Analysis
-
max time kernel
144s -
max time network
151s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15/06/2024, 23:46 UTC
Static task
static1
Behavioral task
behavioral1
Sample
b0bd5c22a43c095358eea47dfc79da84_JaffaCakes118.html
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
b0bd5c22a43c095358eea47dfc79da84_JaffaCakes118.html
Resource
win10v2004-20240508-en
General
-
Target
b0bd5c22a43c095358eea47dfc79da84_JaffaCakes118.html
-
Size
27KB
-
MD5
b0bd5c22a43c095358eea47dfc79da84
-
SHA1
7fc486bb07acb223036541aebb858b8069271344
-
SHA256
74e2b2c2a852660086e0b1aa7a370d128bcecbcea8588d55918cd0ecc50d21d2
-
SHA512
069cfef0899bbc7d8cdf10a56e447dddfbab0280fcbea864691cf7747392e6dd27123d53632eb3c46c604bae35f7f106648cbdc81c779c6fc4385fbf96090205
-
SSDEEP
768:SxVdsFqvfkRlAVV1C5m1CCCcmzm3C/CnCQGUMXVz2:S7dsFqvfkc1C5m1CCCcmzm3C/CnCQqz2
Malware Config
Signatures
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 1016e3597ebfda01 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424657065" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a8076000000000200000000001066000000010000200000008bdb33b823a60c3d15df880e8f0c8a95c796df75a310c3f1283293ccc3c7e2ab000000000e8000000002000020000000c9ff828ce723487882e762e56994a38ff6d6ab38994580d74f453508480650692000000064720fca9c4e61cdb7e38e1f9df6d1f86f36ba7eedba215af3113c4469e7213a40000000c5849204aa5deeea1dee222ed22004f952dd7555652aafb531e2c79cbd4ade57ab481427dcd05617d5c13ca5945de65d3d2e2cf0936d591dd5a29088f5de1b45 iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005ec80cf279b2564c91633e21940a807600000000020000000000106600000001000020000000658f6b7e691b68bd2887dd220f731b6dcbc50c13deec7423fca589ab492283bc000000000e8000000002000020000000549a223b014e384b50a5f388f8a88f9685f524e4e63db75aab80da3b4c92d6df90000000ba7ace64ffade420292363a50049981ed4ee7b2b7d5e61d6cfbf05365f81ccd6d35feb51c130f12e36e1176765d39137d4eaa39e732a2a1a6846d033e7727ef7e98b9a0863b55a6e95f1ae662916b4a69dadfcc537456f0ff20ea23fb1bf09421e43c4753681ed5001fab0fc04b2222ef8ed77933554cea910eff63b513dcc6efa2ade3603e8f5fd1801c74d0e9334f34000000097abad0302595ef19bb7410d0fe8f8c5748d0d8acaaba1495e04433611122968faf11b12eb8c54607cb8f9f74d883fc6daca7ffe28c9b7efd2f7a558e502b68b iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{809D4501-2B71-11EF-B918-627D7EE66EFE} = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-39690363-730359138-1046745555-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2188 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 2188 iexplore.exe 2188 iexplore.exe 2104 IEXPLORE.EXE 2104 IEXPLORE.EXE 2104 IEXPLORE.EXE 2104 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2188 wrote to memory of 2104 2188 iexplore.exe 28 PID 2188 wrote to memory of 2104 2188 iexplore.exe 28 PID 2188 wrote to memory of 2104 2188 iexplore.exe 28 PID 2188 wrote to memory of 2104 2188 iexplore.exe 28
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b0bd5c22a43c095358eea47dfc79da84_JaffaCakes118.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2188 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2104
-
Network
-
Remote address:8.8.8.8:53Requestvmg1.infoIN AResponsevmg1.infoIN A3.33.130.190vmg1.infoIN A15.197.148.33
-
Remote address:8.8.8.8:53Requestajax.googleapis.comIN AResponseajax.googleapis.comIN A142.250.200.10
-
Remote address:8.8.8.8:53Requestwww.capitalfm.co.keIN AResponsewww.capitalfm.co.keIN CNAMEwp.wpenginepowered.comwp.wpenginepowered.comIN A141.193.213.11wp.wpenginepowered.comIN A141.193.213.10
-
Remote address:8.8.8.8:53Requestghanasuperstar.comIN AResponse
-
Remote address:8.8.8.8:53Request3.bp.blogspot.comIN AResponse3.bp.blogspot.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A142.250.180.1
-
Remote address:8.8.8.8:53Requestwww.ghanatoghana.comIN AResponsewww.ghanatoghana.comIN CNAMEghanatoghana.comghanatoghana.comIN A192.64.80.67
-
