d9f5f8c57ecb50cf344c02ccec2344c439fa8f894195683562d59a7114e2f0bd

Resubmissions

26/07/2024, 10:57 UTC

240726-m2rd4atdrr 1

26/07/2024, 10:45 UTC

240726-mth3rasglq 3

Analysis

max time kernel
481s
max time network
600s
platform
windows10-2004_x64
resource
win10v2004-20240709-de
resource tags

arch:x64arch:x86image:win10v2004-20240709-delocale:de-deos:windows10-2004-x64systemwindows
submitted
26/07/2024, 10:45 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ultra-Virus-Killer_104856004.html
Size

459KB
MD5

cebbfc7ee941337581e5c71e60dc55fd
SHA1

b86050726405d0ee5e97b39758dbc6e768a50de3
SHA256

d9f5f8c57ecb50cf344c02ccec2344c439fa8f894195683562d59a7114e2f0bd
SHA512

9e57c542e4f47b255d9bc509996bd7ca25d3cfdc22f23b8180caa0930c2e22fc75c311cf3192c0fb2e700a2e07ef1d6045fa71b3bd48de6df5c7efb23c8b7e51
SSDEEP

12288:BAO6xNOc+YMKnzScUDdq4nuQtzYwRNqS5ebGWGCE2iqf4KSaASMs6GymQ+G+MKtA:BAHpLUcUDbuQ9YwHqSebGWGCE2iqf4Ko

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1996	msedge.exe
1996	msedge.exe
2516	msedge.exe
2516	msedge.exe
3440	identity_helper.exe
3440	identity_helper.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe
228	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe
2516	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2516 wrote to memory of 3452	2516	msedge.exe	84
PID 2516 wrote to memory of 3452	2516	msedge.exe	84
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 4580	2516	msedge.exe	85
PID 2516 wrote to memory of 1996	2516	msedge.exe	86
PID 2516 wrote to memory of 1996	2516	msedge.exe	86
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87
PID 2516 wrote to memory of 3052	2516	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\Ultra-Virus-Killer_104856004.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb909a46f8,0x7ffb909a4708,0x7ffb909a4718
  2⤵
  PID:3452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
  2⤵
  PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --service-sandbox-type=none --mojo-platform-channel-handle=6084 /prefetch:8
  2⤵
  PID:2076
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --service-sandbox-type=none --mojo-platform-channel-handle=6084 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
  2⤵
  PID:2764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1
  2⤵
  PID:1668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --lang=de --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,2583374101381005802,16410581101689898045,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5900 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:228

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3400

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2900

Network

DNS

www.chip.de

msedge.exe

Remote address:

8.8.8.8:53

Request

www.chip.de

IN A

Response

www.chip.de

IN CNAME

www.chip.de.27643.edgekey.net

www.chip.de.27643.edgekey.net

IN CNAME

e27643.dscf.akamaiedge.net

e27643.dscf.akamaiedge.net

IN A

2.16.167.72

e27643.dscf.akamaiedge.net

IN A

2.16.167.152
GET

https://www.chip.de/fec/assets/font/Asap-Regular.woff2?cache=bust210115

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/font/Asap-Regular.woff2?cache=bust210115 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: binary/octet-stream
content-length: 10456
server: nginx/1.23.4
x-amz-id-2: 0gYk5x/ljxTFn+sCQ+TSyI9SrKXiNQMhT4KrH4q6fDZfdHqq+LB7WnQdbcZ8qsEvyGTYMdS+vHg=
x-amz-request-id: 4Y2BFVN11XKT2PSD
last-modified: Tue, 12 Sep 2023 13:32:16 GMT
etag: "a94b30df67c40aa42385ecdeea3f9dba"
x-amz-server-side-encryption: AES256
x-amz-version-id: wyZ8n_IEBtfwPl5c3DZ70qhtW5Ol0Baj
accept-ranges: bytes
cache-control: public, max-age=25639917
expires: Mon, 19 May 2025 09:22:15 GMT
date: Fri, 26 Jul 2024 15:10:18 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/fec/assets/font/Asap-Italic.woff2?cache=bust210115

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/font/Asap-Italic.woff2?cache=bust210115 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: binary/octet-stream
content-length: 11184
server: nginx/1.23.4
x-amz-id-2: HyHWmXAsE6uHtne6JUnwlAVrh7i9ulBPuYY95/5O2X+j3SnpwYLea8G0uvapw59KIlbWbGIGwhhSWumZr2Uj1w==
x-amz-request-id: A221QDYT6Y8H06YR
last-modified: Tue, 12 Sep 2023 13:32:16 GMT
etag: "66ed947aaf94f6224eb6b80d3c9ff7b5"
x-amz-server-side-encryption: AES256
x-amz-version-id: IczagU.zQU.cWeO2.lPS3bHJQFRS8M7p
accept-ranges: bytes
cache-control: public, max-age=21393951
expires: Mon, 31 Mar 2025 05:56:09 GMT
date: Fri, 26 Jul 2024 15:10:18 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/fec/assets/font/Asap-Bold.woff2?cache=bust210115

