c90b124f4428d6a6964f4bb6638c1f99383be6310a87bc5a3da49890e1431982

Analysis

max time kernel
145s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
25/07/2024, 13:27 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6fc313a8debf96382fe5a205fd15a562_JaffaCakes118.html
Size

53KB
MD5

6fc313a8debf96382fe5a205fd15a562
SHA1

4488cf510904b8664b3d8d934be34c4fb2038ba2
SHA256

c90b124f4428d6a6964f4bb6638c1f99383be6310a87bc5a3da49890e1431982
SHA512

a6e87a8777ec457181ce4d698d90c42a06ff5faead13f1fad74e5926dd5ef1fdf77d29cbb74d74d366ec774389ca9ecd70731de5d8817e23d7236a1c5c4bd78f
SSDEEP

1536:CkgUiIakTqGivi+PyU6runlY263Nj+q5VyvR0w2AzTICbbIoH/t9M/dNwIUTDmDI:CkgUiIakTqGivi+PyU6runlY263Nj+qW

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4876	msedge.exe
4876	msedge.exe
5040	msedge.exe
5040	msedge.exe
4844	identity_helper.exe
4844	identity_helper.exe
5452	msedge.exe
5452	msedge.exe
5452	msedge.exe
5452	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe
5040	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5040 wrote to memory of 644	5040	msedge.exe	84
PID 5040 wrote to memory of 644	5040	msedge.exe	84
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 1804	5040	msedge.exe	85
PID 5040 wrote to memory of 4876	5040	msedge.exe	86
PID 5040 wrote to memory of 4876	5040	msedge.exe	86
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87
PID 5040 wrote to memory of 4672	5040	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6fc313a8debf96382fe5a205fd15a562_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcbc3746f8,0x7ffcbc374708,0x7ffcbc374718
  2⤵
  PID:644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2492 /prefetch:8
  2⤵
  PID:4672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:3684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:1240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:1688
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 /prefetch:8
  2⤵
  PID:2196
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:2752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,14862577577106938144,13381457595167702926,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2480 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5452

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1312

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4044

Network

DNS

www.wintotal-forum.de

msedge.exe

Remote address:

8.8.8.8:53

Request

www.wintotal-forum.de

IN A

Response

www.wintotal-forum.de

IN A

195.15.233.57
GET

http://www.wintotal-forum.de/Themes/WT2/style.css?fin11

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/style.css?fin11 HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/style.css?fin11
GET

http://www.wintotal-forum.de/Themes/WT2/images/upshrink.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/upshrink.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/upshrink.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/topic/normal_post.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/topic/normal_post.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/topic/normal_post.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/post/solved.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/post/solved.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/post/solved.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/post/xx.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/post/xx.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/post/xx.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/Male.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/Male.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/Male.gif
GET

http://www.wintotal-forum.de/Smileys/smilies_smf/cool.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Smileys/smilies_smf/cool.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Smileys/smilies_smf/cool.gif
GET

http://www.wintotal-forum.de/Glossar/glossar-js.php

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Glossar/glossar-js.php HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Glossar/glossar-js.php
GET

http://www.wintotal-forum.de/Themes/default/spellcheck.js

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/default/spellcheck.js HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/default/spellcheck.js
GET

http://www.wintotal-forum.de/Themes/default/xml_topic.js

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/default/xml_topic.js HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/default/xml_topic.js
GET

http://www.wintotal-forum.de/Themes/WT2/images/star.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/star.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/star.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/stargmod.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/stargmod.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/stargmod.gif
GET

http://www.wintotal-forum.de/Themes/default/print.css?fin11

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/default/print.css?fin11 HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/default/print.css?fin11
GET

http://www.wintotal-forum.de/favicon.ico

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /favicon.ico HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:50 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/favicon.ico
GET

http://www.wintotal-forum.de/Themes/default/script.js?fin11

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/default/script.js?fin11 HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/default/script.js?fin11
GET

http://www.wintotal-forum.de/Themes/default/sha1.js

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/default/sha1.js HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/default/sha1.js
GET

http://www.wintotal-forum.de/Themes/WT2/images/WT/wt-logo.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/WT/wt-logo.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/WT/wt-logo.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/topic_starter.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/topic_starter.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/topic_starter.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/useron.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/useron.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/useron.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/WT/nav_unten.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/WT/nav_unten.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/WT/nav_unten.gif
GET

https://www.wintotal-forum.de/Themes/WT2/style.css?fin11

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/style.css?fin11 HTTP/2.0
host: www.wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

