Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
130s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
01/07/2024, 16:50 UTC
Static task
static1
Behavioral task
behavioral1
Sample
1bc2f099f316129dbfebfcb28114a96e_JaffaCakes118.html
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1bc2f099f316129dbfebfcb28114a96e_JaffaCakes118.html
Resource
win10v2004-20240226-en
General
-
Target
1bc2f099f316129dbfebfcb28114a96e_JaffaCakes118.html
-
Size
20KB
-
MD5
1bc2f099f316129dbfebfcb28114a96e
-
SHA1
d30329a20f3810fa31c92b549fa2a232daf34ad4
-
SHA256
d6a4b366dc258dd2d48be3ea3abe8dbc965ce1986e2e79bb5330c6c54865c1e3
-
SHA512
b0cbb64edb53540a2a9b10f7c302aa25b4251adb572f493938b100996c29f2916dc36cb178c93e185994c1d9c7cd541aa4a9f47f791d11037f1d76d9c95eedf6
-
SSDEEP
384:mcGR0nYW+Ic+1ttUKBSIkE0ShF6lRVJJ3nDql6eIF0zGWLK0:mDA+It1ttUKBSIkE0SD6lf3Dqlyw
Malware Config
Signatures
-
description ioc Process Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1A28BE71-37CA-11EF-B04F-52AF0AAB4D51} = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0a1b3f9d6cbda01 iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e9361000000000200000000001066000000010000200000008ae1c6e6173a30f6cc13d6f5d8e52c0ec70e1bd05e35b44cee57d1fd2e626328000000000e80000000020000200000003d60e8767538532dd5c1ea89f649ae0e92c946f404a517fb6ff1fa2a9f266d54900000009ef2cffe3dad20df0a6f71122096b89eb3792ce00ea7ec749f629604924e8e83b8d7faeb9d219470e3e03338e646dbbb3fa1657cdabe4c4808b507f8f5a2d84d08a9dad9049ad88322279cb28c9d6eddabdf52693191644f169e3fe06c4f9214d9ecae6c46f1e4439667dc55ba2492eac62088747c2a30a2073b3c12d9040e9e7b3c01b593d19c1e718eb303ac5a532e40000000fe7cc8236782717605d527d089c96ee2de93bf90b71dfd9fc2bad0c27b70a51e6dd82ea12b5a0f6123ed7f8343f25dc337069b5fd35b7da91fe24e624b8aef33 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "426014531" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000767b3221dcf203ff4afe2d1f757727c48d082c76b5618dfb84b5d7b50ecce593000000000e8000000002000020000000350592f8f776a158e8f5d83c839096fdd88efcf3dee5373342021b037111661f20000000a28d428af2bb6a1a2fc5ff2a4b33d281db0ba445e3256a8f835fab49639a1779400000002d1c035a096456e0d538f38a659f8132c26f26b2178b1257ad934007d9b7863a1ebcc6e5ba8cae2bb6eb4a46381466a28b4e8e0429a65b95aab9b6b6be5955f9 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 1844 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 1844 iexplore.exe 1844 iexplore.exe 3040 IEXPLORE.EXE 3040 IEXPLORE.EXE 3040 IEXPLORE.EXE 3040 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 1844 wrote to memory of 3040 1844 iexplore.exe 28 PID 1844 wrote to memory of 3040 1844 iexplore.exe 28 PID 1844 wrote to memory of 3040 1844 iexplore.exe 28 PID 1844 wrote to memory of 3040 1844 iexplore.exe 28
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1bc2f099f316129dbfebfcb28114a96e_JaffaCakes118.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1844 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1844 CREDAT:275457 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:3040
-
Network
-
Remote address:8.8.8.8:53Requestwww.chip.deIN AResponsewww.chip.deIN CNAMEwww.chip.de.27643.edgekey.netwww.chip.de.27643.edgekey.netIN CNAMEe27643.dscf.akamaiedge.nete27643.dscf.akamaiedge.netIN A2.16.56.141e27643.dscf.akamaiedge.netIN A2.16.56.143
-
Remote address:8.8.8.8:53Requestforum.chip.deIN AResponseforum.chip.deIN CNAMEchip.vanillacommunities.comchip.vanillacommunities.comIN CNAMEsite-6030169.onvanilla.netsite-6030169.onvanilla.netIN A162.159.128.79site-6030169.onvanilla.netIN A162.159.138.78
-
Remote address:2.16.56.141:80RequestGET /css/_merged/forum.css?v=40039 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://www.chip.de/css/_merged/forum.css?v=40039
Date: Mon, 01 Jul 2024 16:51:05 GMT
Connection: keep-alive
Permissions-Policy: ch-ua-model=*,ch-ua-platform-version=*
Accept-CH: sec-ch-ua-model,sec-ch-ua-platform-version