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/font/Asap-Bold.woff2?cache=bust210115 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: binary/octet-stream
content-length: 10392
server: nginx/1.23.4
x-amz-id-2: fFcGk9cRUmRbKeKoM1Nk/YlDXnchrvklEsCvtGlcvNfYGb12CWYzLowNVsSQvclrQ2Hv/cZCp1o=
x-amz-request-id: 4Y22C3HXZYTGWKMC
last-modified: Tue, 12 Sep 2023 13:32:16 GMT
etag: "73ca6da5dfc009061a4acbf6ca30afcb"
x-amz-server-side-encryption: AES256
x-amz-version-id: zieXg3_7kaJNDZJbtuJyawrSQN6RPwxI
accept-ranges: bytes
cache-control: public, max-age=4214015
expires: Fri, 13 Sep 2024 09:43:53 GMT
date: Fri, 26 Jul 2024 15:10:18 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/fec/assets/font/Asap-BoldItalic.woff2?cache=bust210115

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/font/Asap-BoldItalic.woff2?cache=bust210115 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: binary/octet-stream
content-length: 11148
server: nginx/1.23.4
x-amz-id-2: LuJDSzMLhdzpTXO0RM7F3DZmKJDjhdLcuDIkEpuRlORGsl1bAfm4cCeJeRQ1B7h3VXcVDP8JuGv3eyFmOR+hnQ==
x-amz-request-id: HR0TRSPGXHJ25T17
last-modified: Tue, 12 Sep 2023 13:32:16 GMT
etag: "92adf2ac35ce558dec48e36c249a631a"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2H0mi2.W3Yx5CT.Y__iBbA0296zMZ7Nv
accept-ranges: bytes
cache-control: public, max-age=29827140
expires: Sun, 06 Jul 2025 20:29:18 GMT
date: Fri, 26 Jul 2024 15:10:18 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/fec/assets/font/chip-icons-v02.woff2?cache=bust240320

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/font/chip-icons-v02.woff2?cache=bust240320 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: binary/octet-stream
content-length: 3604
server: nginx
x-amz-id-2: WA2XTUjpGv7IxBHhL4dCxJb1sJ2opZoPhMSO74Rtfdiql+w7Jo2UhDdI5vFVApnQWoBhdIPh8mg=
x-amz-request-id: Q6GRV5NA2CBTFN4J
last-modified: Wed, 13 Mar 2024 09:01:21 GMT
etag: "f81d6df80d60992e3007fbeb4cf231a1"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
cache-control: public, max-age=30770645
expires: Thu, 17 Jul 2025 18:34:23 GMT
date: Fri, 26 Jul 2024 15:10:18 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/fec/assets/font/chip-icons-v02.woff2?cache=bust211011

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/font/chip-icons-v02.woff2?cache=bust211011 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: binary/octet-stream
content-length: 3604
server: nginx
x-amz-id-2: WA2XTUjpGv7IxBHhL4dCxJb1sJ2opZoPhMSO74Rtfdiql+w7Jo2UhDdI5vFVApnQWoBhdIPh8mg=
x-amz-request-id: Q6GRV5NA2CBTFN4J
last-modified: Wed, 13 Mar 2024 09:01:21 GMT
etag: "f81d6df80d60992e3007fbeb4cf231a1"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
cache-control: public, max-age=30770644
expires: Thu, 17 Jul 2025 18:34:23 GMT
date: Fri, 26 Jul 2024 15:10:19 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/fec/assets/font/Asap-Regular.woff2?cache=bust210115

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/font/Asap-Regular.woff2?cache=bust210115 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://videoplayer.chip.de
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://videoplayer.chip.de/
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: binary/octet-stream
content-length: 10456
server: nginx/1.23.4
x-amz-id-2: 0gYk5x/ljxTFn+sCQ+TSyI9SrKXiNQMhT4KrH4q6fDZfdHqq+LB7WnQdbcZ8qsEvyGTYMdS+vHg=
x-amz-request-id: 4Y2BFVN11XKT2PSD
last-modified: Tue, 12 Sep 2023 13:32:16 GMT
etag: "a94b30df67c40aa42385ecdeea3f9dba"
x-amz-server-side-encryption: AES256
x-amz-version-id: wyZ8n_IEBtfwPl5c3DZ70qhtW5Ol0Baj
accept-ranges: bytes
cache-control: public, max-age=25639915
expires: Mon, 19 May 2025 09:22:15 GMT
date: Fri, 26 Jul 2024 15:10:20 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/static/assets/chip-pages/downloads/downloads-detail-v5.8.9.css?2289