x-powered-by: PHP/7.4.10
content-type: text/html; charset=UTF-8
expires: Thu, 25 Jul 2024 14:19:56 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://wintotal-forum.de/Themes/WT2/style.css?fin11
x-litespeed-cache: hit
content-length: 0
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
GET

https://www.wintotal-forum.de/Glossar/glossar-js.php

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Glossar/glossar-js.php HTTP/2.0
host: www.wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

x-powered-by: PHP/7.4.10
content-type: text/html; charset=UTF-8
expires: Thu, 25 Jul 2024 14:14:40 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://wintotal-forum.de/Glossar/glossar-js.php
x-litespeed-cache: hit
content-length: 0
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://www.wintotal-forum.de/Themes/default/script.js?fin11

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/script.js?fin11 HTTP/2.0
host: www.wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

x-powered-by: PHP/7.4.10
content-type: text/html; charset=UTF-8
expires: Thu, 25 Jul 2024 13:38:26 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://wintotal-forum.de/Themes/default/script.js?fin11
x-litespeed-cache: hit
content-length: 0
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/style.css?fin11

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/style.css?fin11 HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/default/script.js?fin11

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/script.js?fin11 HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10748
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Glossar/glossar-js.php

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Glossar/glossar-js.php HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/default/script.js?fin11

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/script.js?fin11 HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10748
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://www.wintotal-forum.de/Themes/default/sha1.js

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/sha1.js HTTP/2.0
host: www.wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

x-powered-by: PHP/7.4.10
content-type: text/html; charset=UTF-8
expires: Thu, 25 Jul 2024 13:38:28 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://wintotal-forum.de/Themes/default/sha1.js
x-litespeed-cache: hit
content-length: 0
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://www.wintotal-forum.de/Themes/default/spellcheck.js

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/spellcheck.js HTTP/2.0
host: www.wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

x-powered-by: PHP/7.4.10
content-type: text/html; charset=UTF-8
expires: Thu, 25 Jul 2024 14:14:40 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://wintotal-forum.de/Themes/default/spellcheck.js
x-litespeed-cache: hit
content-length: 0
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/style.css?fin11

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/style.css?fin11 HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/default/sha1.js

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/sha1.js HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/default/spellcheck.js

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/spellcheck.js HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:47 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/default/spellcheck.js

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/spellcheck.js HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:48 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/default/xml_topic.js

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/xml_topic.js HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/WT/wt-logo.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/WT/wt-logo.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/upshrink.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/upshrink.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/filter.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/filter.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/topic/normal_post.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/topic/normal_post.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/topic_starter.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/topic_starter.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/star.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/star.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/useroff.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/useroff.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10747
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/post/solved.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/post/solved.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10748
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/post/xx.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/post/xx.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10748
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Smileys/smilies_smf/shocked.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Smileys/smilies_smf/shocked.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/www_sm.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/www_sm.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Smileys/smilies_smf/cry.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Smileys/smilies_smf/cry.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10747
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/Male.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/Male.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:49 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Smileys/smilies_smf/cool.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Smileys/smilies_smf/cool.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:50 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/Female.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/Female.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:50 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/stargmod.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/stargmod.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Jul 2024 13:27:50 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/WT/nav_unten.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/WT/nav_unten.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:50 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/default/print.css?fin11

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/default/print.css?fin11 HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 10721
date: Thu, 25 Jul 2024 13:27:50 GMT
server: LiteSpeed
GET

https://wintotal-forum.de/Themes/WT2/images/useron.gif

msedge.exe

Remote address:

195.15.233.57:443

Request

GET /Themes/WT2/images/useron.gif HTTP/2.0
host: wintotal-forum.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

x-powered-by: PHP/7.4.10
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://wintotal-forum.de/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 01e_HTTP.404,01e_404,01e_URL.fd17ec01633835d85265b964fcd76a06,01e_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Jul 2024 13:27:50 GMT
server: LiteSpeed
DNS

wintotal-forum.de

msedge.exe

Remote address:

8.8.8.8:53

Request

wintotal-forum.de

IN A

Response

wintotal-forum.de

IN A

195.15.233.57
DNS

57.233.15.195.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.233.15.195.in-addr.arpa

