Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

9e463bba26...8.html

windows7-x64

1

9e463bba26...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/06/2024, 13:06 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9e463bba2645df781b3099fd97851f5b_JaffaCakes118.html

  • Size

    36KB

  • MD5

    9e463bba2645df781b3099fd97851f5b

  • SHA1

    c0914bd00cd26f5b532c66ddc796d750dca3a96c

  • SHA256

    5333205a20a92692c0e791691746d1bf65840a1e7038fc4609b1f5778ad16ab3

  • SHA512

    80ee617b7428c26667f2703ee0936b9fbe3914d42131ee800099bd3f9604c92b046e337cd065768c01213fc4856ebd00762a0f7b5e7d2b740f7a65be282a50bb

  • SSDEEP

    768:zwx/MDTHBZ88hAR1ZPXME1XnXrFLxNLlDNoPqkPTHlnkM3Gr6ThZOg6f9U56lLRj:Q/LbJxNVNufSM/P86K

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9e463bba2645df781b3099fd97851f5b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2532

Network

  • flag-us
    DNS
    coinhive.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    coinhive.com
    IN A
    Response
    coinhive.com
    IN A
    104.21.57.186
    coinhive.com
    IN A
    172.67.165.117
  • flag-us
    DNS
    saltworld.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    saltworld.net
    IN A
    Response
    saltworld.net
    IN A
    104.21.11.155
    saltworld.net
    IN A
    172.67.166.97
  • flag-us
    DNS
    www.gravatar.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.gravatar.com
    IN A
    Response
    www.gravatar.com
    IN A
    192.0.73.2
  • flag-us
    GET
    http://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:80
    Request
    GET /avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Tue, 11 Jun 2024 13:06:52 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
  • flag-us
    GET
    http://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:80
    Request
    GET /avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Tue, 11 Jun 2024 13:06:52 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
  • flag-us
    GET
    https://coinhive.com/lib/coinhive.min.js
    IEXPLORE.EXE
    Remote address:
    104.21.57.186:443
    Request
    GET /lib/coinhive.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: coinhive.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: application/x-javascript
    Content-Length: 1115
    Connection: keep-alive
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Content-Encoding: gzip
    ETag: "806233d282cfd71:0"
    Last-Modified: Tue, 02 Nov 2021 00:44:41 GMT
    Set-Cookie: ARRAffinity=467bfcea8c5a083dbbc88b4c64fe4e95280c84e9025fb0da4be6181f0f0f6d2f;Path=/;HttpOnly;Secure;Domain=coinhive.com
    Set-Cookie: ARRAffinitySameSite=467bfcea8c5a083dbbc88b4c64fe4e95280c84e9025fb0da4be6181f0f0f6d2f;Path=/;HttpOnly;SameSite=None;Secure;Domain=coinhive.com
    Vary: Accept-Encoding
    X-Powered-By: ASP.NET
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRAgH7182yTS8m1qopTel9QWCOrhB%2FAGb30K1nseR2kxirF2EGn8FKr1ee7ge%2F9%2BXDXkIFzj%2BhGqqrsy1lk37TwDCBpYI7yrn4wW2AhVbhiVW3vef%2ByTihBHTT25t7U%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 8921d22b59a60672-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V03tD8hiDGjIzNIioDEvX8joyQe8eQjXRMr9k6dLrxXpGvErG%2FB165JqyZz0bR5LHbZnTipNFxaXp7i1h37XkhQEtLTFZnFKDDYXctdNMsMKpYMvpnG1JWOtLCVo58Y5"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d2291e4e24b5-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/style_images/master/feed.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/style_images/master/feed.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/style_images/master/feed.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ji6bSRv6Bmc4aknj9KVCAQMGqk%2B3p1SgftTYNT%2F%2BuQhKzFJEaL3A5kf93eA7AkPb2cdS3ihHiDoEdw4Rs%2FedeTwPyAkGbSu3O3QovhPjuyvw3Ja5dc34XeWPb%2BobT873"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d229bef324b5-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:80
    Request
    GET /avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Tue, 11 Jun 2024 13:06:52 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
  • flag-us
    GET
    http://saltworld.net/forums/public/style_images/master/useropts_arrow.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/style_images/master/useropts_arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/style_images/master/useropts_arrow.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoMc7DheNVRJDZ9J5Nky6rORihP55eZxjsGkeAflbJ1IvIyQV66MhRyGXdp5DsWWJ8T1RB3JtkW7XV1VeLBGVL40X6okiG3ubbH25qNyMlVxInOYv1gkRX1xSHZ3Yuub"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d229180060f7-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/style_images/master/f_icon_read.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/style_images/master/f_icon_read.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/style_images/master/f_icon_read.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HN7VTZfh52eU0Om1rdZd1s8w%2FiqOmicIUdyisRf4jUtBnvXkBrJzDKGU6lhnBvACHGmV9MrtACfKs5kfMpg5EIv%2BZByKmOpjBK07%2BWbyJRsrUDrCl3xW4qHpOdX5Nx33"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d2291ba84084-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqEVzwski7hr78ggZRuRKy5BoUsTO51VTKeK%2FNvcyd7563b5atY97QfJX4WBujTPwHXFLfw7%2Fy3%2BCuOmbOJje7BE%2F7suY3cdal2sZy2DHMjlqiEO%2BDuJ%2Fe8L%2F9EZmCSL"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d2291c7d3859-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/uploads/profile/photo-44563.gif?_r=1448768805 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2B9HWOaAX62UMMvWE7tmi58%2BLsgXah%2FgrTmogrghVnZiisE7jdCEaZXsI%2BH9x5oFOxTqTPYPMn3KbsLr1Dg07g%2BEwQayJEHE9pi6g154JlFjYJeQZU0TN9zcW90or%2F6H"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d2299d643859-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zKjBlFAs7U5V%2FHmsFO9pDKPaVyEPLSVUS%2FSZXzcWqKcJnnIS6RUodcSAIEu5T4bzRp3TVZSb2SrTQiZjb5%2FkLRfkq63Sj28I2uUMxD2xAHWWfCiYlNDqJ%2B5irSa4OhD"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 8921d2291ba423bd-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/style_images/master/top.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/style_images/master/top.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/style_images/master/top.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BR7%2FPFxRHDNscCelQNAEQSSmj84nWeWGlrQ7fm3p3RrbvGV9Eli5wTj3DOoV2u5pQj83331vUN29sdyt6CGfu7zcZAUeUI2GvM7t6FTSg%2BT9udZ245NO4oNlgonH9M8d"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d229bc6623bd-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:80