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /static/assets/chip-pages/downloads/downloads-detail-v5.8.9.css?2289 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/css
server: nginx
vary: Accept-Encoding
x-amz-id-2: FGhOto7PFOygpNkbKi+XVbJxkQiEBXG3pSuUhW0HxTvTFp/eEODOfzisuvG43jh/bPwwWxKa73k=
x-amz-request-id: 5TD29W4SPC894NXS
last-modified: Tue, 23 Jul 2024 11:14:59 GMT
etag: W/"15ee610704851ec4c811e30bab506bfe"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
content-encoding: gzip
content-length: 11650
cache-control: public, max-age=31346033
expires: Thu, 24 Jul 2025 10:24:11 GMT
date: Fri, 26 Jul 2024 15:10:18 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/static/assets/chip-pages/downloads/downloads-detail-v5.8.9.js?7276

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /static/assets/chip-pages/downloads/downloads-detail-v5.8.9.js?7276 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: application/javascript
server: nginx
x-amz-id-2: JfNE6qvBPdYEQdFemJke4k6OGg7kelzRY3s+f2LQx5M61IBXSmtT7XIYJUiwqqhX6Vet6BcomfGhyS/O9yg7bTp41vNkR3Fxp6njtRbN9Ak=
x-amz-request-id: 5TD9DVADRP6SPE00
last-modified: Tue, 23 Jul 2024 11:14:59 GMT
etag: "823c9bf1626469dee35a22e4044e8dc3"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 50004
cache-control: public, max-age=31346104
expires: Thu, 24 Jul 2025 10:25:22 GMT
date: Fri, 26 Jul 2024 15:10:18 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://content.chip.de/assets/css/global.css?1313

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /assets/css/global.css?1313 HTTP/2.0
host: content.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/css
server: nginx
last-modified: Mon, 15 Jul 2024 07:43:50 GMT
vary: Accept-Encoding
etag: W/"6694d336-4484"
content-encoding: gzip
content-length: 4214
date: Fri, 26 Jul 2024 15:10:18 GMT
x-n: S
GET

https://content.chip.de/assets/js/output.min.js?9948

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /assets/js/output.min.js?9948 HTTP/2.0
host: content.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: application/javascript
server: nginx
last-modified: Mon, 15 Jul 2024 07:43:53 GMT
etag: "6694d339-f2ff"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 18804
date: Fri, 26 Jul 2024 15:10:18 GMT
GET

https://im.chip.de/ii/4/0/2/4/2/5/8/7/q8ET5oSz_TVxoq5kVfc_8zB5-Hfe7c0a054acc0c9.jpg?im=Resize%3D%28144%2C144%29%2Caspect%3Dfit%3BAspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%2CallowExpansion%3BBackgroundColor%2Ccolor%3Dffffff&hash=6940cfb524ed054a715ff09aa51f832f48e7cdecdececbfd592a739299086f9d

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /ii/4/0/2/4/2/5/8/7/q8ET5oSz_TVxoq5kVfc_8zB5-Hfe7c0a054acc0c9.jpg?im=Resize%3D%28144%2C144%29%2Caspect%3Dfit%3BAspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%2CallowExpansion%3BBackgroundColor%2Ccolor%3Dffffff&hash=6940cfb524ed054a715ff09aa51f832f48e7cdecdececbfd592a739299086f9d HTTP/2.0
host: im.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

server: nginx
content-type: image/jpeg
content-length: 22376
x-robots-tag: noindex, nofollow
expires: Fri, 26 Jul 2024 15:10:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 26 Jul 2024 15:10:19 GMT
GET

https://im.chip.de/ii/0/9/1/1/2/6/0/9/q8zqBx_5cEVzoV-SkbzVIzS2-Jfc1daa8d3a89c03.png?im=Resize%3D%28144%2C144%29%2Caspect%3Dfit%3BAspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%2CallowExpansion%3BBackgroundColor%2Ccolor%3Dffffff&hash=b5e1716e85d3255be181c091ad10de4664e4861eccf26413a6e4a1c510065fab

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /ii/0/9/1/1/2/6/0/9/q8zqBx_5cEVzoV-SkbzVIzS2-Jfc1daa8d3a89c03.png?im=Resize%3D%28144%2C144%29%2Caspect%3Dfit%3BAspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%2CallowExpansion%3BBackgroundColor%2Ccolor%3Dffffff&hash=b5e1716e85d3255be181c091ad10de4664e4861eccf26413a6e4a1c510065fab HTTP/2.0
host: im.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

server: nginx
content-type: image/png
content-length: 7203
x-robots-tag: noindex, nofollow
expires: Fri, 26 Jul 2024 15:10:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 26 Jul 2024 15:10:19 GMT
GET

https://im.chip.de/ii/0/3/5/4/6/1/0/2/1/f8zx5b5EE_5xEqbB8EV_Izn2R-f480439a9b173433.gif?im=Resize%3D%28144%2C144%29%2Caspect%3Dfit%3BAspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%2CallowExpansion%3BBackgroundColor%2Ccolor%3Dffffff&hash=be23aa4903386db3802b3bf79505a4453b2ba6b3d47cf9172c073a70f19eaee3