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
-
Remote address:2.16.56.141:80RequestGET /js/omniture_somtr_code_vH.20.3.js?version=H.20.3.20100723 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://www.chip.de/js/omniture_somtr_code_vH.20.3.js?version=H.20.3.20100723
Date: Mon, 01 Jul 2024 16:51:05 GMT
Connection: keep-alive
Permissions-Policy: ch-ua-model=*,ch-ua-platform-version=*
Accept-CH: sec-ch-ua-model,sec-ch-ua-platform-version
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
-
Remote address:162.159.128.79:80RequestGET /clientscript/vbulletin_important.css?v=383 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 01 Jul 2024 17:51:05 GMT
Location: https://forum.chip.de/clientscript/vbulletin_important.css?v=383
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89c7e618fcf3940b-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:80RequestGET /clientscript/ncode_imageresizer.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 01 Jul 2024 17:51:05 GMT
Location: https://forum.chip.de/clientscript/ncode_imageresizer.js
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89c7e6193d4f940b-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:80RequestGET /clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=383 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 01 Jul 2024 17:51:05 GMT
Location: https://forum.chip.de/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=383
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89c7e618fb8b94f9-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:80RequestGET /clientscript/_merged/jQuery.js?t=42779 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 01 Jul 2024 17:51:05 GMT
Location: https://forum.chip.de/clientscript/_merged/jQuery.js?t=42779
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89c7e6193bd794f9-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:80RequestGET /clientscript/yui/connection/connection-min.js?v=383 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 01 Jul 2024 17:51:05 GMT
Location: https://forum.chip.de/clientscript/yui/connection/connection-min.js?v=383
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89c7e618fd9d94ba-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:80RequestGET /clientscript/vbulletin_global.js?v=383 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 01 Jul 2024 17:51:05 GMT
Location: https://forum.chip.de/clientscript/vbulletin_global.js?v=383
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89c7e618f9366439-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:80RequestGET /clientscript/vbulletin_css/style-aea0c703-00006.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 01 Jul 2024 17:51:05 GMT
Location: https://forum.chip.de/clientscript/vbulletin_css/style-aea0c703-00006.css
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89c7e618fcd7d168-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:80RequestGET /clientscript/vbulletin_menu.js?v=38320100630 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 01 Jul 2024 17:51:05 GMT
Location: https://forum.chip.de/clientscript/vbulletin_menu.js?v=38320100630
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89c7e618ffa99478-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:80RequestGET /clientscript/_merged/headfoot_forum.js?t=42781 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 01 Jul 2024 17:51:05 GMT
Location: https://forum.chip.de/clientscript/_merged/headfoot_forum.js?t=42781
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89c7e6193ff09478-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:2.16.56.141:443RequestGET /css/_merged/forum.css?v=40039 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Content-Length: 181389
Server: nginx
x-404: true
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: v6_BcoCCx8xOjQbB4-oorCt_rUAdxIymQ_nteFIpVomPtYtSntGQjA==