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WxGPFb%2BXfdS0i2fJEJme1AcclP03NA3eitzPe8IWwNmKUYdhE8dX4OpOXluv1NNPsLmAaNnekzLdBb4qe2JiZ6tu8HcMBbisVIPFaePs8W36Jr3jZ0V41247NZDUNT8p"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 8921d229182d9523-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:443
    Request
    GET /avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Server: nginx
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 0
    Connection: keep-alive
    Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
    Link: <https://gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png>; rel="canonical"
    X-Redirect-By: WordPress
    Location: http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    Expires: Tue, 11 Jun 2024 13:11:53 GMT
    Cache-Control: max-age=300
    X-nc: HIT lhr 1
    Alt-Svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:443
    Request
    GET /avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Server: nginx
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 0
    Connection: keep-alive
    Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
    Link: <https://gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png>; rel="canonical"
    X-Redirect-By: WordPress
    Location: http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    Expires: Tue, 11 Jun 2024 13:11:53 GMT
    Cache-Control: max-age=300
    X-nc: HIT lhr 1
    Alt-Svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.73.2:443
    Request
    GET /avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.gravatar.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: image/png
    Content-Length: 22655
    Connection: keep-alive
    Last-Modified: Tue, 22 Sep 2020 02:57:25 GMT
    Link: <https://gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png>; rel="canonical"
    Content-Disposition: inline; filename="6ab9cf9740f754d0565ec0f4b1250e8e.png"
    Access-Control-Allow-Origin: *
    Expires: Tue, 11 Jun 2024 13:11:53 GMT
    Cache-Control: max-age=300
    X-nc: HIT lhr 4
    Alt-Svc: h3=":443"; ma=86400
    Accept-Ranges: bytes
  • flag-us
    GET
    https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:54 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEp2Bo6gpEpIyxH%2BBSkBQTaeaild65BKFzPkP34xHrKJYCmM3dOB%2BJuNrDnms5WhaFKz8M7LW0fMUDUNQTBiRvMHsjin2dbQG8Ko3KUKVH2icS6qlHI9FQpBgQjvMjz7"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22bcc049412-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZR6Zqrw1PuzoUu8rAJzmNLQ3YjHaQI51Ru6O2Mko5BSI0GmLtlJwZmNC1bprTZvPPvip6sF0jwaJC3FW1N4Z6Bjthdij1YjdTKFYnXw2aMqP5bmkeCEEv7pvVScuE8ZQ"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 8921d22b7ba19412-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8tSzgE5iaTgdmJvJ93dyLUWc3cJVEu8ujFqHYI97SqlPcGW9VqjKbKQ%2B6NQvnpv6eYgkze9N3PX81ajSJrEauk62%2FxrSlpFrCz%2F299VxTwPvj2dUDsK30ALwEXC8tXg"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22b69466442-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/uploads/profile/photo-44563.gif?_r=1448768805 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMJ5YKujSyUE3QMNQFIZAc0OsxCj0McYEZ6bhqtyiLEbXUn1PIrcFEct0ennOY64EDb5wESQ6hMcREH4bz0iwCJP7TRr4XhiKURgGh3HpE6OifjuYqWA4%2BkwYrWJAx4w"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22be9d36442-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/style_images/master/f_icon_read.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/style_images/master/f_icon_read.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/style_images/master/f_icon_read.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LNLT2oZbcMrD8ImsTmcQzGpD1D95XewTA9dvwl50aNIxaitWxiuDiMf4dyjLsAPqSigB8Q5jjIeUlrGHgMt0CYOUGfonG2FpvgNdY0wGtt35hULXzH85%2FxAgWW%2BYU7Pm"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22b59636534-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/style_images/master/feed.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/style_images/master/feed.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/style_images/master/feed.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGH9601hrAbZwEf3CgPddpSQWj2ptUL2uq%2FTMg9Dbo%2FUqsPTc7mr2l35XYbBkeHc3MMTnWKDDy93F%2FheZvU5GbVOw8CWpEOSWuTPUE5Gh9euJiPTyMtZ60xKYj9yVQEn"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22bea3d6534-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jocHLvdh0KpVC%2B1CunTa1dKUd0Y6x387CzvWHRirn%2BhE3HXe7C4SFg3PfSkY3%2FDClz0Z7qD2%2B4Nx5JBlAeP%2Fmq%2FQ7z2vEVQhMjNjhv6Y%2B2peJO6K66mz6QzSM96U2GmC"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 8921d22b6bdf63e4-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/style_images/master/useropts_arrow.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/style_images/master/useropts_arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/style_images/master/useropts_arrow.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BwQtjkmd7rnyQAPUvWjE8sF1lbChnYT14q5OrFLCCzncaHYQG6GdYuGtknWBaqRVFcpnSVnaLR4pA3V4%2Bw9nN25RJctBpfy8gylCZiAWpAxCD5xxQNRIvczeJv%2FouYhM"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22b5d5460ed-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://saltworld.net/forums/public/style_images/master/top.png
    IEXPLORE.EXE
    Remote address:
    104.21.11.155:443
    Request
    GET /forums/public/style_images/master/top.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: saltworld.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Location: https://gamingw.net/forums/public/style_images/master/top.png
