08c4310b5bf52add94ac8766bb0cbd8b6

SHA256
77b3b00f0c252048d5747158bb7774464197545471552083ed47a007ae010d68

SHA512
62245b8dc431a1de6f769160d6a38ddc5f9de32b5d0ed46efee700e45e2f1deb2fe8377b83c1faac2ee61f83fbf0a5d06253bdf493d59c1afcf5809143277410

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9580ebf4cace17c2d098e7df33401a18

SHA1
4161e208cb36669bcb1cbf1d9bde2bf6e7198f87

SHA256
9fa1b5235273d9815e03e5cc9ddef31eaa6a6e7cd16926f2ef72620c8ccce857

SHA512
24aeff63e09b9704f1bf3e4a8191579ea05b0780253a5071ca31d57ad60b8ae86b75b094846e5246cc499bf52aed97c5e3dea0b50d7948552e88817ac4dfa926

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a772833a2915f6c3fb4bc35acd17822f

SHA1
f1ed52c50f870266e8c1891add1b19503557c170

SHA256
b8dad788a2f0ee0ed10fe06e1a17c81eebce0a6c63bdc43a2353fbba576eadc1

SHA512
d5daf8aa1a1c38b9d9b7d433ae461570a55b21cc89420be31eb3012b990d387cb8444b62d5b1cbad5237eed83bbd141925d8e2ce4b4811b85efe415907a35cd0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4bed9dca8670c454b55489c4642cdb89

SHA1
abd4fb9558f147749972b0cf37f089c5bdfc3b18

SHA256
a2243f2b1d19a58f1b423b34691fbd82818d0e5d9aa1240b5e3651c13c1edd41

SHA512
dac08ae08a7b029127a662e5347ef9644e26e204e902572e2ba0408c670a39499d32a1b83a18477e05cff1821fd1e8a1fee0369a2a3b8b24cc6924fd777bd816

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
18a7d120e2c8c897be8981e2ede3923f

SHA1
ca3a045c15e169e6ce547141c3e474b6818d56ca

SHA256
762abb61e05bd2294a740dbd2a6cffdbd252a217a6bea669398606f6b9c3709d

SHA512
58197f2ffdd7fa2fdc3b66636ff4bbb9f27e9cb594026633b953148fe9a528956ad195f826e5a11351990b0d2924f0e8db84778d3b49f2b9d019e9d3588e09a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
74e9d39e5e063700bd81a7f47fc4364d

SHA1
87f2e855e02075790fdfec282aad24d16da03137

SHA256
0f837ea3453cc35b61a866ce3b4937bd69aabee50dc623dccad744afaf4f146e

SHA512
be795b634c8d613dc1fd22c85da53690fc9f9e308c598a346f8bc73492282f26fa0a9b3e1f204be6b2dfd9bc0d3ae2497fc874fd5dea5a82def63af0d1ca3342

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
35389d4d92309aad2c19f97eda8104dc

SHA1
6e6a017b76ffa734e862f88106d56aebe653367e

SHA256
76bbef123205a73e03805b5eaf666d6a7e550b000f7b8871a613789cc90b4056

SHA512
2ff749e794de038e88509998547c45cccea76cae10a7b3b898327fe0cd20598215525394910e1dfa3ec69041efa919219ed23076fa6a60a19e8bd64d2f15373a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
017827bce34cf30e51d7a2a96105698e

SHA1
e00370750d687d4361f56264068a6111ae1ae721

SHA256
ef5ee23987bd85f5ec898c2ff92beaf7209606ff911c32cac188567b18430706

SHA512
5d48c53322951b0a3153d3e78546e0e279072bfb06cf52c58d9d4184b991459d6d3a6ebb2ee913fafe0d0c828caebe7bd2b35f0cfb1fb835bb4efab298eed0fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
92196b661017c8065628c84afcb6a796

SHA1
4bb6c0857fec195a46c0580ec95cb12862dd4157

SHA256
0430077041fd84c1b69354dec588dd05fde33268b083af864cf98fc59b6bf0af

SHA512
dec2be84c79e8017d5ec0be456f373ee333b3c0ad1efe8d77c12aeec43d3fffb516e2d9fc1a128d53333f4f0550db653f3912f6f615f433293de3c7119abf2b3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
88da008aa3cd48f66cddba7c090cca27

SHA1
324a24f91dfc333fe1a99900d11bc4f078916f0f

SHA256
64a2e69fa49293adaaa1e690928d4c51538b960a700883e49d355b1337e3109b

SHA512
2ba9165824f144ce12e21ba98f08c7d385cdcc6734648d8ef44dbf3a0646ad0ac2da4c5e4b8f3ee42854354803f58b30e705ca158a0417ee09892d66a2c9cdc3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
cbd20e7196f7eb8db83fa2682103c268

SHA1
364c347f5857de7987d8051c2d1b1dee7986c56f

SHA256
87a9a2ad86955b107ada6fac09f2453b272963a50546a47191cb2138f3d3f0ba

SHA512
29e686bb1ea4038be8d294449ffa7f3a12928d7d3d5ddf1a7a8e452432c3c8fb3a0da4cc8a442433f245371ab7b78e067e098b10a6b60457520e588030b7b7e6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
46b22ab6804ef35caeb8972e568ecc72

SHA1
63bccae2c973e0811a56dcbb2647443d653771f8

SHA256
97d14e8eb39db23c69b99f4587bdb19523e009411aa8edf6f5a946fc888037b7

SHA512
ed07d146ea0ee2845677ff257d15153117f801b319f54bf649ef6b3d3586858f3df0fd9fcb581d3e290742811c937946a340c03ba78d96f385de08bf37237660

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
e86b924a01bf659618c3d14edb0eaef2

SHA1
95852742fb84f6fa73158fbdeaac071f4fdf8f34

SHA256
d67ebd7b24bf5ecceedb5817f2007343814b8cf885d119dbf5072ded2b9a1c72

SHA512
91a26b522b71389587a0b10fd7b115961f65cd962efc4f7b7e83a711ca3146d8b9d675c6bdaa43ac8591e4844c79b100f7088aebc91197e9a1c8f13ec69292d0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

Filesize
4KB

MD5
da597791be3b6e732f0bc8b20e38ee62

SHA1
1125c45d285c360542027d7554a5c442288974de

SHA256
5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

SHA512
d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab30D.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar321.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

DNS Request

DNS Response