Expires: Mon, 01 Jul 2024 16:51:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 01 Jul 2024 16:51:06 GMT
Connection: keep-alive
Permissions-Policy: ch-ua-model=*,ch-ua-platform-version=*
Accept-CH: sec-ch-ua-model,sec-ch-ua-platform-version
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
-
Remote address:2.16.56.141:443RequestGET /js/omniture_somtr_code_vH.20.3.js?version=H.20.3.20100723 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Content-Length: 181389
Server: nginx
x-404: true
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: Nt-lNVuodtLXT2egT4xCoW78DmHn5FteGn7prsIX632f9oanCSweGw==
Expires: Mon, 01 Jul 2024 16:51:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 01 Jul 2024 16:51:06 GMT
Connection: keep-alive
Permissions-Policy: ch-ua-model=*,ch-ua-platform-version=*
Accept-CH: sec-ch-ua-model,sec-ch-ua-platform-version
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
-
Remote address:162.159.128.79:443RequestGET /clientscript/vbulletin_css/style-aea0c703-00006.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-lookup-mode: normal
x-app: fc7e72c8a07b2f9c328b3f2c7b32831f5bbef1ef/cl40013
p3p: CP="CAO PSA OUR"
x-request-id: 89c7e63f8b768924-YYZ
x-vanilla-version: 2024.012
vary: Accept-Encoding, Cookie
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 0
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jul 2024 16:53:12 GMT
x-backend: cl40013
x-vanilla-cache-control: public, max-age=120
x-cache-tag: resourceType:static,deviceType:desktop
cache-control: private, no-cache, max-age=0, must-revalidate
x-backend-time: 2024-07-01T16:51:12Z
CF-Cache-Status: BYPASS
Server: cloudflare
CF-RAY: 89c7e63f8b768924-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:443RequestGET /clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=383 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-lookup-mode: normal
x-app: fc7e72c8a07b2f9c328b3f2c7b32831f5bbef1ef/cl40013
p3p: CP="CAO PSA OUR"
x-request-id: 89c7e61db9bd9535-YYZ
x-vanilla-version: 2024.012
vary: Accept-Encoding, Cookie
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 0
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jul 2024 16:53:06 GMT
x-backend: cl40013
x-vanilla-cache-control: public, max-age=120
x-cache-tag: resourceType:static,deviceType:desktop
cache-control: private, no-cache, max-age=0, must-revalidate
x-backend-time: 2024-07-01T16:51:06Z
CF-Cache-Status: BYPASS
Server: cloudflare
CF-RAY: 89c7e61db9bd9535-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:443RequestGET /clientscript/vbulletin_menu.js?v=38320100630 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-lookup-mode: normal
x-app: 013e655b531f99f1902a354611a82f5aa35537d6/cl40013
p3p: CP="CAO PSA OUR"
x-request-id: 89c7e6450b4563d5-YYZ
x-vanilla-version: 2024.012
vary: Accept-Encoding, Cookie
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 0
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jul 2024 16:53:13 GMT
x-backend: cl40013
x-vanilla-cache-control: public, max-age=120
x-cache-tag: resourceType:static,deviceType:desktop
cache-control: private, no-cache, max-age=0, must-revalidate
x-backend-time: 2024-07-01T16:51:13Z
CF-Cache-Status: BYPASS
Server: cloudflare
CF-RAY: 89c7e6450b4563d5-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:443RequestGET /clientscript/_merged/headfoot_forum.js?t=42781 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-lookup-mode: normal
x-app: 013e655b531f99f1902a354611a82f5aa35537d6/cl40013
p3p: CP="CAO PSA OUR"
x-request-id: 89c7e6302fa26530-YYZ
x-vanilla-version: 2024.012
vary: Accept-Encoding, Cookie
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 0
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jul 2024 16:53:09 GMT
x-backend: cl40013
x-vanilla-cache-control: public, max-age=120
x-cache-tag: resourceType:static,deviceType:desktop
cache-control: private, no-cache, max-age=0, must-revalidate
x-backend-time: 2024-07-01T16:51:09Z