Remote address:8.8.8.8:53Requestimg.modernghana.comIN AResponseimg.modernghana.comIN A104.20.45.9img.modernghana.comIN A104.20.44.9
-
Remote address:8.8.8.8:53Requestomgghana.comIN AResponseomgghana.comIN CNAMEtraff-2.hugedomains.comtraff-2.hugedomains.comIN CNAMEhdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.comhdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.comIN A3.130.253.23hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.comIN A3.130.204.160
-
Remote address:8.8.8.8:53Requestkitnes.netIN AResponse
-
Remote address:8.8.8.8:53Requestwww.africasoccernet.comIN AResponse
-
Remote address:8.8.8.8:53Requesti.ytimg.comIN AResponsei.ytimg.comIN A142.250.178.22i.ytimg.comIN A142.250.187.246i.ytimg.comIN A216.58.201.118i.ytimg.comIN A142.250.180.22i.ytimg.comIN A142.250.200.54i.ytimg.comIN A142.250.179.246i.ytimg.comIN A172.217.16.246i.ytimg.comIN A142.250.187.214i.ytimg.comIN A172.217.169.54i.ytimg.comIN A142.250.200.22i.ytimg.comIN A216.58.212.246i.ytimg.comIN A216.58.204.86
-
Remote address:142.250.200.10:80RequestGET /ajax/libs/jquery/1/jquery.min.js?ver=6867 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33434
Date: Sat, 15 Jun 2024 23:46:39 GMT
Expires: Sun, 15 Jun 2025 23:46:39 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
-
GEThttp://vmg1.info/wp-content/plugins/pe_estro_slider/resources/pe.kenburns/themes/allskins.min.css?ver=1.0IEXPLORE.EXERemote address:3.33.130.190:80RequestGET /wp-content/plugins/pe_estro_slider/resources/pe.kenburns/themes/allskins.min.css?ver=1.0 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:40 GMT
Content-Type: text/html
Content-Length: 122
Connection: keep-alive
-
GEThttp://vmg1.info/wp-admin/admin-ajax.php?action=wordfence_logHuman&hid=A34DCDC237A4C3F2637ADD03B5B1CB35IEXPLORE.EXERemote address:3.33.130.190:80RequestGET /wp-admin/admin-ajax.php?action=wordfence_logHuman&hid=A34DCDC237A4C3F2637ADD03B5B1CB35 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:41 GMT
Content-Type: text/html
Content-Length: 177
Connection: keep-alive
-
GEThttp://3.bp.blogspot.com/-PRigyjnz6z8/UEUW71mnNnI/AAAAAAAABYM/rrZqFvVpTD4/s1600/Ghana.jpgIEXPLORE.EXERemote address:142.250.180.1:80RequestGET /-PRigyjnz6z8/UEUW71mnNnI/AAAAAAAABYM/rrZqFvVpTD4/s1600/Ghana.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "va66"
Expires: Sun, 16 Jun 2024 23:46:39 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Ghana.jpg"
X-Content-Type-Options: nosniff
Date: Sat, 15 Jun 2024 23:46:39 GMT
Server: fife
Content-Length: 37877
X-XSS-Protection: 0
-
Remote address:142.250.178.22:80RequestGET /vi/7Uv4gomFNYw/0.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: i.ytimg.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/jpeg
Date: Sat, 15 Jun 2024 23:46:39 GMT
Expires: Sat, 15 Jun 2024 23:47:09 GMT
Cache-Control: public, max-age=30
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 1097
X-XSS-Protection: 0
-
Remote address:104.20.45.9:80RequestGET /images/content3/240x_mg_d82dlp1jam_50055069.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: img.modernghana.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Jun 2024 00:46:39 GMT
Location: https://img.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpg
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 894670d499f360e3-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/css/reset.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/css/dropdown.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/js/custom.js?ver=1.0 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 122
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/js/prettyPhoto.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/uploads/2011/08/LinkedIn.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:40 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/js/superfish.js?ver=1.0 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 122