    CF-Cache-Status: BYPASS
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aFrPLFm3qN2tEFjcbEVa7rYdwZCjti%2F5L%2FCCbXD5cz%2Bqg%2B8WNAzZtq%2FK55p683S8%2FS0V%2F9XYlKHBnZS1X%2FcrUxgN%2Bygds6dHLJ71TwWTFqW0RhyldRj%2FwV0uHiVMVLlU"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22bee1960ed-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    gamingw.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    gamingw.net
    IN A
    Response
    gamingw.net
    IN A
    104.21.65.85
    gamingw.net
    IN A
    172.67.160.162
  • flag-us
    GET
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 11 Jun 2024 13:06:54 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKoBVDKq6hImj%2B74WGrrwq1S1Vp7NzNbOyA%2F7GbqCBeM1bD3X6wjBnHtpIbS7P1b%2Bphu9VZrkmwTaviIdgxiNRP0nk62g7pJEG5Thp9NkHYxXM5brCfuO7vQM4DRoA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22d4c9f77b2-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 11 Jun 2024 13:06:55 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SZxTfIkVwbuy4NTVryq1ySlhA1hfMGQtXuKHOes2SBijU9SLIpZN8RaYZuucbzLkjUTWenTne97WMDOQCcfcqwLgSnCgyM2%2FUCFmOj51UBoiAaI6%2BQzBJIQR4C2a4A%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 8921d22d5a3d93e9-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/style_images/master/f_icon_read.png
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/style_images/master/f_icon_read.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8daajsih8cBAvmiK4J8IlGKzLbMjeaSpQHSXUAhylsbblJfDxfvPHZFI%2F6SFbFsf7OmdvHwT%2FzHEFfwLZJYdmWH8pLYwfSsVM7nE6WqAcT%2BbXCbkJO1e8fiaxc68OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22d498a635b-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/style_images/master/feed.png
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/style_images/master/feed.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MpOmiPqc9hcOyT0I8rnLDQxOkTqh4Crm0kCAjzD46EGt5ZpWMRitNXoNnzmPh35kfIIyYtYbD29Qwx51y4bK%2BkDEPS%2BDO9tsKkGPhcUmbZbwgfRU4cdu58gv8WMSLw%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22dda86635b-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 11 Jun 2024 13:06:55 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojpaNxlvGpFQmdZGIdqaFSA6%2F%2FZxZRin3%2F0soNTptbnJ9xhIrHTdiUpNRWESotkFntzxlGyo2b78F10vuqWbYCU7tbb0uPqzTlzhgyceQbCekeVmaHBBNJYROvRiPA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d2300dc6635b-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/style_images/master/useropts_arrow.png
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/style_images/master/useropts_arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g4C2AtEvsgO7AQRvh6ilwKvWh2GP%2Fj90bbQtOmc%2BCIR%2BFogNOTguv1bCfOhe0bB1bHkCWAWg2%2ByElWjgrGYu0oDo0bqWdnd%2BlsyWi34TgI5kuIRXwebLhnOMcE0fgA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22d488e640a-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 11 Jun 2024 13:06:55 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KReC865olaXh1pnBt5R4Pb8rNgFiipL5DHy%2FiJs8%2FFIet7MsG2aPPiZAFFGku0FTZ%2F4aJbRc3GFwW%2F8HUn7Ax4EkIzK50%2FUFawSg1hBhgYTUX2ft9kEtPZeabKr%2BnA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 8921d22dc930640a-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/uploads/profile/photo-44563.gif?_r=1448768805 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 11 Jun 2024 13:06:55 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: EXPIRED
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyNtFTDDqx9svT9biZU4ETvSkDvtAW38rO9jp8kdUOWuujvwhFLbaMRIxQjMBNkAQh3htv2aQ5AwgRRumWkfgn2jkiGVJ2RUeUPmmX0sCqlAZ%2FliJwmO%2FzO3S9J3rg%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22d6c78944f-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://gamingw.net/forums/public/style_images/master/top.png
    IEXPLORE.EXE
    Remote address:
    104.21.65.85:443
    Request
    GET /forums/public/style_images/master/top.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: gamingw.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Tue, 11 Jun 2024 13:06:54 GMT
    Content-Type: text/html; charset=iso-8859-1
    Transfer-Encoding: chunked
    Connection: keep-alive
    Cache-Control: max-age=14400
    CF-Cache-Status: EXPIRED
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xjsAyioxtlrKw2Q7Q%2Bc3eEOkMrZCuDuc3Awieok%2BTYQKfkgSBkhkdgajkbG%2BHwX7%2BKFk9oUIq8MLa0%2FURk2U6EY2FFeQNSo1%2BcBku%2FdrhCHn9gX%2FBrBjgtQ7NbyByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8921d22d485a63a0-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    i1.wp.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    i1.wp.com
    IN A
    Response
    i1.wp.com
    IN A
    192.0.77.2
  • flag-us
    GET
    http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.77.2:80
    Request
    GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i1.wp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 File Not Found
    Server: nginx
    Date: Tue, 11 Jun 2024 13:06:56 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-nc: EXPIRED lhr 7
    Alt-Svc: h3=":443"; ma=86400
  • flag-us
    GET
    http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    IEXPLORE.EXE
    Remote address:
    192.0.77.2:80
    Request
    GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i1.wp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 File Not Found
    Server: nginx
    Date: Tue, 11 Jun 2024 13:06:53 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-nc: UPDATING lhr 7
    Alt-Svc: h3=":443"; ma=86400
  • flag-gb
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    216.58.213.14:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 17168
    Date: Tue, 11 Jun 2024 11:26:16 GMT
    Expires: Tue, 11 Jun 2024 13:26:16 GMT
    Cache-Control: public, max-age=7200
    Age: 6039
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    104.90.25.175
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    104.90.25.175
  • 192.0.73.2:80
    http://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    http
    IEXPLORE.EXE
    686 B
     713 B
     6
    5