CF-Cache-Status: BYPASS
Server: cloudflare
CF-RAY: 89c7e6302fa26530-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:443RequestGET /clientscript/vbulletin_global.js?v=383 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-lookup-mode: normal
x-app: d0bef3cfcc364246022b4c19596e145f4c02929e/cl40013
p3p: CP="CAO PSA OUR"
x-request-id: 89c7e630388b94bd-YYZ
x-vanilla-version: 2024.012
vary: Accept-Encoding, Cookie
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 0
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jul 2024 16:53:09 GMT
x-backend: cl40013
x-vanilla-cache-control: public, max-age=120
x-cache-tag: resourceType:static,deviceType:desktop
cache-control: private, no-cache, max-age=0, must-revalidate
x-backend-time: 2024-07-01T16:51:09Z
CF-Cache-Status: BYPASS
Server: cloudflare
CF-RAY: 89c7e630388b94bd-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:443RequestGET /clientscript/_merged/jQuery.js?t=42779 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-lookup-mode: normal
x-app: fc7e72c8a07b2f9c328b3f2c7b32831f5bbef1ef/cl40013
p3p: CP="CAO PSA OUR"
x-request-id: 89c7e61edd1a7190-YYZ
x-vanilla-version: 2024.012
vary: Accept-Encoding, Cookie
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 0
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jul 2024 16:53:06 GMT
x-backend: cl40013
x-vanilla-cache-control: public, max-age=120
x-cache-tag: resourceType:static,deviceType:desktop
cache-control: private, no-cache, max-age=0, must-revalidate
x-backend-time: 2024-07-01T16:51:06Z
CF-Cache-Status: BYPASS
Server: cloudflare
CF-RAY: 89c7e61edd1a7190-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:443RequestGET /clientscript/yui/connection/connection-min.js?v=383 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-lookup-mode: normal
x-app: f288bcd5e6bd6962d96dca6660a4da4a9f6906ae/cl40013
p3p: CP="CAO PSA OUR"
x-request-id: 89c7e61eecc363d9-YYZ
x-vanilla-version: 2024.012
vary: Accept-Encoding, Cookie
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 0
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jul 2024 16:53:07 GMT
content-encoding: gzip
x-backend: cl40013
x-vanilla-cache-control: public, max-age=120
x-cache-tag: resourceType:static,deviceType:desktop
cache-control: private, no-cache, max-age=0, must-revalidate
x-backend-time: 2024-07-01T16:51:07Z
CF-Cache-Status: BYPASS
Server: cloudflare
CF-RAY: 89c7e61eecc363d9-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:162.159.128.79:443RequestGET /clientscript/ncode_imageresizer.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: forum.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 404
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-lookup-mode: normal
x-app: 1d75b3b8823c9fb1dd23d214873236da06a4b39e/cl40013
p3p: CP="CAO PSA OUR"
x-request-id: 89c7e6225a6a9497-YYZ
x-vanilla-version: 2024.012
vary: Accept-Encoding, Cookie
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 0
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jul 2024 16:53:07 GMT
x-backend: cl40013
x-vanilla-cache-control: public, max-age=120
x-cache-tag: resourceType:static,deviceType:desktop
cache-control: private, no-cache, max-age=0, must-revalidate
x-backend-time: 2024-07-01T16:51:07Z
CF-Cache-Status: BYPASS
Server: cloudflare
CF-RAY: 89c7e6225a6a9497-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
-
Remote address:8.8.8.8:53Requestchip.ivwbox.deIN AResponse
-
Remote address:8.8.8.8:53Requestrl.chip.deIN AResponse
-
Remote address:8.8.8.8:53Requestr.chip.deIN AResponser.chip.deIN CNAMEr.chip.de.27643.edgekey.netr.chip.de.27643.edgekey.netIN CNAMEe27643.dscf.akamaiedge.nete27643.dscf.akamaiedge.netIN A2.16.56.143e27643.dscf.akamaiedge.netIN A2.16.56.141
-
Remote address:216.58.213.14:80RequestGET /ga.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google-analytics.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Mon, 01 Jul 2024 15:30:20 GMT