Connection: keep-alive
-
GEThttp://vmg1.info/wp-content/plugins/mappress-google-maps-for-wordpress/css/mappress.css?ver=2.39.2IEXPLORE.EXERemote address:3.33.130.190:80RequestGET /wp-content/plugins/mappress-google-maps-for-wordpress/css/mappress.css?ver=2.39.2 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 125
Connection: keep-alive
-
GEThttp://vmg1.info/wp-content/plugins/pe_estro_slider/resources/pe.kenburns/jquery.pixelentity.kenburnsSlider.min.js?ver=1.0IEXPLORE.EXERemote address:3.33.130.190:80RequestGET /wp-content/plugins/pe_estro_slider/resources/pe.kenburns/jquery.pixelentity.kenburnsSlider.min.js?ver=1.0 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 122
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/plugins/pe_estro_slider/resources/img/blank.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/js/jquery.imgr.min.js?ver=1.1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:40 GMT
Content-Type: text/html
Content-Length: 122
Connection: keep-alive
-
GEThttp://vmg1.info/wp-content/themes/onyx/thumb.php?src=http://vmg1.info/wp-content/uploads/2011/09/fakelogo.png&w=490&h=65&zc=0IEXPLORE.EXERemote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/thumb.php?src=http://vmg1.info/wp-content/uploads/2011/09/fakelogo.png&w=490&h=65&zc=0 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:41 GMT
Content-Type: text/html
Content-Length: 191
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/js/jquery.formalize.js?ver=1.2 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 122
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/css/grid.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/css/prettyphoto.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/js/slides.min.jquery.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/uploads/2011/08/Twitter.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/js/jquery.smooth-scroll.min.js?ver=1.4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 122
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/css/master.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/themes/onyx/style5.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-includes/js/comment-reply.min.js?ver=6867 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 123
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/uploads/2011/08/facebook.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:39 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:192.64.80.67:80RequestGET /wp-content/uploads/2012/06/Accra-Mall-Ghana.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.ghanatoghana.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Length: 1505
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Cache-Control: no-store, max-age=0
Server: imunify360-webshield/1.21
-
Remote address:3.130.253.23:80ResponseHTTP/1.1 408 Request Time-out
Cache-Control: no-cache
Connection: close
Content-Type: text/html
-
Remote address:3.130.253.23:80RequestGET /wp-content/uploads/2012/02/515158.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: omgghana.com
Connection: Keep-Alive
ResponseHTTP/1.0 404 Not Found
content-type: text/html
x-reason: MediaRequest
-
Remote address:104.20.45.9:443RequestGET /images/content3/240x_mg_d82dlp1jam_50055069.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: img.modernghana.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=31536000
Location: http://cdn.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpg
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 894670dbdde36365-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:141.193.213.11:80RequestGET /news/files/2012/02/TAKORADI-GHANA.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.capitalfm.co.ke
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 24328
Connection: keep-alive
Last-Modified: Thu, 25 Mar 2021 07:59:46 GMT