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /ii/0/3/5/4/6/1/0/2/1/f8zx5b5EE_5xEqbB8EV_Izn2R-f480439a9b173433.gif?im=Resize%3D%28144%2C144%29%2Caspect%3Dfit%3BAspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%2CallowExpansion%3BBackgroundColor%2Ccolor%3Dffffff&hash=be23aa4903386db3802b3bf79505a4453b2ba6b3d47cf9172c073a70f19eaee3 HTTP/2.0
host: im.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

server: nginx
content-type: image/jpeg
content-length: 22007
x-robots-tag: noindex, nofollow
expires: Fri, 26 Jul 2024 15:10:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 26 Jul 2024 15:10:19 GMT
GET

https://im.chip.de/ii/5/5/8/0/3/6/1/9/UVK-ICO-b246844b0f35e29e.jpg?im=AspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%3BResize%3D%28204%2C204%29%2Caspect%3Dfit%3BBackgroundColor%2Ccolor%3Dffffff&hash=767eb658099588e9464e5273350b7d5f90dc2e6b654b87d913cb99ba19873224

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /ii/5/5/8/0/3/6/1/9/UVK-ICO-b246844b0f35e29e.jpg?im=AspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%3BResize%3D%28204%2C204%29%2Caspect%3Dfit%3BBackgroundColor%2Ccolor%3Dffffff&hash=767eb658099588e9464e5273350b7d5f90dc2e6b654b87d913cb99ba19873224 HTTP/2.0
host: im.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

etag: "b246844b0f35e29ee9a550a388d8cf20"
last-modified: Thu, 26 Oct 2023 14:33:07 GMT
server: Akamai Image Manager
content-length: 7304
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Sat, 27 Jul 2024 03:10:19 GMT
date: Fri, 26 Jul 2024 15:10:19 GMT
GET

https://www.chip.de/fec/assets/downloads/img/instructions/dl_instruction_02_FF_ED.png

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/downloads/img/instructions/dl_instruction_02_FF_ED.png HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: image/png
content-length: 21241
server: nginx
x-amz-id-2: bylYHLt73DVyhMoCjzdlrb1F1Y8ln6Gd4fbxuSB/PXxziGS86JXRoqr+acdF5Hp3WKWPjs0tqjj5G6zFFquJxw==
x-amz-request-id: A1FHSHZQ8EA68HZN
last-modified: Tue, 12 Sep 2023 13:32:18 GMT
etag: "506a7d90e2ecef3eef55add8edd9a676"
x-amz-server-side-encryption: AES256
x-amz-version-id: 6EsPIcd4_dJ27PiSUdEetnoilAPGYOwi
accept-ranges: bytes
cache-control: public, max-age=8512922
expires: Sat, 02 Nov 2024 03:52:22 GMT
date: Fri, 26 Jul 2024 15:10:20 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/fec/assets/downloads/img/instructions/dl_instruction_07.png

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/downloads/img/instructions/dl_instruction_07.png HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: image/gif
content-length: 10819
server: nginx
x-amz-id-2: /qtA85M9uBrpS/LI7ks0lqk+NFey8Ma7Y/Lkaj6BtofP9FdLjCH22PVULej1oppXZKAGx2M0JKk=
x-amz-request-id: FAKJD86VMTRM58CE
last-modified: Thu, 02 Nov 2023 15:41:32 GMT
etag: "36ea602974778dc3b5e3f2df8c66cd82"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
cache-control: public, max-age=8801894
expires: Tue, 05 Nov 2024 12:08:34 GMT
date: Fri, 26 Jul 2024 15:10:20 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/fec/assets/downloads/img/instructions/dl_instruction_09.png

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/downloads/img/instructions/dl_instruction_09.png HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: image/png
content-length: 27144
server: nginx
x-amz-id-2: 0aRaYda9lghJLp+nwO+B8nsH40cI+ttqtp1KWdBvfR1m+xj8mhiYGF0XJIisXS8FPGZMdgTX0p0=
x-amz-request-id: 369RD2FCQ1A0H0XC
last-modified: Tue, 12 Sep 2023 13:32:18 GMT
etag: "eb7a6c6a63a3070bcecf1bca2362b87f"
x-amz-server-side-encryption: AES256
x-amz-version-id: T_r6WYCwvYmanJaGu1l1ouQKOpyQx3om
accept-ranges: bytes
cache-control: public, max-age=21063235
expires: Thu, 27 Mar 2025 10:04:15 GMT
date: Fri, 26 Jul 2024 15:10:20 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/fec/assets/downloads/img/instructions/activitybar.gif