Expires: Mon, 01 Jul 2024 17:30:20 GMT
Cache-Control: public, max-age=7200
Age: 4859
Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
-
Remote address:2.16.56.143:80ResponseHTTP/1.0 408 Request Time-out
Mime-Version: 1.0
Date: Mon, 01 Jul 2024 16:51:55 GMT
Content-Type: text/html
Content-Length: 312
Expires: Mon, 01 Jul 2024 16:51:55 GMT
-
GEThttp://r.chip.de/images/pic.gif?m=c1&nc=0&sep=%2C&tce=1&c=23276087&b=4042906&l=3892&tid=Viren,%20Trojaner,%20W�rmer&tp=9223%2C21453%2C8&tn=28_Viren%2C+Trojaner%2C+W%FCrmer&tpn=Home%2CChip_Forum%2C8_Specials&tc=9223%2C21453%2C8%2CViren%2C+Trojaner%2C+W%FCrmer&con=1&tit=showpost%3A+showpost&url=http%3A%2F%2Fforum.chip.de%2Fshowpost.php%3Fp%3D3642104%26postcount%3D5&json=0&random=0.6481992553996747&r=&sz=1280x720x24&cs=1IEXPLORE.EXERemote address:2.16.56.143:80RequestGET /images/pic.gif?m=c1&nc=0&sep=%2C&tce=1&c=23276087&b=4042906&l=3892&tid=Viren,%20Trojaner,%20W�rmer&tp=9223%2C21453%2C8&tn=28_Viren%2C+Trojaner%2C+W%FCrmer&tpn=Home%2CChip_Forum%2C8_Specials&tc=9223%2C21453%2C8%2CViren%2C+Trojaner%2C+W%FCrmer&con=1&tit=showpost%3A+showpost&url=http%3A%2F%2Fforum.chip.de%2Fshowpost.php%3Fp%3D3642104%26postcount%3D5&json=0&random=0.6481992553996747&r=&sz=1280x720x24&cs=1 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: r.chip.de
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Length: 4
Expires: Mon, 01 Jul 2024 16:51:19 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Mon, 01 Jul 2024 16:51:19 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A2.21.189.233
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A2.21.189.233
-
631 B 1.4kB 8 6
HTTP Request
GET http://www.chip.de/css/_merged/forum.css?v=40039HTTP Response
301 -
2.16.56.141:80http://www.chip.de/js/omniture_somtr_code_vH.20.3.js?version=H.20.3.20100723httpIEXPLORE.EXE627 B 1.0kB 7 5
HTTP Request
GET http://www.chip.de/js/omniture_somtr_code_vH.20.3.js?version=H.20.3.20100723HTTP Response
301 -
814 B 1.3kB 6 5
HTTP Request
GET http://forum.chip.de/clientscript/vbulletin_important.css?v=383HTTP Response
301HTTP Request
GET http://forum.chip.de/clientscript/ncode_imageresizer.jsHTTP Response
301 -
951 B 1.9kB 8 6
HTTP Request
GET http://forum.chip.de/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=383HTTP Response
301HTTP Request
GET http://forum.chip.de/clientscript/_merged/jQuery.js?t=42779HTTP Response
301 -
162.159.128.79:80http://forum.chip.de/clientscript/yui/connection/connection-min.js?v=383httpIEXPLORE.EXE617 B 817 B 7 6
HTTP Request
GET http://forum.chip.de/clientscript/yui/connection/connection-min.js?v=383HTTP Response
301 -
604 B 804 B 7 6
HTTP Request
GET http://forum.chip.de/clientscript/vbulletin_global.js?v=383HTTP Response
301 -
162.159.128.79:80http://forum.chip.de/clientscript/vbulletin_css/style-aea0c703-00006.csshttpIEXPLORE.EXE551 B 777 B 6 5
HTTP Request
GET http://forum.chip.de/clientscript/vbulletin_css/style-aea0c703-00006.cssHTTP Response
301 -
162.159.128.79:80http://forum.chip.de/clientscript/_merged/headfoot_forum.js?t=42781httpIEXPLORE.EXE946 B 1.9kB 8 6
HTTP Request
GET http://forum.chip.de/clientscript/vbulletin_menu.js?v=38320100630HTTP Response
301HTTP Request
GET http://forum.chip.de/clientscript/_merged/headfoot_forum.js?t=42781HTTP Response
301 -
570 B 92 B 4 2
-
1.7kB 33.9kB 25 30
HTTP Request
GET https://www.chip.de/css/_merged/forum.css?v=40039HTTP Response
404 -
2.16.56.141:443https://www.chip.de/js/omniture_somtr_code_vH.20.3.js?version=H.20.3.20100723tls, httpIEXPLORE.EXE1.9kB 34.0kB 29 31
HTTP Request
GET https://www.chip.de/js/omniture_somtr_code_vH.20.3.js?version=H.20.3.20100723HTTP Response
404 -
162.159.128.79:443https://forum.chip.de/clientscript/vbulletin_css/style-aea0c703-00006.csstls, httpIEXPLORE.EXE2.3kB 38.6kB 33 44
HTTP Request
GET https://forum.chip.de/clientscript/vbulletin_css/style-aea0c703-00006.cssHTTP Response
404 -