    HTTP Request

    GET http://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    301
  • 192.0.73.2:80
    http://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    http
    IEXPLORE.EXE
    686 B
     713 B
     6
    5

    HTTP Request

    GET http://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    301
  • 104.21.57.186:443
    https://coinhive.com/lib/coinhive.min.js
    tls, http
    IEXPLORE.EXE
    1.2kB
     8.0kB
     12
    12

    HTTP Request

    GET https://coinhive.com/lib/coinhive.min.js

    HTTP Response

    200
  • 104.21.11.155:80
    http://saltworld.net/forums/public/style_images/master/feed.png
    http
    IEXPLORE.EXE
    1.1kB
     2.8kB
     8
    9

    HTTP Request

    GET http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css

    HTTP Response

    302

    HTTP Request

    GET http://saltworld.net/forums/public/style_images/master/feed.png

    HTTP Response

    302
  • 192.0.73.2:80
    http://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    http
    IEXPLORE.EXE
    686 B
     713 B
     6
    5

    HTTP Request

    GET http://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    301
  • 104.21.11.155:80
    http://saltworld.net/forums/public/style_images/master/useropts_arrow.png
    http
    IEXPLORE.EXE
    589 B
     1.2kB
     6
    5

    HTTP Request

    GET http://saltworld.net/forums/public/style_images/master/useropts_arrow.png

    HTTP Response

    302
  • 104.21.11.155:80
    http://saltworld.net/forums/public/style_images/master/f_icon_read.png
    http
    IEXPLORE.EXE
    586 B
     1.2kB
     6
    5

    HTTP Request

    GET http://saltworld.net/forums/public/style_images/master/f_icon_read.png

    HTTP Response

    302
  • 104.21.11.155:80
    http://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    http
    IEXPLORE.EXE
    1.1kB
     2.7kB
     8
    8