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/downloads/img/instructions/activitybar.gif HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: image/png
content-length: 272434
server: nginx
x-amz-id-2: SmxuvhqDceTuZMeVCHaLtqYmIZuSqS6E+wU1dQOGTrStbfdyEy9WXSW/ypiCO6luH00AgltOAOw=
x-amz-request-id: 24NZSPREVHTTPZE4
last-modified: Tue, 12 Sep 2023 13:32:18 GMT
etag: "7363686eb133a4897a4a681d99714716"
x-amz-server-side-encryption: AES256
x-amz-version-id: kiQO8pEPk.6jQKf2oCEGkhQ3FqK.11eT
accept-ranges: bytes
cache-control: public, max-age=8512922
expires: Sat, 02 Nov 2024 03:52:22 GMT
date: Fri, 26 Jul 2024 15:10:20 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
GET

https://www.chip.de/securedownload/guided-download/js.php?pid=chipderedesign&browser=edge&source=BLUB2&os=windows&proto=http://&lang=de&filename=Ultra+Virus+Killer&maxWebCamp=2&cids=a%3A1%3A%7Bi%3A0%3Ba%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22104856003%22%3Bi%3A1%3Bs%3A19%3A%2220240707T0658000000%22%3Bi%3A2%3Bs%3A8%3A%22Download%22%3Bi%3A3%3Bs%3A6%3A%22hosted%22%3Bi%3A4%3Bs%3A0%3A%22%22%3B%7D%7D&ck=1690437600

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /securedownload/guided-download/js.php?pid=chipderedesign&browser=edge&source=BLUB2&os=windows&proto=http://&lang=de&filename=Ultra+Virus+Killer&maxWebCamp=2&cids=a%3A1%3A%7Bi%3A0%3Ba%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22104856003%22%3Bi%3A1%3Bs%3A19%3A%2220240707T0658000000%22%3Bi%3A2%3Bs%3A8%3A%22Download%22%3Bi%3A3%3Bs%3A6%3A%22hosted%22%3Bi%3A4%3Bs%3A0%3A%22%22%3B%7D%7D&ck=1690437600 HTTP/2.0
host: www.chip.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/javascript; charset=UTF-8
server: nginx/1.18.0
x-powered-by: PHP/7.4.15
symfony-session-noautocachecontrol: true
pragma: cache
last-modified: Fri, 26 Jul 2024 16:10:20 GMT
content-length: 12776
cache-control: private, max-age=3600
expires: Fri, 26 Jul 2024 16:10:20 GMT
date: Fri, 26 Jul 2024 15:10:20 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
GET

https://www.chip.de/securedownload/instructions/style.css?1721944800

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /securedownload/instructions/style.css?1721944800 HTTP/2.0
host: www.chip.de
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/css
server: nginx/1.18.0
last-modified: Thu, 02 May 2024 13:51:25 GMT
etag: "66339a5d-1858"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 26 Jul 2024 15:10:21 GMT
content-length: 1862
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
GET

https://www.chip.de/fec/assets/favicon/favicon.ico?v=02

msedge.exe

Remote address:

2.16.167.72:443

Request

GET /fec/assets/favicon/favicon.ico?v=02 HTTP/2.0
host: www.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: image/vnd.microsoft.icon
server: nginx
x-amz-id-2: taxcij5SFNHf42OjaGKnUV+eVz3P7iRTUtCmt7tpTNAZiEr4MY71wJUdVEueb2xxlQMoS55exz8=
x-amz-request-id: VASN8KQRSAV8X7GK
last-modified: Wed, 20 Mar 2024 13:19:32 GMT
etag: "5c08cf3d187c161fc17f0a2c1e84e326"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1097
cache-control: public, max-age=20906187
expires: Tue, 25 Mar 2025 14:27:32 GMT
date: Fri, 26 Jul 2024 15:11:05 GMT
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-methods: GET
access-control-allow-origin: *
DNS

content.chip.de

msedge.exe

Remote address:

8.8.8.8:53

Request

content.chip.de

IN A

Response

content.chip.de

IN CNAME

content.chip.de.27643.edgekey.net

content.chip.de.27643.edgekey.net

IN CNAME

e27643.dscf.akamaiedge.net

e27643.dscf.akamaiedge.net

IN A

2.16.167.152

e27643.dscf.akamaiedge.net

IN A

2.16.167.72
DNS

cmp.chip.de

msedge.exe

Remote address:

8.8.8.8:53

Request

cmp.chip.de

IN A

Response

cmp.chip.de

IN CNAME

cdn-217.privacy-mgmt.com

cdn-217.privacy-mgmt.com

IN A

52.85.223.4

cdn-217.privacy-mgmt.com

IN A

52.85.223.54

cdn-217.privacy-mgmt.com

IN A

52.85.223.92

cdn-217.privacy-mgmt.com

IN A

52.85.223.111
DNS

cp.chip.de

msedge.exe

Remote address:

8.8.8.8:53

Request

cp.chip.de

IN A

Response

cp.chip.de

IN CNAME

3a2d4c15.with.contentpass.net

3a2d4c15.with.contentpass.net

IN CNAME

with-contentpass-net.b-cdn.net

with-contentpass-net.b-cdn.net

IN A

143.244.56.51
DNS

tags.chip.de

msedge.exe

Remote address:

8.8.8.8:53

Request

tags.chip.de

IN A

Response

tags.chip.de

IN CNAME

tags.chip.de.greylabeldelivery.com

tags.chip.de.greylabeldelivery.com

IN A

52.85.223.36

tags.chip.de.greylabeldelivery.com

IN A

52.85.223.125

tags.chip.de.greylabeldelivery.com

IN A

52.85.223.117

tags.chip.de.greylabeldelivery.com

IN A

52.85.223.61
GET

https://cp.chip.de/now.js

msedge.exe

Remote address:

143.244.56.51:443

Request

GET /now.js HTTP/2.0
host: cp.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

date: Fri, 26 Jul 2024 15:10:18 GMT
content-type: text/javascript
vary: Accept-Encoding
server: BunnyCDN-FR1-1074
cdn-pullzone: 1938543
cdn-uid: 9b8242a4-b3ec-45cc-97e6-8f0d6d325fb8
cdn-requestcountrycode: GB
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 243
alt-svc: h3=":443"; ma=2592000
alt-svc: h3-29=":443"; ma=2592000
cache-control: public, max-age=600
expires: Wed, 24 Jul 2024 12:14:53 GMT
last-modified: Wed, 24 Jul 2024 11:57:57 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/24/2024 12:16:10
cdn-edgestorageid: 946
cdn-status: 200
cdn-requestid: 447fcb23fbc8679b745332b232a3cc3b
cdn-cache: HIT
content-encoding: br
GET

https://cp.chip.de/chunks/cp-chunk-cmp-sourcepoint.20240724100952-4c4c20aa95.0648b7a70ef49e17f8e1.js

msedge.exe

Remote address:

143.244.56.51:443

Request

GET /chunks/cp-chunk-cmp-sourcepoint.20240724100952-4c4c20aa95.0648b7a70ef49e17f8e1.js HTTP/2.0
host: cp.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

date: Fri, 26 Jul 2024 15:10:19 GMT
content-type: text/javascript
vary: Accept-Encoding
server: BunnyCDN-FR1-1074
cdn-pullzone: 1938543
cdn-uid: 9b8242a4-b3ec-45cc-97e6-8f0d6d325fb8
cdn-requestcountrycode: GB
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
alt-svc: h3=":443"; ma=2592000
alt-svc: h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
etag: W/"3a69a1c65b7233299de0c420e1a03c3b"
expires: Thu, 24 Jul 2025 12:09:00 GMT
last-modified: Wed, 24 Jul 2024 11:55:51 GMT
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/24/2024 12:16:18
cdn-edgestorageid: 1073
cdn-status: 200
cdn-requestid: b360d79d55cadb20aca3b199a887fa2b
cdn-cache: HIT
content-encoding: br
GET

https://tags.chip.de/chip-web/prod/utag.js

msedge.exe

Remote address:

52.85.223.36:443

Request

GET /chip-web/prod/utag.js HTTP/2.0
host: tags.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: application/javascript
last-modified: Tue, 16 Jul 2024 12:09:51 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: tgjNsAsWYXmtZr9RjT7qoe.U2E5vkGqE
server: AmazonS3
content-encoding: br
via: 1.1 ce855a64257bf53f14f7868e50f037d4.cloudfront.net (CloudFront), 1.1 bdc8495726d4f961ab5f9363802a435c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P2
date: Fri, 26 Jul 2024 15:10:19 GMT
cache-control: max-age=300
etag: W/"1ef80d4daf693c2ec3191a5d1167418b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: XAkX7jJwxKTR6rFrtZTJeN8za-eh3CgeYdn8-HKQc3z-wT0r8QGxqQ==
age: 9
GET

https://cmp.chip.de/unified/wrapperMessagingWithoutDetection.js

msedge.exe

Remote address:

52.85.223.4:443

Request

GET /unified/wrapperMessagingWithoutDetection.js HTTP/2.0
host: cmp.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/javascript
last-modified: Tue, 18 Jun 2024 15:29:24 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 26 Jul 2024 15:01:57 GMT
cache-control: max-age=3600
etag: W/"614d1a5043fbedabab7a77a278247fe8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1c0732e7df516b17f1eef8eed531cf3a.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: YLXwuLVNZva593Dzi-0EdZo2JWedwxUF3si5AM2QsWqUBxT01o8bqA==
age: 512
GET

https://cmp.chip.de/unified/4.25.0/custom.1a28bbe027bd69b90733.bundle.js

msedge.exe

Remote address:

52.85.223.4:443

Request

GET /unified/4.25.0/custom.1a28bbe027bd69b90733.bundle.js HTTP/2.0
host: cmp.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/javascript
date: Tue, 18 Jun 2024 15:31:43 GMT
last-modified: Tue, 18 Jun 2024 13:35:48 GMT
etag: W/"471430b604a249135cf6f76826ff3c59"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1c0732e7df516b17f1eef8eed531cf3a.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: Tw2_C-9v460xLx9RbxmPD947jKvXF5ju-8l49rSYqAL-OVns5bcZGA==
age: 3281917
GET

https://cmp.chip.de/unified/4.25.0/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js

msedge.exe

Remote address:

52.85.223.4:443

Request

GET /unified/4.25.0/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js HTTP/2.0
host: cmp.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/javascript
date: Tue, 18 Jun 2024 15:31:43 GMT
last-modified: Tue, 18 Jun 2024 13:35:48 GMT
etag: W/"bdb59e0d65d41ca36dfd737b94eac1d0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1c0732e7df516b17f1eef8eed531cf3a.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: tCTjwpD-5lok87q_m59vFYOAeWaGYB5Sa6Fub5nvP3_7AhNH7TBA6A==
age: 3281917
DNS

im.chip.de

msedge.exe

Remote address:

8.8.8.8:53

Request

im.chip.de

IN A

Response

im.chip.de

IN CNAME

im.chip.de.27643.edgekey.net

im.chip.de.27643.edgekey.net

IN CNAME

e27643.dscf.akamaiedge.net

e27643.dscf.akamaiedge.net

IN A

2.16.167.152

e27643.dscf.akamaiedge.net

IN A

2.16.167.72
DNS

media-video.chip.de

msedge.exe

Remote address:

8.8.8.8:53

Request

media-video.chip.de

IN A

Response

media-video.chip.de

IN CNAME

media-video.chip.de.edgekey.net

media-video.chip.de.edgekey.net

IN CNAME

e27643.dsch.akamaiedge.net

e27643.dsch.akamaiedge.net

IN A

173.222.211.2

e27643.dsch.akamaiedge.net

IN A

173.222.210.91
GET

https://media-video.chip.de/f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004/POSTER_USER/v0/1603444800478-1_p1rm3hmc.jpeg

msedge.exe

Remote address:

173.222.211.2:443

Request

GET /f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004/POSTER_USER/v0/1603444800478-1_p1rm3hmc.jpeg HTTP/1.1
Host: media-video.chip.de
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Content-Length: 29519
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, HEAD
Last-Modified: Fri, 23 Oct 2020 09:20:01 GMT
ETag: "eb8216020b2b842d103a5fff3c22e219"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: LHR5-P1
X-Amz-Cf-Id: QDbHuwUZ368E8PfeNdDxciqT0ylw00SENbta9oNsnt6cgoICeA0CQA==
Date: Fri, 26 Jul 2024 15:10:19 GMT
Connection: keep-alive
GET

https://media-video.chip.de/f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004/POSTER_USER/v0/1603444800478-1_p1rm3hmc.jpeg

msedge.exe

Remote address:

173.222.211.2:443

Request

GET /f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004/POSTER_USER/v0/1603444800478-1_p1rm3hmc.jpeg HTTP/1.1
Host: media-video.chip.de
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://videoplayer.chip.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Content-Length: 29519
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, HEAD
Last-Modified: Fri, 23 Oct 2020 09:20:01 GMT
ETag: "eb8216020b2b842d103a5fff3c22e219"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: LHR5-P1
X-Amz-Cf-Id: QDbHuwUZ368E8PfeNdDxciqT0ylw00SENbta9oNsnt6cgoICeA0CQA==
Date: Fri, 26 Jul 2024 15:10:21 GMT
Connection: keep-alive
GET

https://cp.chip.de/properties/3a2d4c15/config.json

msedge.exe

Remote address:

143.244.56.51:443

Request

GET /properties/3a2d4c15/config.json HTTP/2.0
host: cp.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

date: Fri, 26 Jul 2024 15:10:19 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-FR1-1074
cdn-pullzone: 1938543
cdn-uid: 9b8242a4-b3ec-45cc-97e6-8f0d6d325fb8
cdn-requestcountrycode: GB
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, Warning, X-GUploader-Response-Body-Transformations, X-GUploader-UploadID, X-Google-Trace
alt-svc: h3=":443"; ma=2592000
alt-svc: h3-29=":443"; ma=2592000
cache-control: public, max-age=180
etag: W/"459df7fccc6c952e8f55d56146d534ea"
expires: Fri, 26 Jul 2024 15:05:42 GMT
last-modified: Fri, 26 Jul 2024 15:00:41 GMT
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/26/2024 15:03:20
cdn-edgestorageid: 1186
cdn-status: 200
cdn-requestid: 7aac9afa8db43b9c45a97c3e08e34abc
cdn-cache: HIT
content-encoding: br
DNS

71.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.31.126.40.in-addr.arpa

IN PTR

Response
DNS

72.167.16.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.167.16.2.in-addr.arpa

IN PTR

Response

72.167.16.2.in-addr.arpa

IN PTR

a2-16-167-72deploystaticakamaitechnologiescom
DNS

152.167.16.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

152.167.16.2.in-addr.arpa

IN PTR

Response

152.167.16.2.in-addr.arpa

IN PTR

a2-16-167-152deploystaticakamaitechnologiescom
DNS

51.56.244.143.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.56.244.143.in-addr.arpa