162.159.128.79:443https://forum.chip.de/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=383tls, httpIEXPLORE.EXE2.5kB 50.1kB 40 49
HTTP Request
GET https://forum.chip.de/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=383HTTP Response
404 -
162.159.128.79:443https://forum.chip.de/clientscript/vbulletin_menu.js?v=38320100630tls, httpIEXPLORE.EXE3.0kB 51.7kB 45 55
HTTP Request
GET https://forum.chip.de/clientscript/vbulletin_menu.js?v=38320100630HTTP Response
404 -
162.159.128.79:443https://forum.chip.de/clientscript/_merged/headfoot_forum.js?t=42781tls, httpIEXPLORE.EXE2.6kB 30.9kB 36 41
HTTP Request
GET https://forum.chip.de/clientscript/_merged/headfoot_forum.js?t=42781HTTP Response
404 -
162.159.128.79:443https://forum.chip.de/clientscript/vbulletin_global.js?v=383tls, httpIEXPLORE.EXE3.8kB 73.6kB 68 73
HTTP Request
GET https://forum.chip.de/clientscript/vbulletin_global.js?v=383HTTP Response
404 -
162.159.128.79:443https://forum.chip.de/clientscript/_merged/jQuery.js?t=42779tls, httpIEXPLORE.EXE3.6kB 71.6kB 65 71
HTTP Request
GET https://forum.chip.de/clientscript/_merged/jQuery.js?t=42779HTTP Response
404 -
162.159.128.79:443https://forum.chip.de/clientscript/yui/connection/connection-min.js?v=383tls, httpIEXPLORE.EXE1.5kB 17.3kB 19 22
HTTP Request
GET https://forum.chip.de/clientscript/yui/connection/connection-min.js?v=383HTTP Response
404 -
3.6kB 73.3kB 65 67
HTTP Request
GET https://forum.chip.de/clientscript/ncode_imageresizer.jsHTTP Response
404 -
518 B 215 B 6 5
-
382 B 262 B 7 6
-
290 B 88 B 6 2
-
858 B 18.3kB 13 16
HTTP Request
GET http://www.google-analytics.com/ga.jsHTTP Response
200 -
190 B 92 B 4 2
-
288 B 692 B 6 4
HTTP Response
408 -
2.16.56.143:80http://r.chip.de/images/pic.gif?m=c1&nc=0&sep=%2C&tce=1&c=23276087&b=4042906&l=3892&tid=Viren,%20Trojaner,%20W�rmer&tp=9223%2C21453%2C8&tn=28_Viren%2C+Trojaner%2C+W%FCrmer&tpn=Home%2CChip_Forum%2C8_Specials&tc=9223%2C21453%2C8%2CViren%2C+Trojaner%2C+W%FCrmer&con=1&tit=showpost%3A+showpost&url=http%3A%2F%2Fforum.chip.de%2Fshowpost.php%3Fp%3D3642104%26postcount%3D5&json=0&random=0.6481992553996747&r=&sz=1280x720x24&cs=1httpIEXPLORE.EXE937 B 394 B 6 4
HTTP Request
GET http://r.chip.de/images/pic.gif?m=c1&nc=0&sep=%2C&tce=1&c=23276087&b=4042906&l=3892&tid=Viren,%20Trojaner,%20W�rmer&tp=9223%2C21453%2C8&tn=28_Viren%2C+Trojaner%2C+W%FCrmer&tpn=Home%2CChip_Forum%2C8_Specials&tc=9223%2C21453%2C8%2CViren%2C+Trojaner%2C+W%FCrmer&con=1&tit=showpost%3A+showpost&url=http%3A%2F%2Fforum.chip.de%2Fshowpost.php%3Fp%3D3642104%26postcount%3D5&json=0&random=0.6481992553996747&r=&sz=1280x720x24&cs=1HTTP Response
200 -
753 B 7.8kB 9 13
-
753 B 7.8kB 9 13
-
831 B 7.8kB 10 13
-
57 B 169 B 1 1
DNS Request
www.chip.de
DNS Response
2.16.56.1412.16.56.143
-
59 B 172 B 1 1
DNS Request
forum.chip.de
DNS Response
162.159.128.79162.159.138.78
-
60 B 110 B 1 1
DNS Request
chip.ivwbox.de
-
56 B 122 B 1 1
DNS Request
rl.chip.de
-
55 B 165 B 1 1
DNS Request
r.chip.de
DNS Response
2.16.56.1432.16.56.141
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
2.21.189.233
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
2.21.189.233
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
914B
MD5e4a68ac854ac5242460afd72481b2a44
SHA1df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA5125622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
1KB
MD5a266bb7dcc38a562631361bbf61dd11b
SHA13b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA5120da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
Filesize252B
MD511e25329194e9c8e21c94f172834eb24
SHA1ef020c06d16fa16abde902a672dc5d64987d20ae
SHA2564d7422ef3969ee461d2013dad3b5ebc3f393f3a6a7041112abb1cdc14d23a41d
SHA512837c26150749bb02b3ce91cb913d9d9c059f0c7e140657a5e37fa5a9e1a2bd8f55da6fad256c05b7d63915e6c79a0c54f173876086f5f701e7464ca251db1c11
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD56a9bfacda5e7682438f43086033d1361
