712aeb30dcf1ab44d913e31315b266c6555d20b04711b011ec0e10a059576a66

Analysis

max time kernel
148s
max time network
150s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
20/06/2024, 18:16 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html
Size

6KB
MD5

08910591b8ee6cdb0ce27249566b9c5c
SHA1

1e25e1dcc2294ed5d3da9adcbf2523025aefbf58
SHA256

712aeb30dcf1ab44d913e31315b266c6555d20b04711b011ec0e10a059576a66
SHA512

539e82680a95199b98725411794c055c588847eae4629acc92dea5505559f54ebb3989acb2c0b44a35feedf51b6dbc21afcb7307f1f0635ac9c547418e73d6ec
SSDEEP

192:znYak/aQZCK4B/G7qD9hk3laZS0/aDnLy/oOj/RY:LG94wY9hWaZs7

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e0b7c03ae967a44598895794e0ef8cc9000000000200000000001066000000010000200000006232ae2ca14a5fb5e47bbe2838fef08bf1e593a215a8ef7024f72e3b9bff13c0000000000e80000000020000200000005536eff47ac652c844297847618ece7453b3680c017651921dab77b641b031b22000000014cc72367ca62ba23c6774ee61aaf8dfb2b4b0194f980d5c2b0ac098dae9629b400000007b636c052072d305e502807072ae91c43eb1953d9ba02d71c8a0ee3cf1c3b4df3e481abc047c15094b6c551c22e9b77a15abbd756d2da39b194c9e618f17d8de	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0a6e6023ec3da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "425069241"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{2D668091-2F31-11EF-9A72-56DE4A60B18F} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000e0b7c03ae967a44598895794e0ef8cc9000000000200000000001066000000010000200000008363b5333fd3675a70d2e9cef56bf6261b092b5b970e7a075b0ffe0e60ae4fe6000000000e800000000200002000000050a7ca16a3631211f35b9f3149d9b8948a1a801ab63e5bacc106beb924d83af390000000f8d550915d4ffb4ce03363d4a88edbd2ae003d03882c57d8ccfb933ab2d93eea03ba3c26f65e7a0c3e26dd976c21e7637945b39fce33726c089d9afd2b5f10eb8733f1420f5872d7790c58a617a0ba5bd20b544deab329f743c76aad68ea6988835d1e8345e61423bd2800c724ce52e2f5c127bfc8c9507be69aaa0bc9e224a4a67c7e2bdce781c1d790701b2944a54e400000008f598e8792d8411e8bffd2d32fc67aafd5e6aa87b99f08867217e2b10ec91a6ba4852d6be3f3aba34e11fc4de91c7794c80c3cd0ef31858fcecda28a142e080d	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2468	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2468	iexplore.exe
2468	iexplore.exe
2656	IEXPLORE.EXE
2656	IEXPLORE.EXE
2656	IEXPLORE.EXE
2656	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2468 wrote to memory of 2656	2468	iexplore.exe	28
PID 2468 wrote to memory of 2656	2468	iexplore.exe	28
PID 2468 wrote to memory of 2656	2468	iexplore.exe	28
PID 2468 wrote to memory of 2656	2468	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2468
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2468 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2656

Network

DNS

x.interia.pl

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

x.interia.pl

IN A

Response

x.interia.pl

IN A

217.74.65.42
DNS

interia.hit.gemius.pl

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

interia.hit.gemius.pl

IN A

Response

interia.hit.gemius.pl

IN A

217.74.74.29
DNS

IEXPLORE.EXE

Remote address:

217.74.65.42:80

Response

HTTP/1.1 408 Request Time-out

content-length: 110
cache-control: no-cache
content-type: text/html
connection: close
GET

http://x.interia.pl/inpl/inpl.ad.1.4.9.js

IEXPLORE.EXE

Remote address:

217.74.65.42:80

Request

GET /inpl/inpl.ad.1.4.9.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: x.interia.pl
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

content-type: text/javascript
last-modified: Wed, 01 Jul 2009 11:49:35 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CAO PSA OUR"
date: Thu, 20 Jun 2024 17:38:57 GMT
content-length: 1749
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 20 Jun 2024 18:38:57 GMT
cache-control: max-age=1814400
server: IPL/2.2
accept-ranges: bytes
GET

http://interia.hit.gemius.pl/xgemius.js

IEXPLORE.EXE

Remote address:

217.74.74.29:80

Request

GET /xgemius.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 20 Jun 2024 18:16:15 GMT
Expires: Fri, 21 Jun 2024 06:16:15 GMT
Server: GHC
Accept-Ranges: none
Cache-Control: max-age=43200
Last-Modified: Mon, 17 Jun 2024 08:08:07 GMT
Vary: Accept-Encoding,Origin
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Type: application/x-javascript
Content-Length: 20346
Content-Encoding: gzip
GET

http://interia.hit.gemius.pl/fpdata.js?href=

IEXPLORE.EXE

Remote address:

217.74.74.29:80

Request

GET /fpdata.js?href= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 20 Jun 2024 18:16:15 GMT
Expires: Wed, 19 Jun 2024 18:16:15 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://interia.hit.gemius.pl/_sslredir/fpdata.js?href=
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
GET

http://interia.hit.gemius.pl/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:80

Request

GET /_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 20 Jun 2024 18:16:17 GMT
Expires: Wed, 19 Jun 2024 18:16:17 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://interia.hit.gemius.pl/_sslredir/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap=
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
GET

http://interia.hit.gemius.pl/_1718907395472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907395&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:80

Request

GET /_1718907395472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907395&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 20 Jun 2024 18:16:36 GMT
Expires: Wed, 19 Jun 2024 18:16:36 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://interia.hit.gemius.pl/_sslredir/_1718907395472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907395&fpcap=
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
GET

http://interia.hit.gemius.pl/_1718907399466/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907399&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:80

Request

GET /_1718907399466/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907399&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 20 Jun 2024 18:16:40 GMT
Expires: Wed, 19 Jun 2024 18:16:40 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://interia.hit.gemius.pl/_sslredir/_1718907399466/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907399&fpcap=
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
GET

http://interia.hit.gemius.pl/_1718907401463/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907401&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:80

Request

GET /_1718907401463/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907401&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 20 Jun 2024 18:16:42 GMT
Expires: Wed, 19 Jun 2024 18:16:42 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://interia.hit.gemius.pl/_sslredir/_1718907401463/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907401&fpcap=
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
GET

http://www.google-analytics.com/ga.js

IEXPLORE.EXE

Remote address:

216.58.213.14:80

Request

GET /ga.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google-analytics.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 20 Jun 2024 17:28:11 GMT
Expires: Thu, 20 Jun 2024 19:28:11 GMT
Cache-Control: public, max-age=7200
Age: 2884
Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
GET

https://interia.hit.gemius.pl/_sslredir/fpdata.js?href=

IEXPLORE.EXE

Remote address:

217.74.74.29:443

Request

GET /_sslredir/fpdata.js?href= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 20 Jun 2024 18:16:17 GMT
Expires: Sat, 20 Jul 2024 18:16:17 GMT
Server: GHC
Accept-Ranges: none
Cache-Control: private, max-age=2592000
Last-Modified: Mon, 16 Jul 2012 10:03:40 GMT
ETag: PRIVATE7520710249
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=100
Content-Type: application/x-javascript
Content-Length: 269
GET

https://interia.hit.gemius.pl/_sslredir/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:443

Request

GET /_sslredir/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 20 Jun 2024 18:16:17 GMT
Expires: Wed, 19 Jun 2024 18:16:17 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:17 GMT
Set-Cookie: Gtest=KlGVGRGGQMQGKnm0Ia9WLccUssGMXP8cfRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Thu, 27 Jun 2024 18:16:17 GMT
Set-Cookie: Gdynp=ObTWkO9W5bIR3wDp2IgJfA8D1cfyn.A_ZvmxIH6tX8n.L7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:17 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: /__/_sslredir/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap=
Connection: keep-alive
Keep-Alive: timeout=100
Content-Length: 0
GET

https://interia.hit.gemius.pl/__/_sslredir/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:443

Request

GET /__/_sslredir/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive
Cookie: receive-cookie-deprecation=1; Gtest=KlGVGRGGQMQGKnm0Ia9WLccUssGMXP8cfRbG; Gdynp=ObTWkO9W5bIR3wDp2IgJfA8D1cfyn.A_ZvmxIH6tX8n.L7

Response

HTTP/1.1 200 OK

Date: Thu, 20 Jun 2024 18:16:17 GMT
Expires: Wed, 19 Jun 2024 18:16:17 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:17 GMT
Set-Cookie: Gtestem=~; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Fri, 1 Jan 2010 00:00:00 GMT
Set-Cookie: Gdyn=KlxW6RaGQMQGKnm0Ia9WLccUssGMXP8c25nSGssIIm78EMxnGoG1orCIL1BGGBPDGtGaEFQpmsMQGs..; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 20 Jul 2025 18:16:17 GMT
Set-Cookie: Gdynp=MxshhvOuOORiN57gPXI2XcvEl9ARJsRbPNOOo_PRqK3.r7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:17 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=100
Content-Type: application/x-javascript
Content-Length: 167
GET

https://interia.hit.gemius.pl/_sslredir/_1718907395472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907395&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:443

Request

GET /_sslredir/_1718907395472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907395&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive
Cookie: receive-cookie-deprecation=1; Gtest=KlGVGRGGQMQGKnm0Ia9WLccUssGMXP8cfRbG; Gdynp=MxshhvOuOORiN57gPXI2XcvEl9ARJsRbPNOOo_PRqK3.r7; Gdyn=KlxW6RaGQMQGKnm0Ia9WLccUssGMXP8c25nSGssIIm78EMxnGoG1orCIL1BGGBPDGtGaEFQpmsMQGs..