ETag: "109cc66f55c86834a0b9cae62cd391a7"
x-amz-server-side-encryption: AES256
Expires: Mon, 15 Jul 2024 23:46:39 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 894670d5efc69478-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:8.8.8.8:53Requestapps.identrust.comIN AResponseapps.identrust.comIN CNAMEidentrust.edgesuite.netidentrust.edgesuite.netIN CNAMEa1952.dscq.akamai.neta1952.dscq.akamai.netIN A23.63.101.171a1952.dscq.akamai.netIN A23.63.101.153
-
Remote address:23.63.101.171:80RequestGET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com
ResponseHTTP/1.1 200 OK
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Sun, 16 Jun 2024 00:46:39 GMT
Date: Sat, 15 Jun 2024 23:46:39 GMT
Connection: keep-alive
-
Remote address:3.33.130.190:80RequestGET /wp-content/plugins/pe_estro_slider/resources/img/blank.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vmg1.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Sat, 15 Jun 2024 23:46:47 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
-
Remote address:8.8.8.8:53Requestcdn.modernghana.comIN AResponsecdn.modernghana.comIN A104.20.44.9cdn.modernghana.comIN A104.20.45.9
-
Remote address:104.20.44.9:80RequestGET /images/content3/240x_mg_d82dlp1jam_50055069.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: cdn.modernghana.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Jun 2024 00:46:40 GMT
Location: https://cdn.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpg
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 894670dcbb8063cf-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:104.20.44.9:443RequestGET /images/content3/240x_mg_d82dlp1jam_50055069.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: cdn.modernghana.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 894670de9bd977ab-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
-
Remote address:8.8.8.8:53Requestkitnes.netIN AResponse
-
142.250.200.10:80http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js?ver=6867httpIEXPLORE.EXE1.2kB 35.5kB 19 29
HTTP Request
GET http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js?ver=6867HTTP Response
200 -
3.33.130.190:80http://vmg1.info/wp-admin/admin-ajax.php?action=wordfence_logHuman&hid=A34DCDC237A4C3F2637ADD03B5B1CB35httpIEXPLORE.EXE973 B 1.2kB 7 8
HTTP Request
GET http://vmg1.info/wp-content/plugins/pe_estro_slider/resources/pe.kenburns/themes/allskins.min.css?ver=1.0HTTP Response
200HTTP Request
GET http://vmg1.info/wp-admin/admin-ajax.php?action=wordfence_logHuman&hid=A34DCDC237A4C3F2637ADD03B5B1CB35HTTP Response
200 -
142.250.180.1:80http://3.bp.blogspot.com/-PRigyjnz6z8/UEUW71mnNnI/AAAAAAAABYM/rrZqFvVpTD4/s1600/Ghana.jpghttpIEXPLORE.EXE1.3kB 40.0kB 22 33
HTTP Request
GET http://3.bp.blogspot.com/-PRigyjnz6z8/UEUW71mnNnI/AAAAAAAABYM/rrZqFvVpTD4/s1600/Ghana.jpgHTTP Response
200 -
555 B 1.6kB 6 5
HTTP Request
GET http://i.ytimg.com/vi/7Uv4gomFNYw/0.jpgHTTP Response
404 -
190 B 92 B 4 2
-
190 B 92 B 4 2
-
466 B 92 B 10 2
-
104.20.45.9:80http://img.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpghttpIEXPLORE.EXE590 B 739 B 6 4
HTTP Request
GET http://img.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpgHTTP Response
301 -
190 B 92 B 4 2
-
1.9kB 2.1kB 11 14
HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/css/reset.cssHTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/css/dropdown.cssHTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/js/custom.js?ver=1.0HTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/js/prettyPhoto.jsHTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/uploads/2011/08/LinkedIn.pngHTTP Response
200 -
3.33.130.190:80http://vmg1.info/wp-content/plugins/pe_estro_slider/resources/img/blank.pnghttpIEXPLORE.EXE1.6kB 1.2kB 8 10
HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/js/superfish.js?ver=1.0HTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/plugins/mappress-google-maps-for-wordpress/css/mappress.css?ver=2.39.2HTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/plugins/pe_estro_slider/resources/pe.kenburns/jquery.pixelentity.kenburnsSlider.min.js?ver=1.0HTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/plugins/pe_estro_slider/resources/img/blank.png -
3.33.130.190:80http://vmg1.info/wp-content/themes/onyx/thumb.php?src=http://vmg1.info/wp-content/uploads/2011/09/fakelogo.png&w=490&h=65&zc=0httpIEXPLORE.EXE1.1kB 1.6kB 9 9
HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/js/jquery.imgr.min.js?ver=1.1HTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/thumb.php?src=http://vmg1.info/wp-content/uploads/2011/09/fakelogo.png&w=490&h=65&zc=0HTTP Response
200 -
1.9kB 2.1kB 11 14
HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/js/jquery.formalize.js?ver=1.2HTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/css/grid.cssHTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/css/prettyphoto.cssHTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/js/slides.min.jquery.jsHTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/uploads/2011/08/Twitter.pngHTTP Response
200 -
1.9kB 2.1kB 11 14
HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/js/jquery.smooth-scroll.min.js?ver=1.4HTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/css/master.cssHTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/themes/onyx/style5.cssHTTP Response
200HTTP Request
GET http://vmg1.info/wp-includes/js/comment-reply.min.js?ver=6867HTTP Response
200HTTP Request
GET http://vmg1.info/wp-content/uploads/2011/08/facebook.pngHTTP Response
200 -
192.64.80.67:80http://www.ghanatoghana.com/wp-content/uploads/2012/06/Accra-Mall-Ghana.jpghttpIEXPLORE.EXE591 B 2.0kB 6 6
HTTP Request
GET http://www.ghanatoghana.com/wp-content/uploads/2012/06/Accra-Mall-Ghana.jpgHTTP Response
200 -
190 B 132 B 4 3
-
236 B 365 B 5 3
HTTP Response
408 -
527 B 349 B 5 4
HTTP Request
GET http://omgghana.com/wp-content/uploads/2012/02/515158.jpgHTTP Response
404 -
104.20.45.9:443https://img.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpgtls, httpIEXPLORE.EXE1.1kB 5.3kB 10 9
HTTP Request
GET https://img.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpgHTTP Response
301 -
141.193.213.11:80http://www.capitalfm.co.ke/news/files/2012/02/TAKORADI-GHANA.jpghttpIEXPLORE.EXE994 B 25.7kB 15 22
HTTP Request
GET http://www.capitalfm.co.ke/news/files/2012/02/TAKORADI-GHANA.jpgHTTP Response
200 -
466 B 92 B 10 2
-
369 B 1.6kB 5 4
HTTP Request
GET http://apps.identrust.com/roots/dstrootcax3.p7cHTTP Response
200 -
3.33.130.190:80http://vmg1.info/wp-content/plugins/pe_estro_slider/resources/img/blank.pnghttpIEXPLORE.EXE643 B 770 B 7 6
HTTP Request
GET http://vmg1.info/wp-content/plugins/pe_estro_slider/resources/img/blank.pngHTTP Response
200 -
104.20.44.9:80http://cdn.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpghttpIEXPLORE.EXE550 B 1.3kB 5 5
HTTP Request
GET http://cdn.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpgHTTP Response
301 -
466 B 92 B 10 2
-
104.20.44.9:443https://cdn.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpgtls, httpIEXPLORE.EXE1.0kB 5.7kB 9 10
HTTP Request
GET https://cdn.modernghana.com/images/content3/240x_mg_d82dlp1jam_50055069.jpgHTTP Response
404 -
753 B 7.7kB 9 13
-
753 B 7.7kB 9 13
-
785 B 7.7kB 9 13
-
55 B 87 B 1 1
DNS Request
vmg1.info
DNS Response
3.33.130.19015.197.148.33
-
65 B 81 B 1 1
DNS Request
ajax.googleapis.com
DNS Response
142.250.200.10
-
65 B 133 B 1 1
DNS Request
www.capitalfm.co.ke
DNS Response
141.193.213.11141.193.213.10
-
64 B 137 B 1 1
DNS Request
ghanasuperstar.com
-
63 B 124 B 1 1
DNS Request
3.bp.blogspot.com
DNS Response
142.250.180.1
-
66 B 96 B 1 1
DNS Request
www.ghanatoghana.com
DNS Response
192.64.80.67
-
65 B 97 B 1 1
DNS Request
img.modernghana.com
DNS Response