SHA1e69d49846bf1898a60d969b0a79cca279b2271f0
SHA2569e1e02fea8d1484b5b177bc733cdfd78d079fa725db31e4489dc757157fcbb6b
SHA512e78a69d1221b7e63f64af90b48800ccbec039ea87fb416388b1f34ae8586d9fd1881c0f4009e44bebb3dc0e845c553c082451ce124d9f6eb90fef35840723bc8
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD53a1714c0a7d389a6e4e6775fa92a9dab
SHA13b6b6248968a9a8cc93a17aae0f7ada828e3f313
SHA2565093e4dc71ae8c3a38ee5cc946719f30cc0f91ca1e97c92d48efd93396ab75b4
SHA512e55c8d8159b65d8ebd23f1007886ae2dd2db7c62dfb709a733035df61f7b57cf3dbdf90e63c98f43730a1ae822ebd55eaa5eafa31760df6bc3da51a028b514eb
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5f530202f4970fd33190cc643641a647a
SHA1fc08ac6324673b7b6579c05079e32f45be2ebc1f
SHA25622ad9b45db5339cc4d2963d3021ace4e41443d2b352702c8c721731c7a41c41c
SHA512ae55cd2564366c53009d994c8101e4bede53bce780ef45eef0ba44f55d6a7d0455754b9c67e060348b578a88f4c5581b819c278a2db54d550ccc3824612729c4
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5c54613fc61b5781923e6236cacf746e4
SHA1248aab88408fabbcf8d736a0efb4850ceea4ad3d
SHA25626819065a2fa534ea193fc646f01304b115c8414a6a6913ee8d789db6a359605
SHA5121836e0908df29e91714ee21effc0d1f9d41f45cbad94808a9065c3d64e1b9ee80696227f09537bd6d9523762b2941695b75bbb47c7a83777c522d95a2cc17145
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5eabdeaad7b7d4854fa6a149aa6ffd49c
SHA1964a53424ebdedf600691f5cfe61159fd0be38f5
SHA2566295e2d2fc3c3160c4d7c87035927624917de190010f951e658ee14c893dd5a6
SHA5122ab8760cef4318a806cccf021ec3f7f211f2b60e0b5be548441be3b25b5cdff571ec58d8c162096a1363cfc664ff2817c36e4ea8521242ede275c09ed049ce5c
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5015d065bffaf84bfbb5c20ede4220428
SHA19f7d90c9aefd55ff9ef1a141b2a05fc37cd3f2f0
SHA25674ca2c5a0b228f4e72801ad81b73e1388289a8c5f4f40da8ae2408081b1a73f9
SHA512eee08f0a45384776d3c3f79754ee8b981f1af302e4a47d351b9d657a4c8916610177e0106e9624bd7c07c374e7a2bdd93ee438bc7ae452c0d803ee9f6930c754
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD500b1f31a1854d27d1d3bccc933759960
SHA112b6162d299ef66534fce6888e510713416e5e25
SHA25636bea10d14244e33a8878bcc2b9990f470b0f5342263a5819d1af23d87bd2f97
SHA51232d1e91221c4d26830d1e0fc86eab1bf0916062a7d6a90dc47754fa01c1adebaab23bf4f23218ac153ea375e73377eee2319a1acee911fe4131ecfdf9dcb4760
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD59ee95b4dfd3791334589378a694df782
SHA116bf6e7ae224689c4724e5de23d7092dc16aa8ea
SHA25602cee7bf1d9c84ab15e42606ebaf368805cddceafdd17dc97c492b95462ec54f
SHA5127afaea778f38c4017a99fcc4aa181105a73ebc78f368c735a75fc05184222f33a8f2ef2588cf8490656f401b972e7ce1ed0455211c82d914b4edc308d8ca807e
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5f7e5110be979c04a980144307b6c63f6
SHA1c5aa0654cae6cfc38712f3c8a787fc9575f7eaa5
SHA2566e30586e519cdb66cad2272f77180450cb7d7d3a87a1740af8dd288360fe8554
SHA5128bdcb80bcdf921ed413b46a80cbd7466c49c1defaf1665bc9d6c10222d96273b5b80d7fdea85c1c2d0047cb5ddaca5cf728db462ea3870f2b0ee540ac2493106
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD500ff07c97ade60cc06173ab2dbbb0662
SHA15590aa098836584645a9aef0f51c7765bba111cf
SHA25672374f8b51ad2e8333c9aaa3087899ba23ab5dab29653c4bbd0e4470224b23b3
SHA512a7e36214906144eef04843e97d3479fdf398c511d65f5fea6f31dd52d6b5c4c3d8b63b7ffc3398a2af1ff59164639760dc575fb743743da03820890b12afbebf
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD58861a24df4e2bf8ace48948ff72fd814
SHA15740d0c08bc9fe9998a4ea6e72067b5de45a0bd0
SHA256bc781a989a664a61118b416a083e1ce31665c2be5ee24f91d365726929690561
SHA5127011e9c943802da12bde8e6c17b59a08a461429fe983ef50341cf950a05464505c2ab049e994a894e7ea1af3900882fcae5ee0278bd36700136bc24a6d88ae4f
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD569cbc35cd700f86ae60a00958350dd1c
SHA1536a6facee8f430ed448be6778b136e906af4d42
SHA25601051a52c7c40ca3f986b0c4302a0c27ee8e39d0af3e438642438d0143fd4d2a