    HTTP Request

    GET http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js

    HTTP Response

    302

    HTTP Request

    GET http://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805

    HTTP Response

    302
  • 104.21.11.155:80
    http://saltworld.net/forums/public/style_images/master/top.png
    http
    IEXPLORE.EXE
    1.0kB
     2.4kB
     8
    8

    HTTP Request

    GET http://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0

    HTTP Response

    302

    HTTP Request

    GET http://saltworld.net/forums/public/style_images/master/top.png

    HTTP Response

    302
  • 104.21.57.186:443
    coinhive.com
    tls
    IEXPLORE.EXE
    819 B
     5.8kB
     11
    10
  • 104.21.11.155:80
    http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    http
    IEXPLORE.EXE
    590 B
     1.3kB
     6
    5

    HTTP Request

    GET http://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js

    HTTP Response

    302
  • 192.0.73.2:443
    https://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    tls, http
    IEXPLORE.EXE
    1.7kB
     5.5kB
     12
    10

    HTTP Request

    GET https://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    302

    HTTP Request

    GET https://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    302
  • 192.0.73.2:443
    www.gravatar.com
    tls
    IEXPLORE.EXE
    747 B
     4.2kB
     10
    9
  • 192.0.73.2:443
    https://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
    tls, http
    IEXPLORE.EXE
    1.8kB
     28.9kB
     23
    32

    HTTP Request

    GET https://www.gravatar.com/avatar/6ab9cf9740f754d0565ec0f4b1250e8e?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

    HTTP Response

    200
  • 104.21.11.155:443
    https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    tls, http
    IEXPLORE.EXE
    1.3kB
     6.8kB
     11
    12

    HTTP Request

    GET https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js

    HTTP Response

    302
  • 104.21.11.155:443
    https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    tls, http
    IEXPLORE.EXE
    1.1kB
     6.5kB
     10
    11

    HTTP Request

    GET https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js

    HTTP Response

    302
  • 104.21.11.155:443
    https://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    tls, http
    IEXPLORE.EXE
    1.7kB
     7.5kB
     12
    12

    HTTP Request

    GET https://saltworld.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css

    HTTP Response

    302

    HTTP Request

    GET https://saltworld.net/forums/uploads/profile/photo-44563.gif?_r=1448768805

    HTTP Response

    302
  • 104.21.11.155:443
    https://saltworld.net/forums/public/style_images/master/feed.png
    tls, http
    IEXPLORE.EXE
    1.6kB
     7.4kB
     12
    14

    HTTP Request

    GET https://saltworld.net/forums/public/style_images/master/f_icon_read.png

    HTTP Response

    302

    HTTP Request

    GET https://saltworld.net/forums/public/style_images/master/feed.png

    HTTP Response

    302
  • 104.21.11.155:443
    https://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    tls, http
    IEXPLORE.EXE
    1.2kB
     6.5kB
     10
    11

    HTTP Request

    GET https://saltworld.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0

    HTTP Response

    302
  • 104.21.11.155:443
    https://saltworld.net/forums/public/style_images/master/top.png
    tls, http
    IEXPLORE.EXE
    1.6kB
     7.4kB
     12
    14

    HTTP Request

    GET https://saltworld.net/forums/public/style_images/master/useropts_arrow.png

    HTTP Response

    302

    HTTP Request

    GET https://saltworld.net/forums/public/style_images/master/top.png

    HTTP Response

    302
  • 104.21.65.85:443
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css
    tls, http
    IEXPLORE.EXE
    1.3kB
     7.1kB
     10
    11

    HTTP Request

    GET https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&f=public/style_css/css_4/ipb_help.css,public/style_css/css_4/ipb_styles.css,public/style_css/css_4/calendar_select.css,public/style_css/css_4/ipb_common.css

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0
    tls, http
    IEXPLORE.EXE
    1.2kB
     7.2kB
     11
    12

    HTTP Request

    GET https://gamingw.net/forums/uploads/profile/photo-3914.57_68bd69e5aed67c7aa3dc4520e02d3f4dff99e864?_r=0

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
    tls, http
    IEXPLORE.EXE
    2.1kB
     9.4kB
     14
    17

    HTTP Request

    GET https://gamingw.net/forums/public/style_images/master/f_icon_read.png

    HTTP Response

    404

    HTTP Request

    GET https://gamingw.net/forums/public/style_images/master/feed.png

    HTTP Response

    404

    HTTP Request

    GET https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/1/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js
    tls, http
    IEXPLORE.EXE
    1.6kB
     8.2kB
     12
    12

    HTTP Request

    GET https://gamingw.net/forums/public/style_images/master/useropts_arrow.png

    HTTP Response

    404

    HTTP Request

    GET https://gamingw.net/forums/public/min/index.php?ipbv=e3dc6c59d017b380e9899774b18a7749&g=js