Response

HTTP/1.1 200 OK

Date: Thu, 20 Jun 2024 18:16:36 GMT
Expires: Wed, 19 Jun 2024 18:16:36 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:36 GMT
Set-Cookie: Gtest=; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Fri, 1 Jan 2010 00:00:00 GMT
Set-Cookie: Gdyn=KlS3KMXGQMQGKnm0Ia9WLccUssGMMHxYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0FcQssa; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 20 Jul 2025 18:16:36 GMT
Set-Cookie: Gdynp=MK2KKzTNLyRvTYAIf3jdxyMROTKt6sKgQrZtDG8jHZ..37; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:36 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=100
Content-Type: application/x-javascript
Content-Length: 2
GET

https://interia.hit.gemius.pl/_sslredir/_1718907399466/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907399&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:443

Request

GET /_sslredir/_1718907399466/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907399&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive
Cookie: receive-cookie-deprecation=1; Gdynp=MK2KKzTNLyRvTYAIf3jdxyMROTKt6sKgQrZtDG8jHZ..37; Gdyn=KlS3KMXGQMQGKnm0Ia9WLccUssGMMHxYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0FcQssa

Response

HTTP/1.1 200 OK

Date: Thu, 20 Jun 2024 18:16:40 GMT
Expires: Wed, 19 Jun 2024 18:16:40 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:40 GMT
Set-Cookie: Gdyn=KlQTsRaGQMQGKnm0Ia9WLccUssGMaHxYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0Fcxssa; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 20 Jul 2025 18:16:40 GMT
Set-Cookie: Gdynp=rU51JCZR1nnUbANjh4fzJdRregvtsP29XrK2upgrQcL.Q7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:40 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=100
Content-Type: application/x-javascript
Content-Length: 2
GET

https://interia.hit.gemius.pl/_sslredir/_1718907401463/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907401&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:443

Request

GET /_sslredir/_1718907401463/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907401&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive
Cookie: receive-cookie-deprecation=1; Gdynp=rU51JCZR1nnUbANjh4fzJdRregvtsP29XrK2upgrQcL.Q7; Gdyn=KlQTsRaGQMQGKnm0Ia9WLccUssGMaHxYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0Fcxssa

Response

HTTP/1.1 200 OK

Date: Thu, 20 Jun 2024 18:16:42 GMT
Expires: Wed, 19 Jun 2024 18:16:42 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:42 GMT
Set-Cookie: Gdyn=KlSu3RaGQMQGKnm0Ia9WLccUssGMeHxYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0FcMssa; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 20 Jul 2025 18:16:42 GMT
Set-Cookie: Gdynp=Mr9xozfjPzNu6J0P.GiaJUcG15dx15Fqf9v6KH269_P.U7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:16:42 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=100
Content-Type: application/x-javascript
Content-Length: 2
GET

https://interia.hit.gemius.pl/_sslredir/_1718907455485/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907455&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:443

Request

GET /_sslredir/_1718907455485/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907455&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive
Cookie: receive-cookie-deprecation=1; Gdynp=Mr9xozfjPzNu6J0P.GiaJUcG15dx15Fqf9v6KH269_P.U7; Gdyn=KlSu3RaGQMQGKnm0Ia9WLccUssGMeHxYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0FcMssa

Response

HTTP/1.1 200 OK

Date: Thu, 20 Jun 2024 18:17:36 GMT
Expires: Wed, 19 Jun 2024 18:17:36 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:17:36 GMT
Set-Cookie: Gdyn=KlxHeMGGQMQGKnm0Ia9WLccUssGMGHPYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0DQSs8.; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 20 Jul 2025 18:17:36 GMT
Set-Cookie: Gdynp=4gGBijb2eKEA2Il1eDZDDzTaBkTwXUL1iuZOz1E0N7z.s7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:17:36 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=100
Content-Type: application/x-javascript
Content-Length: 2
GET

https://interia.hit.gemius.pl/_sslredir/_1718907457467/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907457&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:443

Request

GET /_sslredir/_1718907457467/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907457&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive
Cookie: receive-cookie-deprecation=1; Gdynp=4gGBijb2eKEA2Il1eDZDDzTaBkTwXUL1iuZOz1E0N7z.s7; Gdyn=KlxHeMGGQMQGKnm0Ia9WLccUssGMGHPYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0DQSs8.