IN PTR

Response
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
GET

http://www.wintotal-forum.de/Themes/WT2/images/filter.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/filter.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/filter.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/useroff.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/useroff.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:47 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/useroff.gif
GET

http://www.wintotal-forum.de/Smileys/smilies_smf/shocked.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Smileys/smilies_smf/shocked.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Smileys/smilies_smf/shocked.gif
GET

http://www.wintotal-forum.de/Themes/WT2/images/www_sm.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/www_sm.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/www_sm.gif
GET

http://www.wintotal-forum.de/Smileys/smilies_smf/cry.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Smileys/smilies_smf/cry.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Smileys/smilies_smf/cry.gif
DNS

adsrv.wintotal-forum.de

msedge.exe

Remote address:

8.8.8.8:53

Request

adsrv.wintotal-forum.de

IN A

Response
DNS

wintotal.de.intellitxt.com

msedge.exe

Remote address:

8.8.8.8:53

Request

wintotal.de.intellitxt.com

IN A

Response
GET

http://www.wintotal-forum.de/Themes/WT2/images/Female.gif

msedge.exe

Remote address:

195.15.233.57:80

Request

GET /Themes/WT2/images/Female.gif HTTP/1.1
Host: www.wintotal-forum.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 25 Jul 2024 13:27:49 GMT
Server: LiteSpeed
Location: https://www.wintotal-forum.de/Themes/WT2/images/Female.gif
DNS

71.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.31.126.40.in-addr.arpa

IN PTR

Response
DNS

19.58.20.217.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.58.20.217.in-addr.arpa

IN PTR

Response
DNS

183.142.211.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.142.211.20.in-addr.arpa

IN PTR

Response
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

171.39.242.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.39.242.20.in-addr.arpa

IN PTR

Response
DNS

172.214.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
DNS

172.214.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR
DNS

73.144.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.144.22.2.in-addr.arpa

IN PTR

Response

73.144.22.2.in-addr.arpa

IN PTR

a2-22-144-73deploystaticakamaitechnologiescom
DNS

29.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.243.111.52.in-addr.arpa

IN PTR

Response
DNS

29.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.243.111.52.in-addr.arpa

IN PTR
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

ax-0001.ax-msedge.net

ax-0001.ax-msedge.net

IN A

150.171.28.10

ax-0001.ax-msedge.net

IN A

150.171.27.10
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A
GET

https://tse1.mm.bing.net/th?id=OADD2.10239339384869_1U4BU5OP1KBSS4EDT&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239339384869_1U4BU5OP1KBSS4EDT&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 544366
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1CC07FC42F9E477D8972C961CDCFF497 Ref B: LON04EDGE0812 Ref C: 2024-07-25T13:29:41Z
date: Thu, 25 Jul 2024 13:29:41 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301065_19TESU14MC7PCJXY2&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239317301065_19TESU14MC7PCJXY2&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 485352
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15DD413F7EF846F7A8B8B446B175792C Ref B: LON04EDGE0812 Ref C: 2024-07-25T13:29:41Z
date: Thu, 25 Jul 2024 13:29:41 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360288117_16I5EGVAT5N2GH79F&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239360288117_16I5EGVAT5N2GH79F&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
GET

https://tse1.mm.bing.net/th?id=OADD2.10239339384870_1WSZL43T6U4G68XY0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239339384870_1WSZL43T6U4G68XY0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301498_17NQSSF7P234KKL2V&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239317301498_17NQSSF7P234KKL2V&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

195.15.233.57:80

http://www.wintotal-forum.de/Smileys/smilies_smf/cool.gif

http

msedge.exe

3.3kB
7.0kB
16
11

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/style.css?fin11

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/upshrink.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/topic/normal_post.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/post/solved.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/post/xx.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/Male.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Smileys/smilies_smf/cool.gif

HTTP Response

301
195.15.233.57:80

http://www.wintotal-forum.de/favicon.ico

http

msedge.exe

4.5kB
7.1kB
22
14

HTTP Request

GET http://www.wintotal-forum.de/Glossar/glossar-js.php

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/default/spellcheck.js

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/default/xml_topic.js

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/star.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/stargmod.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/default/print.css?fin11

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/favicon.ico

HTTP Response

301
195.15.233.57:80

http://www.wintotal-forum.de/Themes/WT2/images/WT/nav_unten.gif

http

msedge.exe

3.3kB
6.0kB
16
10

HTTP Request

GET http://www.wintotal-forum.de/Themes/default/script.js?fin11

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/default/sha1.js

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/WT/wt-logo.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/topic_starter.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/useron.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/WT/nav_unten.gif