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/uploads/profile/photo-44563.gif?_r=1448768805
    tls, http
    IEXPLORE.EXE
    1.1kB
     6.7kB
     10
    11

    HTTP Request

    GET https://gamingw.net/forums/uploads/profile/photo-44563.gif?_r=1448768805

    HTTP Response

    404
  • 104.21.65.85:443
    https://gamingw.net/forums/public/style_images/master/top.png
    tls, http
    IEXPLORE.EXE
    1.1kB
     6.7kB
     10
    11

    HTTP Request

    GET https://gamingw.net/forums/public/style_images/master/top.png

    HTTP Response

    404
  • 192.0.77.2:80
    http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    http
    IEXPLORE.EXE
    606 B
     514 B
     6
    5

    HTTP Request

    GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

    HTTP Response

    404
  • 192.0.77.2:80
    http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png
    http
    IEXPLORE.EXE
    658 B
     858 B
     7
    6

    HTTP Request

    GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

    HTTP Response

    404
  • 216.58.213.14:80
    www.google-analytics.com
    IEXPLORE.EXE
    190 B
     92 B
     4
    2
  • 216.58.213.14:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    812 B
     18.3kB
     12
    16

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.6kB
     9
    12
  • 8.8.8.8:53
    coinhive.com
    dns
    IEXPLORE.EXE
    58 B
     90 B
     1
    1

    DNS Request

    coinhive.com

    DNS Response

    104.21.57.186
    172.67.165.117

  • 8.8.8.8:53
    saltworld.net
    dns
    IEXPLORE.EXE
    59 B
     91 B
     1
    1

    DNS Request

    saltworld.net

    DNS Response

    104.21.11.155
    172.67.166.97

  • 8.8.8.8:53
    www.gravatar.com
    dns
    IEXPLORE.EXE
    62 B
     78 B
     1
    1

    DNS Request

    www.gravatar.com

    DNS Response

    192.0.73.2

  • 8.8.8.8:53
    gamingw.net
    dns
    IEXPLORE.EXE
    57 B
     89 B
     1
    1

    DNS Request

    gamingw.net

    DNS Response

    104.21.65.85
    172.67.160.162

  • 8.8.8.8:53
    i1.wp.com
    dns
    IEXPLORE.EXE
    55 B
     71 B
     1
    1

    DNS Request

    i1.wp.com

    DNS Response

    192.0.77.2

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
     230 B
     1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    104.90.25.175

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
     230 B
     1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    104.90.25.175

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    55d13419ef7e00979888e1f36e85667c

    SHA1

    9213fd7f1bfe3399f11d8ce56516c9ecfaef50c3

    SHA256

    99a431ec4372e147cbb89b186806b63791ccac196e7c21362affa2da3dea5883

    SHA512

    4cfbbde7606ea5d8c56ab0a540ef2c4c84d3feabf5b694d41838f00cde9fddac90cac1a2d095f53ca597288a48adbf080f1196fe4c179e5b86be7b6ba4968da5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
    Filesize

    724B

    MD5

    8202a1cd02e7d69597995cabbe881a12

    SHA1

    8858d9d934b7aa9330ee73de6c476acf19929ff6

    SHA256

    58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5

    SHA512

    97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    649a11c0c1a1b0a556fd1ffdd1cf1f00

    SHA1

    6211c4091148e6db4a29be963f18e2a4e14d733f

    SHA256

    af0d9af9dae5c08456626fff84277591022305f4871de2ee034894dd8040a31a

    SHA512

    27c87f13d02bdd5ffcc8a21761479ada927886024d2f4b77d007b792857006a737bcd6919d5a343a9ee825b509c9e9c08737936dc365dc33b4a973f9f65c6d3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0239c9ddd926935a52a18d6c867a620

    SHA1

    aa9de477fec0b5bcfe6f4af37a6cc16b52f3e4f1

    SHA256

    c58d7909ea28e487d99b3ef857150fecf92dceef2bbb5faa6f2baa99e3711aa4

    SHA512

    84d37242bf3a3e82acccdd298d8d9b173c3e848d7ccd5aad7c5cbfb3db28a63212c0c54982ebf8b0b0cf36c236c3d66be3266f3158e016497fc23f068f9bb936

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76bcbab34ef99bcab69984b1b08171a4

    SHA1

    bb973405e26c2c738db901c1b80a9cac4601a8bd

    SHA256

    e17b75ca7ba96eff3c91bcc5cbe04a252e823345431d2056109402ba2edab45a

    SHA512

    aa48e6d17792ab6586015e476cce80696d9ddb093498852a6284c57deb7f96a000628eec083211acdd0a661637e20258b2e48309ff7ddcc54bb07e1751970e24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26e1b74c580f07e2ad1ef4ef5a9d94f1