Response

HTTP/1.1 200 OK

Date: Thu, 20 Jun 2024 18:17:38 GMT
Expires: Wed, 19 Jun 2024 18:17:38 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:17:38 GMT
Set-Cookie: Gdyn=KlQN-MGGQMQGKnm0Ia9WLccUssGMQHPYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0Fc1ssa; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 20 Jul 2025 18:17:38 GMT
Set-Cookie: Gdynp=HRYb8lXCIPdvjyD8C0KNw2BvOYbgYrMjantcV9eBAAb.e7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:17:38 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=100
Content-Type: application/x-javascript
Content-Length: 2
DNS

tinnily.info

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

tinnily.info

IN A

Response

tinnily.info

IN A

103.224.212.212
GET

http://tinnily.info/cgi-bin/counter?id=896005&k=mudcats+nc&ref=

IEXPLORE.EXE

Remote address:

103.224.212.212:80

Request

GET /cgi-bin/counter?id=896005&k=mudcats+nc&ref= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: tinnily.info
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

date: Thu, 20 Jun 2024 18:16:16 GMT
server: Apache
set-cookie: __tad=1718907376.7155384; expires=Sun, 18-Jun-2034 18:16:16 GMT; Max-Age=315360000
location: http://ww25.tinnily.info/cgi-bin/counter?id=896005&k=mudcats+nc&ref=&subid1=20240621-0416-166b-a08f-170ba3840ef9
content-length: 2
content-type: text/html; charset=UTF-8
connection: close
DNS

IEXPLORE.EXE

Remote address:

103.224.212.212:80

Response

HTTP/1.1 408 Request Time-out

content-length: 110
cache-control: no-cache
content-type: text/html
connection: close
DNS

ww25.tinnily.info

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ww25.tinnily.info

IN A

Response

ww25.tinnily.info

IN CNAME

77026.bodis.com

77026.bodis.com

IN A

199.59.243.226
GET

http://ww25.tinnily.info/cgi-bin/counter?id=896005&k=mudcats+nc&ref=&subid1=20240621-0416-166b-a08f-170ba3840ef9

IEXPLORE.EXE

Remote address:

199.59.243.226:80

Request

GET /cgi-bin/counter?id=896005&k=mudcats+nc&ref=&subid1=20240621-0416-166b-a08f-170ba3840ef9 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ww25.tinnily.info
Connection: Keep-Alive
Cookie: __tad=1718907376.7155384

Response

HTTP/1.1 200 OK

date: Thu, 20 Jun 2024 18:16:15 GMT
content-type: text/html; charset=utf-8
content-length: 1306
x-request-id: ea55ed24-6fd8-4679-904b-32d41eda85a4
cache-control: no-store, max-age=0
accept-ch: sec-ch-prefers-color-scheme
critical-ch: sec-ch-prefers-color-scheme
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_jO5UlyAWyp83/25eGIMhG2vs2awjrQ/DBGto/b4FSADaLblW8O5gn9l3yBQlN7AQnquERacxuXwMWYZBM8zOVQ==
set-cookie: parking_session=ea55ed24-6fd8-4679-904b-32d41eda85a4; expires=Thu, 20 Jun 2024 18:31:16 GMT; path=/
DNS

IEXPLORE.EXE

Remote address:

199.59.243.226:80

Response

HTTP/1.1 408 Request Time-out

Content-length: 110
Cache-Control: no-cache
Connection: close
Content-Type: text/html
DNS

www.microsoft.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.34.233.128
DNS

www.microsoft.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.34.233.128
GET

http://interia.hit.gemius.pl/_1718907455485/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907455&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:80

Request

GET /_1718907455485/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907455&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 20 Jun 2024 18:17:36 GMT
Expires: Wed, 19 Jun 2024 18:17:36 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://interia.hit.gemius.pl/_sslredir/_1718907455485/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907455&fpcap=
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
GET

http://interia.hit.gemius.pl/_1718907457467/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907457&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:80

Request

GET /_1718907457467/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907457&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 20 Jun 2024 18:17:38 GMT
Expires: Wed, 19 Jun 2024 18:17:38 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://interia.hit.gemius.pl/_sslredir/_1718907457467/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907457&fpcap=
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
GET

http://interia.hit.gemius.pl/_1718907522472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907522&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:80