104.20.45.9104.20.44.9
-
58 B 188 B 1 1
DNS Request
omgghana.com
DNS Response
3.130.253.233.130.204.160
-
56 B 56 B 1 1
DNS Request
kitnes.net
-
69 B 159 B 1 1
DNS Request
www.africasoccernet.com
-
57 B 249 B 1 1
DNS Request
i.ytimg.com
DNS Response
142.250.178.22142.250.187.246216.58.201.118142.250.180.22142.250.200.54142.250.179.246172.217.16.246142.250.187.214172.217.169.54142.250.200.22216.58.212.246216.58.204.86
-
64 B 165 B 1 1
DNS Request
apps.identrust.com
DNS Response
23.63.101.17123.63.101.153
-
65 B 97 B 1 1
DNS Request
cdn.modernghana.com
DNS Response
104.20.44.9104.20.45.9
-
56 B 56 B 1 1
DNS Request
kitnes.net
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD509852f7adf7d9f27a344c099c2838fef
SHA1d5c59176a6fafb627bde0feed69548199e6317fd
SHA256c7e1b73961cbf7f1f8b414139825c11f400425fdbd927f1fb551107ee80c048b
SHA51210769a74e7e7047dee311fd20ca61480b2054b9bfc18dfcd1e9a5ffd8125d5680047d231dca8a70e51ebbda5a7c1269eb341d4c96440132c6b4f7dab0e7ef91d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD59f302b4df2472ff106aff48bdcfdc80e
SHA194fc59855276bd61d6403f522e47d9f2c3bb3129
SHA2560676c1a9d3bcd21a554bf90e40171ae1594fb615a48f9de9356fe1764a0efa25
SHA512c6ed73fbac17ebe9941243d5497a382b28e8fef2d174061be36d5184d507bb20fe0eafc81ec0e1cf577bc03cfc95a8f91ead5dfc7ebd05ae6479535b8f6ecd13
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5b2b7b4328f7cd29de54135dbccf3ac9e
SHA1adf47f9b18f032a27420d58ba703a135c8be09ee
SHA25667ff113c3a72b7989ef53ed964ff64d1e041acc30a6c5f9b2f1227ec3617c1c8
SHA512a7f2a8230b438074b16d8aba5a4d27309febaeebe84391dfe6596255a308b4525a11edadfb75a9993209596270f8a446985e660d9ed4b14b09b0827827e90848
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD585c375e7df2b39260cc28a28940fdab3
SHA1be31127c00e2d437bb5b47aeffcfb044cc6d6e27
SHA256b2c5489995c60477cea7f93f0e016cedab1035af78da4ff198f15c356b6e8954
SHA51270b0f091be05e0afe04fb48dcf9a0484c7b3cbd7051096114dff960ca8c069b069d735c1412af2aefd8d22c4e9949103fdbc0d806c4c726d5ee3e23926b3414c
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5c3349e982809f2836e4376c4892f2998
SHA14611a8ee19014bb4c4657a9c05589c6dc0dbb0ae
SHA2563b1df4e04a3b586ed4cc63767ba2efc1c9ba6f20adcfc66829f67608e2393a9d
SHA512d79d5c883c9e4dfe3c9abd739e0780ccf07848ee15dfc78ec7408e14ed998cd79826254001b94cb35be6a87b471b78e7475d3df98d5199edf16125067a4637db
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5efa0a38b62350b85e6deb9ad1c40b391
SHA184abb0d8c20b7d2f28443c407004b1a48c0edd5d
SHA2561ecbb2529506b6643096fc42c311b42a21506ca950f87c5415d03323d4f436a2
SHA512fc05ec04ff80647ea7da92e7aa24da1b4e4c963a1b900316466101cfd833a458882338f8d7aed81b97778693d4896ad844c2e9feccc654ca3c82b15427acd8bb
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5ef1db1eaf4ce5d88666097fc7d1e496c
SHA1b5481ec0a9de0e9783b39e76204fdc34ab42796e
SHA2565959077eb7d8c144d9a94d26a5ba3341da9d049763bd54b40c4647dce1d18a78
SHA5123b428a96e7a8c4fc23c2b73eef2d89a80ee83aa0c295e591fa82d2c8405f176cdd49a9ad2e8e6156e0d81edcb71402946865154a54c0bd3b209e4872c9499d95
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5d1ec5c14579fbfefcc207c87f3e71b19
SHA11825afe49d82c052cc182a3652ccdb658b40a67d
SHA2565c986b41d1336bb6bc525cf90ebee38d028e637d72c08707d6a595affc5af839
SHA512eb80e437ab45b7b179087e3048ce760a85be5ea44ee58832d50cb1b13b5727ff1f98556e0c8df59608b2bb812a174a722f94d761c6b8d5522cf80eeb237450e8
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5fe3d5a7a70a4e7e5da9a82bc5427d67c
SHA1a0c6e5ba5e41b91f35b0861b855760de3b42554a
SHA256864064035e4c13d974d00431aab3dbbe1947697992cd282879cd3451caaa5e2f
SHA5120b137b20212ee9865802af6415437358e044dbbf2099b8dcbe5290f418d47d00109413a52e98a7c419712e7c8f64f77cdc9c425fdc9a8dedc969c03058e67d7b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5fba98999bb6e30461ff2a34ff4990d12
SHA17166a88065398ecb517a36b00c24667fb6cc0aed
SHA2564b1f59e150f850f02ebaaa8e1f4efe3687c0094846d11f517db7dd96665ad8ed