    SHA1

    34c2e142f1c1fb04caecebcff66370bf0e9ec799

    SHA256

    1fe96772f4aa8f2b5e60bb137610462b754f176b4b42b944e97fc673b755d5ba

    SHA512

    21df4d712c22468585434e13993c10f38e8bf6db6150413bc17912c7a3da7ede7cf04df8829a50884ef6a3f181b7a125159fbaf71c3fc5bf9b276f04b633eafb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7692906cd14ae66c1c6aaf2e36950969

    SHA1

    85a39f236e45507d0a373bfcd6cb8226530e346c

    SHA256

    16584462facfcdfcf4864bf8c59269c7da8682894239838c20428a3f188eb96c

    SHA512

    51051f9cc96f5a94893b1eab17000901fa2d55ea3c11a566b43fb8bd0205497a6ea44a78438e2a2fe31e445ba802c1789d631a4c5f77482250d13591b23cf407

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e7387b7b79931e514a4566bbf08f81f

    SHA1

    d5e4bcc69e00caac021f66df68f347d65d611acd

    SHA256

    11a47c5b79b912ceacf4247d2271cdae92a492e91bddb40c992e60be6c2aae06

    SHA512

    5c43aa1b51fb48708dfdf791709b39300d01c76c9d32e8b033acde655e21fd9ead56f40a0126cdb2c437e3c59757490983033476d6d51595f8615f262dd9226f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49b22480a5885f13c1f2a96d0bf8aec4

    SHA1

    d8673a7f05028f3ae894909dea213d99fb2d8c00

    SHA256

    15582393e04aa370e8610e7a80b84740b293ec6d6bdef2941887ddaa53f85ce6

    SHA512

    ebd622ab0e97611769e9fe25fd0d5e3d83bb4231062e86981ed7a313a0b9f187949b9f3fde4192a652f332d9d073cfba0e6df1c5f25a0e2f8ddee449a6bdff33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cbc1ae8c6379ee847f5af9ff49489483

    SHA1

    0d904c158ccbc7aaea8c23db06812922f90937d6

    SHA256

    a1ab1dc28bdc8e22c496e03e9c514ccaab9d5719c797828784f0a4ec20976e9f

    SHA512

    04985eeb21812567bd1e8d73ac856c2a57a55275a7dc9f3a03817cc1717c51f5b0e6c46c66271957b1fcc54919194b780756e6c49d5f8efe469f3b044dd302d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1361d77d6781ad6b4e4857679a2b9591

    SHA1

    b8918efd10ad3917413fc552ce1ab5a6dcce0654

    SHA256

    e86e2b60178c91198bf4fd847f1792310d87945270e3e0d6c89b4d765517825c

    SHA512

    e49cde18c5ce2a1d8cc83424bd1c8a906b8bbae41a2926ebe457d159688f331e7c4e127564f6d9e49135002083c7c4dfde7842b0cdadafc088a6254f2dde23a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4297dbf35c98d0976783d47bc0482c9

    SHA1

    3d6c5707c60059e880d011cb509bcc4e09930d1e

    SHA256

    9c9c2c4b4832718483fe2fc1ae8c595a18ae0bf1ac2d9ef947f00a1f837e49cd

    SHA512

    adb2217fabdd709eef3d211f2e0efc6a93335e574782689e0d1281c7a834f8281c1c902ba0e134e7886c6914cae70035e4451db88da65acafb43f0fe255d9a9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1416442abb281b3037838bf610bdbcc0

    SHA1

    51e716f4185318a3869a098daacc1d9177d57713

    SHA256

    919ad490603a492387e0cebd4f974b2be4c921ff05ff60ca6029a4473873402f

    SHA512

    d156ba660e5c0d16c9814ef81cd9ba7409b9d1c8bde889e476cf44a214d0f34e11e712bc4bcc219b91d62dac8a11d37720cf484cd5d6eaefc11f5e1e8e133d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c449f54da992ae3f37822144c930f05e

    SHA1

    697f464a12b55ea7fd5d990b4c236f0362d0cceb

    SHA256

    50059e2b61c970fb5e6e3ee6f6fe2a64cc6ed7470da00f8efb853a815e61791e

    SHA512

    97487c4e9e398e48af637be90c3b93a51a879060dd894a59fbfa8727d3947f3930be5ba2624e3951a826a90e72ffc7bfed291ba3632abdbc3470af69e22ab815

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5e02bcac06e4a935e8dd7bfeb061334

    SHA1

    d6c0ab81f87a4b9fa1d3b291e43d495f9c7f7fbd

    SHA256

    d45468d69e173a7eb9b90d5a038027ff27ce007bdd196bad5c6bae6165992579

    SHA512

    8f0b0556f3db2fd356f580d3ce6307dd6a534dc42bf0cde50dedf588a04568609a0de4020bf0dce1d104329c8036fb714668e82200dbacf19b5b077cb2ce9097

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1af89169648d6af68792d18e5f75c55e