SHA512861fb3bd344618eea9af0632d861c97c34faec7197810d13496a5c238cb5afb6da1006d69266fa745e79ebe3550c23e100d2d18b0f1a3a0a14d95f8053b85866
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD51e4f544e0b14fcef055ae145bc4dc3f0
SHA1443f3ef150541ffb67924adc98ec9f8d49228d3b
SHA2568746822893cd9da3342885b033622636c5114bf92feecbc9ed3e8440609e61c0
SHA512c6750834a4b0a8509fbe005581d0ed49d9ebff71d218599e6f3d39ab976ae6b2e9cdab2d01db546d2419f25c9202f18281ea9f3948b3a4c4394517d01cfd425d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD578e1f937653f9f7f37ecbc0108e9f261
SHA1b9223c618f5a0d693c5a6a02b9ec45ef9efb1ac7
SHA256b47bb06f152acdaa3d32de231625c0b720ac9ed73d691457bc85dfaff8eaa4b6
SHA512b142731f37ab4c0862a9200a3d1243ffa281f93a137faf0a158269195bdd147a8da4bc592a56f7f84b036da26ca21aed50ee32d2376b558c2061d39d9f24acde
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5353c54f79904cdf82e822e49efc3f353
SHA16fbd1fd5a907b2564fd9d07e028b595c87460df2
SHA256a5ee5f2e8259700f47de962675a28c28e6b71ffb374784d123ed1afe214ff388
SHA51222c15ad078b8c06cac1b15d6bc37aed34ef1fa0ea5923b522038f093a501879a154d5a67cf78dce80de3e688fb5f05662279f7f2b6c72e5da7f89646c8e25ef2
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5aa6cb48617c06d024084acee49af82d0
SHA154f1fbf6210f12f558625d0992a79ae6fd35eeee
SHA2567d82aefcc9f73323e0d1fab4f7196a08f0d0e11dbbde5c4d84fa0ba027cbe84b
SHA512a5be369c5d60a61db1c7e336c67466935cb1ac6dca3b839159bcdcb13b36235790a30fc37f91781b57c21bbae91273c692bd5e359ea7879a5bf747833748c0fb
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5711722d39ad23b2457e6ada7c05eb538
SHA15d3111a4fe88da4702c4197fab9d3a3dbc812e56
SHA25666a340ab811e6f23aee53675c7c5ae01bfbbb39a47589da14af9148337ebb653
SHA512ed9e23e9af017c6e4eb4a123deea20fc23e5085176e001556735aa63c4d8311a8c5974bf0567dd759dbed0ca0293b5d6bd40a63e3569595dd49e534fdf41e9bd
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5cfac182a702ac309b0129cb2c8850d44
SHA1a52543eae9ca284fb5d5ce12e69c56c97b86b68b
SHA2561067f85bb406896f1c7ca40292eca1e17b07df68f51cc75704a69505b87daa1a
SHA512cac02def26bf5362b2a1521dd6502efd78154da1f05a7618438772052128fe6aa3e04cd3a2653f64b44bb3658f36c2b94324385ad04b71b675d282262f7afebf
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5c1f665e382e067e2299038de3eec9a89
SHA1e8f7dc06305f0e7c15036fd8c9d40d4adb29edbe
SHA256266189891f3fd634881d845f2473875006cffb38612ada1505ef3d8fd745862b
SHA512f1e3fb751bd656251a0feae52d51aa0e0aed88da388edfadcfa91f1298c6c3a40378f81a1f06a63ef6dacf13fb5710542717ef55e5b2a421fef159b1978f3f7f
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5493c16a8522c4ebf484b1ba4c08d22f4
SHA14e49e0cce83fe43e0f7a7c76a7665db77aad6999
SHA2565699f73b2a5dd16276ac056b97242ed24af1357f83d2247d3c747cfffd2ec4b8
SHA5128fca58e0b89f601c429b8d330f1b1f5b2030df41a5da83b5c0b7fdad61306b74cf3c1bfc55b75227eaa4bf1f41b3e4b04ba5e7748967292a23d4b3dd98df98ef
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
Filesize242B
MD58b7816b4dcdbf67803fc4dcaaa596a8b
SHA1387fd03c93d95976001c0dc57578fa0a23ec7664
SHA2566b327d8957a3317cb102e6833d39c82701bb4c86d50ceaa7c6aa0a32191f1183
SHA512f56a7c8b5383e95e9ff198a40b04d348e14a492b37db8a8488b105519fc23dfd2fac6681ab83d716c45384edcaa2dc6184c2e30dc185e78337dae80265d1e863
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G17BROQF\headfoot_forum[1].htm
Filesize167B
MD50104c301c5e02bd6148b8703d19b3a73
SHA17436e0b4b1f8c222c38069890b75fa2baf9ca620
SHA256446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
SHA51284427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf
-
Filesize
68KB
MD529f65ba8e88c063813cc50a4ea544e93
SHA105a7040d5c127e68c25d81cc51271ffb8bef3568
SHA2561ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184
SHA512e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa
-
Filesize
177KB
MD5435a9ac180383f9fa094131b173a2f7b
SHA176944ea657a9db94f9a4bef38f88c46ed4166983
SHA25667dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34
SHA5121a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b