SHA512e2699b85013cf7b94a045401b390a58ca6047471333dfeb1273e19f289960091658cc4e1c716dcbaecdbe17c6d29f9e96c6de704f452c7b9de6e02a4a58743d8
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5216a4b24f4ebef231dd817e89dbf5402
SHA13224c725b08e49cf1bd2ff23607f836eb0609c3f
SHA2566a40fd44f7158e4c87aeb64b7d272099a6ff15f23e64b1657e452bd3eb23ad32
SHA5127ed32d03e563f05a0b2326f026bb085808d8438c06b6764a6723580bcbd32e3cf1ccbebc160f13f45321844d336dac4ed191b29015e6326104eb9111041e02f8
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5ee36aeedf6dc970a8ac804a6b21aad8f
SHA124f551951e97b6ce0c48fa0273fea509d5a2b7ca
SHA25660f64b3ebf2bb19828f130903cce56725dab745b7af39426b735d778b328f15a
SHA5129d19966aa1de33a63f8bc056c5d824bb738e51ba3626980af1fd0f498c3e05ef6c5a781b34e0343e8be8a1444684b1363364785a52cf37428f19beef5049e41e
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD52da5d644938ac784c7a538016227c2a0
SHA151965a23b1ff56e305bdbcc06d6b0852480ea1db
SHA256282638a94404009ef1595123b4242bd1e31fa9c05ccabd098cf853b705135ae6
SHA512485a6e83fe792cfb187dfd19db4be671c6e49154e09836f1eb5ae1a6662b28c382c2bfbb02aec691fabe4cbe6099dabf14cad174c5ec2b354f0f995e80803e48
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD51845c96586006e035df0ae5386d1c8b0
SHA10bef50a2e5363958db696c6b66fca8995ab1feb8
SHA256977a296d0e26625c617aff572c404d4610366d549e449e1e54bf112ce9e20bae
SHA512731e46a5720e639098c034582d1d83bc632a0d4211fc65ee4d34f355289d9f1fd3c9ea66299687c171444a01f09f9dfc9fc2f155e554beeb27f40c602b70a5ae
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5e81d62f45746a30ece2ba97ef49fd3d4
SHA1c29a141a38a229b09e599566db7ff9ca6b49e7af
SHA25678397d6823e4a8cd5c360e459d0457f32969586f600b9a8bdf9df0b02c746e58
SHA512adf0505cb434dd2ccf2fabbc2732d0dfa048229b05444b7164b13a6542b9e4c538411bbb10c7672a7788372e2eae440104f2e05ef6946b66f4acbc919db14e66
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD50ee019ec2a5d1d7210751708f12cdb0c
SHA136854a194480123c4a3072c70568b67e045e98ab
SHA25660656c3b4f38beacad8d99007053173a6824f9179350742b8c4bf9b5b2870029
SHA51258a6f0ca5a54d651903f9404fcb17c6956a194ea70b49beea779de6430f7765c00cfc312b43248d34ac3088daf0eabbb3fbc9c7068a1074c60e3984622c065bb
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5874568f8dd5315d99bf2b4305a8f3e0f
SHA144c5e9496b555bbe35ed194ab8717af1ee233ce1
SHA256d58abcab3939ec4f40b4206e0f916b7bab40f05c3aea11fa816bfbe1156a50ef
SHA512cb3bba238d1a524c8f211ab3a62c6c71f24b0cb031c0d46910251982a19f5afcfe942e6e94f5102327a41dd4e2a53896f3a6bf8fa9c88407522f5e1313e1457e
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5cf56ed6f5bead74e76ab07d5268faa4a
SHA1417a36f442c34943af4f6ffe1bc9ca29510e55ee
SHA2562854ec0500ba18525a9d531049867372b55aa9146e2e8e1d300fb97b8ff32c63
SHA51256a8fedef87763c97e73525e160b181276bd5be4d19e4731dafa1e53df5c075ca61e83bf6f1e5e942ba5917c83ba51c32e0e679389b059df3a3e704d0351ca98
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5badcff8c5f1d082af2132e910991967e
SHA197073f63da0b4f89778c3b438d63b024a458e59a
SHA256d63a5c29ce9090425ef966140444d2bcef737e2e2a815e6ed1e5cf514fd0c288
SHA512766503f214632fc8309755cf2c29b4d8b7279c0b4d00483a3661a7bb3711d5c891e78263518dc1b900314850644da2f33ebded6ec0155e46e8156e282181087c
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\allskins.min[1].htm
Filesize122B
MD500d64a82ba2d055e5facd3a30efac924
SHA1308e275068e3bec5effca608fe9df2008c979650
SHA256aaa3feed097fda6687c7c27860c24980f3ff105b6f326d10c98854145e9afa6b
SHA5121151e227086964ec19c11eb388ace411a56a6e1da96409b2bfdb5313fb5df75223add437a653decf3afdfbd2be2cde421c512f9de423ad74f2ebbaf81119d8fc
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\master[1].htm
Filesize114B
MD5e89f75f918dbdcee28604d4e09dd71d7
SHA1f9d9055e9878723a12063b47d4a1a5f58c3eb1e9
SHA2566dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023
SHA5128df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b