    SHA1

    e5038d98364e4fe650fc73a414b0e9bb8e6bdeea

    SHA256

    5bade416d69ca49a48c4cdb5212ce14498dced3df7fccff35815ff987dee5521

    SHA512

    b3216128e8446e57412e9a94ed5e187e3616aa4aa0e844e93f8e213829985f248a462dcd63ce606791afc8d174bd4398fd1295fa5ed94f604e85660e71512eff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2305138f37c7b0d474c54362dd0499f

    SHA1

    298a8c6e6ca9412e5db974145bad867869ab2925

    SHA256

    8d50e60c40df5fd0c3d6d009dc55ca1a03b39e2de9355b4d254215a10e60e577

    SHA512

    cbe39c0fc5d5c1528b04f98d9a2edb27b78931d8ab8ebe59581507d3b92bd34bb8f6ec664a99a0b86c70c548aea1df293a7b3477bfb30ac5f6d1f38813d98a29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e458440ffaebee8ca21df5dfd2f83a2b

    SHA1

    c57eac80f0b64cae3a288c8e5250398a5e4894d8

    SHA256

    5932ba15cd46932d07b02f2772aa40fa0a384699f40edfe73eefd35e64470e3a

    SHA512

    d66187679f516c628ac910cdfb592df13c99a0eab0db5e404bc69f1bef9a9c11679febc64b2f34cf3ff05a589bd52f9c4a24d62e18c7dae2d5328458ff9fd5ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a27911fe50bc43e1b61119dbe82e1f6

    SHA1

    d6a34e4625cfb114be492278ec6271a354ad0602

    SHA256

    99723b57b7cd56a4b80912fe855b2edeb80bf30bd5889adbceff6a81bdfeaad4

    SHA512

    0e027f4c579ae87e2c7e99a83b0e11cbdc94271ecc3d5764157fc845da0a53de361e5ea5351c2a062cf0e64b049a39469b60f162e057e610c49223a7add6484d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8fb02dc804978dc121241ad599593b5

    SHA1

    559f8ff64f3c76c11d2dbbb11e19ab44c8346c5e

    SHA256

    b2448f0c00a648314638fd1d1ed7886981eabf255c4cd32b4b0f5ae88028af5b

    SHA512

    9c0c32a21e940e5bb1133a5820053501c8ffcbca06ebbc3286a881094b5fcabaa0d3ff3434e3510b4769a274590950a3534065652207c9e263f2919c6f7bb1a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bc94e07fb517d9304c1cfe5440d8982

    SHA1

    d2615860690f00af2b98f8fa49deabd8ff7cf2f7

    SHA256

    cc02caa98f4381cc1b6e69db1fdebc9b9946bfa2bef75716ece9b69c49d462f5

    SHA512

    dd9a7a0c1b9190c2846e591f5d43553be082a0c89cef935bb50a2696fe152e4fd1509a29d2e5c6013427423dbc2f0f477f777b8dfcdacc44db74a08b5c701d3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb86287c056bdac818310d20f76d75b0

    SHA1

    7ea151c79a98665eed16b28df0e525f84f5e552b

    SHA256

    dca6f6d49c4adbdb3610ae9b5d129f1a58a46cfd7b45887f0662b4147fc7bcfa

    SHA512

    256a5215a69f5973c4084fdc74f321855800490f047cc136ae409d8d84d98be1fc49492a1dddc8e0685a8147aacee3dba1dba031bcff3f520cb73ed283652495

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0bf92d30069db6060cc13c8b5f631e2

    SHA1

    2ae693f59b523496010752806ad48d47752313f5

    SHA256

    54806208fe7c70228dfa1b24b1f249a154bef7280942b5ff242d35efa53f42fe

    SHA512

    cdd359ff4535489944614018c4be4fb6e7ef39df258d0bf6421b8ad86267ef49e067482d9665cc8595b4b0aa8897c148e352cd7a58f4f0a431f35a2775bf04db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
    Filesize

    392B

    MD5

    0ad3f21a9292040ebb77eb88ce8f90f0

    SHA1

    661d0afe4289d5411a0f7b81f720018f17ff3555

    SHA256

    4bf3b1dff81bf0faa935be24cf00faa9cc611ae4eba4d70f0835b07d704517b0

    SHA512

    3a6d36a7b060d0318e8c7beac34cfb1a57cc6a54e50d122969079f3c0daaef0ad8f5df4e027358321ff54a3413ee8eb9f48c244dab3e46112377aa335d61251d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    6d4f81ef04c80d787596627ce90ae24d

    SHA1

    fbbfe362a3840eeb843b424cd136f15c8f4d4c6f

    SHA256

    83fa550fc74c2584cd46726d228d920e233ab8f1352d3a8c9cd5d4e98acbfc8e

    SHA512

    ce4e9e6d956353eb2dd6a45c9e552aaf1e29a3bfb5151c94f46bb76074039269e1f661be31304d90f363d04f58207c46b49ba8dacdcd893af099d51facd0d7d9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9FF.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA04.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB17.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.