Request

GET /_1718907522472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907522&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 20 Jun 2024 18:18:43 GMT
Expires: Wed, 19 Jun 2024 18:18:43 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://interia.hit.gemius.pl/_sslredir/_1718907522472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907522&fpcap=
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
GET

https://interia.hit.gemius.pl/_sslredir/_1718907522472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907522&fpcap=

IEXPLORE.EXE

Remote address:

217.74.74.29:443

Request

GET /_sslredir/_1718907522472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907522&fpcap= HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: interia.hit.gemius.pl
Connection: Keep-Alive
Cookie: receive-cookie-deprecation=1; Gdynp=HRYb8lXCIPdvjyD8C0KNw2BvOYbgYrMjantcV9eBAAb.e7; Gdyn=KlQN-MGGQMQGKnm0Ia9WLccUssGMQHPYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0Fc1ssa

Response

HTTP/1.1 200 OK

Date: Thu, 20 Jun 2024 18:18:43 GMT
Expires: Wed, 19 Jun 2024 18:18:43 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:18:43 GMT
Set-Cookie: Gdyn=KlxhTMXGQMQGKnm0Ia9WLccUssGMxHrYFenxmG88eu7oLFxSG7lrGS6GwDitFlM1YH8PlexaG0FcPssa; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 20 Jul 2025 18:18:43 GMT
Set-Cookie: Gdynp=0JG3v11vjS9Bf_.UXPsKAHcZaxqp2ToVoCRt6BDcFrX.Q7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Sun, 20 Jul 2025 18:18:43 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=100
Content-Type: application/x-javascript
Content-Length: 2

217.74.65.42:80

x.interia.pl

http

IEXPLORE.EXE

282 B
405 B
6
4

HTTP Response

408
217.74.65.42:80

http://x.interia.pl/inpl/inpl.ad.1.4.9.js

http

IEXPLORE.EXE

540 B
2.4kB
6
5

HTTP Request

GET http://x.interia.pl/inpl/inpl.ad.1.4.9.js

HTTP Response

200
217.74.74.29:80

http://interia.hit.gemius.pl/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap=

http

IEXPLORE.EXE

2.1kB
23.6kB
18
21

HTTP Request

GET http://interia.hit.gemius.pl/xgemius.js

HTTP Response

200

HTTP Request

GET http://interia.hit.gemius.pl/fpdata.js?href=

HTTP Response

301

HTTP Request

GET http://interia.hit.gemius.pl/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap=

HTTP Response

301
217.74.74.29:80

http://interia.hit.gemius.pl/_1718907401463/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907401&fpcap=

http

IEXPLORE.EXE

2.7kB
3.6kB
10
6

HTTP Request

GET http://interia.hit.gemius.pl/_1718907395472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907395&fpcap=

HTTP Response

301

HTTP Request

GET http://interia.hit.gemius.pl/_1718907399466/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907399&fpcap=

HTTP Response

301

HTTP Request

GET http://interia.hit.gemius.pl/_1718907401463/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907401&fpcap=

HTTP Response

301
216.58.213.14:80

http://www.google-analytics.com/ga.js

http

IEXPLORE.EXE

858 B
18.3kB
13
16

HTTP Request

GET http://www.google-analytics.com/ga.js

HTTP Response

200
216.58.213.14:80

www.google-analytics.com

IEXPLORE.EXE

190 B
92 B
4
2
217.74.74.29:443

https://interia.hit.gemius.pl/_sslredir/_1718907457467/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907457&fpcap=

tls, http

IEXPLORE.EXE

9.4kB
15.2kB
27
19

HTTP Request

GET https://interia.hit.gemius.pl/_sslredir/fpdata.js?href=

HTTP Response

200

HTTP Request

GET https://interia.hit.gemius.pl/_sslredir/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap=

HTTP Response

301

HTTP Request

GET https://interia.hit.gemius.pl/__/_sslredir/_1718907376235/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907376&fpcap=

HTTP Response

200

HTTP Request

GET https://interia.hit.gemius.pl/_sslredir/_1718907395472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907395&fpcap=

HTTP Response

200

HTTP Request

GET https://interia.hit.gemius.pl/_sslredir/_1718907399466/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907399&fpcap=

HTTP Response

200

HTTP Request

GET https://interia.hit.gemius.pl/_sslredir/_1718907401463/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907401&fpcap=

HTTP Response

200

HTTP Request

GET https://interia.hit.gemius.pl/_sslredir/_1718907455485/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907455&fpcap=

HTTP Response

200

HTTP Request

GET https://interia.hit.gemius.pl/_sslredir/_1718907457467/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907457&fpcap=