HTTP Response

301
195.15.233.57:443

https://wintotal-forum.de/Themes/WT2/images/useron.gif

tls, http2

msedge.exe

15.1kB
317.8kB
239
266

HTTP Request

GET https://www.wintotal-forum.de/Themes/WT2/style.css?fin11

HTTP Request

GET https://www.wintotal-forum.de/Glossar/glossar-js.php

HTTP Request

GET https://www.wintotal-forum.de/Themes/default/script.js?fin11

HTTP Response

301

HTTP Response

301

HTTP Response

301

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/style.css?fin11

HTTP Request

GET https://wintotal-forum.de/Themes/default/script.js?fin11

HTTP Request

GET https://wintotal-forum.de/Glossar/glossar-js.php

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Request

GET https://wintotal-forum.de/Themes/default/script.js?fin11

HTTP Response

404

HTTP Request

GET https://www.wintotal-forum.de/Themes/default/sha1.js

HTTP Request

GET https://www.wintotal-forum.de/Themes/default/spellcheck.js

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/style.css?fin11

HTTP Response

301

HTTP Response

301

HTTP Response

404

HTTP Request

GET https://wintotal-forum.de/Themes/default/sha1.js

HTTP Request

GET https://wintotal-forum.de/Themes/default/spellcheck.js

HTTP Response

404

HTTP Response

404

HTTP Request

GET https://wintotal-forum.de/Themes/default/spellcheck.js

HTTP Response

404

HTTP Request

GET https://wintotal-forum.de/Themes/default/xml_topic.js

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/WT/wt-logo.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/upshrink.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/filter.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/topic/normal_post.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/topic_starter.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/star.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/useroff.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/post/solved.gif

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/post/xx.gif

HTTP Request

GET https://wintotal-forum.de/Smileys/smilies_smf/shocked.gif

HTTP Response

404

HTTP Response

404

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/www_sm.gif

HTTP Response

404

HTTP Request

GET https://wintotal-forum.de/Smileys/smilies_smf/cry.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/Male.gif

HTTP Response

404

HTTP Response

404

HTTP Request

GET https://wintotal-forum.de/Smileys/smilies_smf/cool.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/Female.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/stargmod.gif

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/WT/nav_unten.gif

HTTP Request

GET https://wintotal-forum.de/Themes/default/print.css?fin11

HTTP Request

GET https://wintotal-forum.de/Themes/WT2/images/useron.gif

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Response

404

HTTP Response

404
195.15.233.57:443

www.wintotal-forum.de

tls

msedge.exe

943 B
3.4kB
8
7
195.15.233.57:443

www.wintotal-forum.de

tls

msedge.exe

943 B
3.4kB
8
7
195.15.233.57:80

http://www.wintotal-forum.de/Smileys/smilies_smf/cry.gif

http

msedge.exe

2.5kB
5.1kB
14
9

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/filter.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/useroff.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Smileys/smilies_smf/shocked.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/www_sm.gif

HTTP Response

301

HTTP Request

GET http://www.wintotal-forum.de/Smileys/smilies_smf/cry.gif

HTTP Response

301
195.15.233.57:80

http://www.wintotal-forum.de/Themes/WT2/images/Female.gif

http

msedge.exe

1.2kB
2.2kB
9
7

HTTP Request

GET http://www.wintotal-forum.de/Themes/WT2/images/Female.gif

HTTP Response

301
150.171.28.10:443

tse1.mm.bing.net

tls, http2

1.6kB
9.5kB
17
13
150.171.28.10:443

https://tse1.mm.bing.net/th?id=OADD2.10239317301498_17NQSSF7P234KKL2V&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

tls, http2

14.2kB
307.6kB
236
230

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239339384869_1U4BU5OP1KBSS4EDT&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301065_19TESU14MC7PCJXY2&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Response

200

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360288117_16I5EGVAT5N2GH79F&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239339384870_1WSZL43T6U4G68XY0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301498_17NQSSF7P234KKL2V&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Response

200
150.171.28.10:443

tse1.mm.bing.net

tls, http2

1.4kB
6.9kB
16
12
150.171.28.10:443

tse1.mm.bing.net

tls, http2

1.4kB
6.9kB
16
12
150.171.28.10:443

tse1.mm.bing.net

tls, http2

1.2kB
8.2kB
15
13

8.8.8.8:53

www.wintotal-forum.de

dns

msedge.exe

67 B
83 B
1
1

DNS Request

www.wintotal-forum.de

DNS Response

195.15.233.57
8.8.8.8:53

wintotal-forum.de

dns

msedge.exe

63 B
79 B
1
1

DNS Request

wintotal-forum.de

DNS Response

195.15.233.57
8.8.8.8:53

57.233.15.195.in-addr.arpa

dns

72 B
136 B
1
1

DNS Request

57.233.15.195.in-addr.arpa
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
195.15.233.57:443