HTTP Response

200
103.224.212.212:80

http://tinnily.info/cgi-bin/counter?id=896005&k=mudcats+nc&ref=

http

IEXPLORE.EXE

516 B
547 B
5
4

HTTP Request

GET http://tinnily.info/cgi-bin/counter?id=896005&k=mudcats+nc&ref=

HTTP Response

302
103.224.212.212:80

tinnily.info

http

IEXPLORE.EXE

236 B
365 B
5
3

HTTP Response

408
199.59.243.226:80

http://ww25.tinnily.info/cgi-bin/counter?id=896005&k=mudcats+nc&ref=&subid1=20240621-0416-166b-a08f-170ba3840ef9

http

IEXPLORE.EXE

973 B
3.0kB
13
6

HTTP Request

GET http://ww25.tinnily.info/cgi-bin/counter?id=896005&k=mudcats+nc&ref=&subid1=20240621-0416-166b-a08f-170ba3840ef9

HTTP Response

200
199.59.243.226:80

ww25.tinnily.info

http

IEXPLORE.EXE

282 B
445 B
6
5

HTTP Response

408
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

799 B
7.8kB
10
13
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

799 B
7.8kB
10
13
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

831 B
7.8kB
10
13
217.74.74.29:80

http://interia.hit.gemius.pl/_1718907457467/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907457&fpcap=

http

IEXPLORE.EXE

1.9kB
2.5kB
8
5

HTTP Request

GET http://interia.hit.gemius.pl/_1718907455485/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907455&fpcap=

HTTP Response

301

HTTP Request

GET http://interia.hit.gemius.pl/_1718907457467/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907457&fpcap=

HTTP Response

301
217.74.74.29:80

interia.hit.gemius.pl

IEXPLORE.EXE

98 B
52 B
2
1
217.74.74.29:80

http://interia.hit.gemius.pl/_1718907522472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907522&fpcap=

http

IEXPLORE.EXE

939 B
1.2kB
4
2

HTTP Request

GET http://interia.hit.gemius.pl/_1718907522472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907522&fpcap=

HTTP Response

301
217.74.74.29:443

https://interia.hit.gemius.pl/_sslredir/_1718907522472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907522&fpcap=

tls, http

IEXPLORE.EXE

1.6kB
4.9kB
7
6

HTTP Request

GET https://interia.hit.gemius.pl/_sslredir/_1718907522472/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1718907377&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F08910591b8ee6cdb0ce27249566b9c5c_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=mJ.ctRXGCRtTWMe0FFXC9Jx9lK5SzSq1Rsa9WliwYHH.07%7C1718907377&ltime=0&fr=1&ref=&inner=_ver%3D351%7C_lsd%3DnoLoStrg&exid=667471ee34ca7549&brts=1718907522&fpcap=

HTTP Response

200

8.8.8.8:53

x.interia.pl

dns

IEXPLORE.EXE

58 B
74 B
1
1

DNS Request

x.interia.pl

DNS Response

217.74.65.42
8.8.8.8:53

interia.hit.gemius.pl

dns

IEXPLORE.EXE

67 B
83 B
1
1

DNS Request

interia.hit.gemius.pl

DNS Response

217.74.74.29
8.8.8.8:53

tinnily.info

dns

IEXPLORE.EXE

58 B
74 B
1
1

DNS Request

tinnily.info

DNS Response

103.224.212.212
8.8.8.8:53

ww25.tinnily.info

dns

IEXPLORE.EXE

63 B
108 B
1
1

DNS Request

ww25.tinnily.info

DNS Response

199.59.243.226
8.8.8.8:53

www.microsoft.com

dns

iexplore.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.34.233.128
8.8.8.8:53

www.microsoft.com

dns

iexplore.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.34.233.128

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
bff7a0b470a529ec0d9fa9b12da99a76

SHA1
c6c2f486f1c83378fe5cc2ed32237d19dfa94e30

SHA256
ec352a5cb59fe4f72916a00c07d15ecafabde17bae890650a4cbcb2658183eca

SHA512
2d72004c90d05b1d198320a364a89d9f0882a859638738630bd7c34340c77576cbef29cfd73854882808b262c5c3c70b5f2973719e64475939cae8d4af31c0fd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1f1dd6291e4f8b43e70df091793df4b2

SHA1
ef6b0894d5cba552ad50f67752c4da54005ad7e3

SHA256
e58dac2dc58918de66b2be8136b785bf6b826ff66d6aaa74b89039739daf9ed5

SHA512
6656f8cd010c651f1d41624329fbf8f32e9f0b53698552745803c3f8b864083002f21844192f215e7e5982c4f6ec63332a5118d27dd78463a7e1b77156eb0bdd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b9f1de719afec9a36d98ed113c4166aa