wintotal-forum.de

https

msedge.exe

7.0kB
11.3kB
41
41
8.8.8.8:53

adsrv.wintotal-forum.de

dns

msedge.exe

69 B
132 B
1
1

DNS Request

adsrv.wintotal-forum.de
8.8.8.8:53

wintotal.de.intellitxt.com

dns

msedge.exe

72 B
72 B
1
1

DNS Request

wintotal.de.intellitxt.com
8.8.8.8:53

71.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

71.31.126.40.in-addr.arpa
8.8.8.8:53

19.58.20.217.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

19.58.20.217.in-addr.arpa
224.0.0.251:5353

566 B
9
8.8.8.8:53

183.142.211.20.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

183.142.211.20.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

171.39.242.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

171.39.242.20.in-addr.arpa
8.8.8.8:53

172.214.232.199.in-addr.arpa

dns

148 B
128 B
2
1

DNS Request

172.214.232.199.in-addr.arpa

DNS Request

172.214.232.199.in-addr.arpa
8.8.8.8:53

73.144.22.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

73.144.22.2.in-addr.arpa
8.8.8.8:53

29.243.111.52.in-addr.arpa

dns

144 B
158 B
2
1

DNS Request

29.243.111.52.in-addr.arpa

DNS Request

29.243.111.52.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

186 B
170 B
3
1

DNS Request

tse1.mm.bing.net

DNS Request

tse1.mm.bing.net

DNS Request

tse1.mm.bing.net

DNS Response

150.171.28.10

150.171.27.10

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
584971c8ba88c824fd51a05dddb45a98

SHA1
b7c9489b4427652a9cdd754d1c1b6ac4034be421

SHA256
e2d8de6c2323bbb3863ec50843d9b58a22e911fd626d31430658b9ea942cd307

SHA512
5dbf1a4631a04d1149d8fab2b8e0e43ccd97b7212de43b961b9128a8bf03329164fdeb480154a8ffea5835f28417a7d2b115b8bf8d578d00b13c3682aa5ca726

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b28ef7d9f6d74f055cc49876767c886c

SHA1
d6b3267f36c340979f8fc3e012fdd02c468740bf

SHA256
fa6804456884789f4bdf9c3f5a4a8f29e0ededde149c4384072f3d8cc85bcc37

SHA512
491f893c8f765e5d629bce8dd5067cef4e2ebc558d43bfb05e358bca43e1a66ee1285519bc266fd0ff5b5e09769a56077b62ac55fa8797c1edf6205843356e75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
403B

MD5
8b7ba0ed44f583fe36b6eaae423d13cd

SHA1
d8e7100834e7ba2dbaedbfd1c9abd801e8e5d37b

SHA256
ab561be8c2ec7c693acc58a119c70561a0249537d026b39db7818ec0597dcf67

SHA512
9b927f0cf24f840c50a4669a0b3de67f658a4779af18735488dce579824ad697be3f052f3c13ba080da30aa2eb03a12f9c7cee5ed5e1d2becfb55c56ea980c99

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4383e24ec7cf07a7b66067300181d75e

SHA1
d7bdd3eb9d1b7a21533f39aad5407f637382be34

SHA256
b854f9bf781719fc637726b90e4b2c31efee137fbaf0027fc803c34c72fc7e67

SHA512
07407afa865f2b6521dc958dc66cfe0290ccc9595a44dae8de72204379646602099da8b83d5b511c03f71fb76cc29fa3b3409144f7a3527c8c85cf979294cd11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2f8c1868017282fab22de647614c5ff9

SHA1
1c384ce3e76a8fd85a54a9f2b9fba91627fc473f

SHA256
49beebb1c3f8b10fec5465ddd995e776987b7eabab05d062fdb69601b07c1362

SHA512
ba22069884ef5e10c1cfa5bb9f7e318abb7976e5b19e035750258a0599fbf1ae44f2c89d5303ae96933d601d84233fe66f9a30374938632ba8c711c2e2a4c5fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e47f02821d6c46c2004cf8dfa2f4ffd5

SHA1
5baeb042cd76607ab33c1e97d556eb179ad396b8

SHA256
891f520b3711055878f5aacc5565d5352c54e133949c1979df854bd4ff595f91

SHA512
6282eb4f28afea9179d38a10a235b51bd99064279ee552ee08fa5daa5bae894c233a58010a712fe4d546c75529e1a1a3fc747a6f338e74f81d59259d6068e864

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request