SHA1
92f8db6ea4d1b862080bf287e45fdbbbde25b8ba

SHA256
d33d2ff2cd85a4a489a319baa54d652802f951e01f8a5c673950eacd95e3f5f0

SHA512
b442b5563da1b1946c27b53912d8379e3d7ede245860c5bfb2c00a3ac2e83b7e281f288cff3f10ff983f4bf113ad1ba5e69de07e1bdc854705e4d9887722aa43

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3f6398deedd14e1355e3ff6f3d78f4e9

SHA1
091a536375f1d1ab2a169d2ce2f8b9ff63f5ecb5

SHA256
c29e0ac9d9fb6000699540e64af474dfca96cddfa66d2b50190e4c306bc4edfe

SHA512
1c09282a7f3c6ae145ce2c7c4ae969806607d1eb59755ad4ad1bc82943b12a5aaa2e931aac69ad16f851e941d127741123955fc91109df4b81efd43654fc5ce8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5bd18239a5dcab8d8d88b54eed5ef693

SHA1
31269fc0121799e92cfff850312500fc84f7dca1

SHA256
ce1fe9f19985e3862e1c84288cf242f98fd0d01701fde7bfe9fb2bcf03095698

SHA512
85967eda5fad936cc931b12696cac70687cd959a95fc4a37060dd11211923090524df911108dcb9da25c97df37b4d77136724d9f93ac32a4bd06e86bc3b0091b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
54a29c910348737fd4491858cccbaa6d

SHA1
f0b2f3aa69e6c9188417c3b509deb424cd9cfdc0

SHA256
a19d6e190f8547b3916c8259f4caac54f6b1063781455df97a233f69be52e20e

SHA512
521a6d8254745fec411c635471c681bfeb3b2e42547d82ca11b365881de53b87a1d569ee5eff2b888ca84c9f05a47f9329563008b35232212a010f49d96b4b71

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b7f84cbcd061ebb623dc1a59d9da2f2c

SHA1
0e6894373f1c83d97e42a4638dd60b2d3b7b8125

SHA256
986ded1db055baf467903dec78915897929639e1ddbd61a8d08db690a8831a90

SHA512
e8c2c9b06cb7b2326b4ee39555510cfce5d0cf53d4d2553df826e4aaec14947bfdc7c11cd1021366556eaf41f186903f3e2d8c635e326df782043d54217ff869

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5396746949104c61e5b9831bc7bab905

SHA1
53b7689f14f99ab7eabd82bdc63e28124a3eb12a

SHA256
e633926cb6d09aad4febcbe4af5638a4df45c315fa6c6192e88cccdcea0b0699

SHA512
85610afd90153877975c95e7cbb3727795be349dd34f469d93cb9e253b5eec15e007052970994053e3c4991aab4c00e239dfb6b6057a165007a7ccbe9002fa73

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
783e8f071379921a03f039358c0fcfc5

SHA1
a24e2bc685aa04e030b3b02cb6def251b2faf020

SHA256
109af37e508f88de43933703c2b66ebf5393a731447614cfa3e6910b1cdcba84

SHA512
aff61b3f9b5a0f72c562a337ff38174a00b5684c8a407ed5ceeb0cc0dbdba220edff30070394bf835c90e1c2e2105a1e6f407359e59dc50a744e2acaa4e7ee77

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b728c7d17c126f0179771e3de915ae56

SHA1
0fe345c8b36982a16fed66cd236e184f2693873e

SHA256
235d3548b66895070f82b00d937c0b544bd37073b3b3346c5cbf517ffd5b67a9

SHA512
3481379fb94c0ef6a1b338a75ed7664378ffece7f3760d46ccf2436939657f254efb17dcc5fb778b0eabd6e8de51bd20807cd96222460c8a6db58f93328c2821

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bb84f73e73b44c2f4b27e5023d573dab

SHA1
af8426e9dce860c04d081e665a2ac6962d9c5ff5

SHA256
db89f83f17633a0c14c7392348600f5d843ffa5ceb0c97d4910276f150527a17

SHA512
e966e73a679cdb0c962ae9ed04a824e7fd597f959230e54839902a188933f33eea4b822f459f0519dbd7fd0e892465fd3d27dfe15f893a9aa140dab5cf66a553

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
395e70c3dde1ba8039137946225e2f74

SHA1
fe25cb84fd4ac7f883663d66fd36415d2c9517d4

SHA256
fcde8cbdc56b1ebe479363ed33317aa1b8c4fc00956c895de9faf038ce0ff3b5

SHA512
39308e00cdc124e25d355544c23e39480ea0f760ad09f7d4b9f6aee77d68c2fca14a332cf6a7dfa785d9f0ef601df2bfd8afbe27aafe6fcf7259d892a9158d85

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b97738098d5878dc71644e4f1deb985

SHA1
9d9fd1c1c118bafda3bbd215fa9e4181f991c175

SHA256
e5b1c7d9f09e97bcc5aac4aa18c0e011b9d78157776af3b681c6caa5eef96cb6

SHA512
86e4ae8cf69f1233137b4766250a0566741c32613bbda5d9b449c265f47aa673089b689d135713e9b545d0b9a34f29363851cc576aaeb064ee65ddf438e42e85

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
10ba796fac4388767f28d1d8e96ff516

SHA1
2627e4b1df84084c4f04588b408d2ceabed43969

SHA256
9afcc4a5a90d25582106412cd1521c5bf23bc8c39c983377e36b7682d787ee59

SHA512
b640b59eef1c22af5c25c197ac3f6d93a284d4d47c23126e74c775bfb90609b3bdd40ee322d4ec83fc5ee3d47f0cc9b180a7a8287a3fa752b21093763cacf9d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d4d890f0751e1a2a368b7d968cb22561

SHA1
b241cff38c64aa784f2c1cf8a4f2a20ddbe4b551

SHA256
6710d4d5991f3647f10b6942ee17f41eb41776050c371716ae04d0ac187886ff

SHA512
8d253bcf8c107caa1256053fa3ec805e3c5dd777a5286f4140291021e6c19a3f2711e1b00173ff8506459c817e3cd3878d19d16389fb0f492510c46b4780af7c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8074fc01d0eef0a5826a8912a61d1c64

SHA1
877af40834a2e7eb1ca329ea2474c15584562304

SHA256
a947efa430718a20d754b777d9af026122c2174f8319a9ad5e685ccb3de1fe44

SHA512
7a05b505f0ac27a56e2c104b5faccbf2f66f3406a276a567bbf48d434f8257505cc7d753d058604ea28145f1661ea83feb23f9262928e4afff5f73a94ffae259

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
71914919696106a3c0fbe25d928d31a4

SHA1
78fcfc41c7db14b95fd5cd48bc674794e385bf7d

SHA256
a8abc7fe01e3b649d62d5996f7f16e82ccb0987039acbd9cea2a1cd02920bfa1

SHA512
228b8a1961cef8044915fa528cfebe18ee95c7f7cadd69a266c6eb1437dfb6b4debd1212864f3ba9da8ec8f6cb8802a08fb2c82e31d7806e19ca7ea59ebf2ad9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e118ed6c43c60ff973aba3b9f3b8881e

SHA1
088133e0450620efcfec254c5601097564154697

SHA256
0c8322572152d66b2cbb97c9bd4d1aefd884e2e163f5fbedc9d03c87effbb956

SHA512
3d6de4c65a20df65240dc457e7c397d2accd5fb60b7868d387a8f34499728dce4965f0938d5384a219e11fd70cfd25bbaa03a2a3bc5635064c5fb768e37b57c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
77dc54d0abf306a4cdd044d59ce5b9e3

SHA1
329be9bb2e23a5eed2b033a85c59fa464b3576be

SHA256
ea4a820a6cc67bc755fbd8dbcb6001a936e41dccde439a118fbd66fcb0947f89

SHA512
e10b7c38722bb025f53292133784d6c80e85a70c82ab26419da179c1ef6cecef1f1d77794eb63192131fce0dc4118c4167fed1e2e77c6a3c39da603d819b67c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
995eda4e28d265c5e3127ab27d3f6a92

SHA1
80c8a36ff3f5e3122f3618b7552d58b7178a0cba

SHA256
0626ef48571763e9e85a8458fdfda781a853bc49885181f05b2b2e8eb2c9b27e

SHA512
03ff2d12c584501f122033c7c875cf905ed585ff18596fc1b5d6e9127ba63c7b0acf7d432db16b6f5d291dd2966e0fdcff31aa02849197bf4541d6bba71d7135

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
ed536219d5e14282d2e8131cc3c1ff69

SHA1
7001feb2cf3090c74f3fbaa29288004e88a11fc6

SHA256
82481087148172e398866a10721c142faabf6ab721e52df1aab38386cad4461e

SHA512
1b8883f4b2732405eda9c7febd0e0c2e2467cae0ce4ca4ab5c737c13517ece90edcf7cbe7c38c14802ee978b253f2e6097edcc299073bafb67c44457e044b5e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar16C3.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.