IN PTR

Response

51.56.244.143.in-addr.arpa

IN PTR

143-244-56-51 bunnyinfranet
DNS

36.223.85.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.223.85.52.in-addr.arpa

IN PTR

Response

36.223.85.52.in-addr.arpa

IN PTR

server-52-85-223-36ath50r cloudfrontnet
DNS

4.223.85.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.223.85.52.in-addr.arpa

IN PTR

Response

4.223.85.52.in-addr.arpa

IN PTR

server-52-85-223-4ath50r cloudfrontnet
DNS

96.223.85.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

96.223.85.52.in-addr.arpa

IN PTR

Response

96.223.85.52.in-addr.arpa

IN PTR

server-52-85-223-96ath50r cloudfrontnet
GET

https://cmp.chip.de/mms/v2/get_site_data?hasCsp=true&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FUltra-Virus-Killer_104856004.html&account_id=217

msedge.exe

Remote address:

52.85.223.4:443

Request

GET /mms/v2/get_site_data?hasCsp=true&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FUltra-Virus-Killer_104856004.html&account_id=217 HTTP/2.0
host: cmp.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 400

content-type: application/javascript
date: Fri, 26 Jul 2024 15:10:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
x-cache: Error from cloudfront
via: 1.1 f2c1624c7dd87beee50088ac5926103c.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: DgEoBJju90_pRmFoJSdtLwhdoIyUDyOPElyH3t_FXEuo9PyVjr76hw==
OPTIONS

https://cmp.chip.de/wrapper/metrics/v1/custom-metrics

msedge.exe

Remote address:

52.85.223.4:443

Request

OPTIONS /wrapper/metrics/v1/custom-metrics HTTP/2.0
host: cmp.chip.de
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: null
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
content-length: 4
date: Fri, 26 Jul 2024 15:10:20 GMT
x-powered-by: Express
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
strict-transport-security: max-age=15552000; includeSubDomains
allow: POST
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f2c1624c7dd87beee50088ac5926103c.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: PloMJPUOuOitmo-OeuLe9xVPfBHtK4G2ZEsFVS8cbUgZ2FD9-Ev0ZQ==
POST

https://cmp.chip.de/wrapper/metrics/v1/custom-metrics

msedge.exe

Remote address:

52.85.223.4:443

Request

POST /wrapper/metrics/v1/custom-metrics HTTP/2.0
host: cmp.chip.de
content-length: 186
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
content-length: 2
date: Fri, 26 Jul 2024 15:10:20 GMT
x-powered-by: Express
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f2c1624c7dd87beee50088ac5926103c.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: 0o8Kj7VOsZyF_ZcizgXI_-yhYuXSqXzU-W_T8d_-x6hY39evZjXCWw==
DNS

videoplayer.chip.de

msedge.exe

Remote address:

8.8.8.8:53

Request

videoplayer.chip.de

IN A

Response

videoplayer.chip.de

IN CNAME

products.delight-vr.com

products.delight-vr.com

IN A

52.85.223.81

products.delight-vr.com

IN A

52.85.223.75

products.delight-vr.com

IN A

52.85.223.27

products.delight-vr.com

IN A

52.85.223.87
GET

https://videoplayer.chip.de/p/player/latest/tfa.js?key=f6876ff40f5a74303c2b874c26eeb219bb08a0e6

msedge.exe

Remote address:

52.85.223.81:443

Request

GET /p/player/latest/tfa.js?key=f6876ff40f5a74303c2b874c26eeb219bb08a0e6 HTTP/2.0
host: videoplayer.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
server: nginx
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 26 Jul 2024 14:24:53 GMT
cache-control: max-age=3600
etag: W/"4c9fa-4L78FgfXfCdah8Fix/9eXS4gD+0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fcca3ac5312885628d9e08bf264922b2.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: pcUzmA3ISBr1Av6xlTcMoYvimUqoNfWa60O3Wbike1a1p39sgltvsA==
age: 2726
GET

https://videoplayer.chip.de/p/player/latest/index.html?tid=chip-download-detail-no-autoplay&key=f6876ff40f5a74303c2b874c26eeb219bb08a0e6&playerName=dl8-player-instance-0&isPrimary=true

msedge.exe

Remote address:

52.85.223.81:443

Request

GET /p/player/latest/index.html?tid=chip-download-detail-no-autoplay&key=f6876ff40f5a74303c2b874c26eeb219bb08a0e6&playerName=dl8-player-instance-0&isPrimary=true HTTP/2.0
host: videoplayer.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
server: nginx
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 26 Jul 2024 14:37:31 GMT
cache-control: max-age=3600
etag: W/"aad4-qQWQ4F/t3oVn6DozfthY2/N+3gQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fcca3ac5312885628d9e08bf264922b2.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: hgDPM5Jg1qxy9Zy51LQCllygqTUGoikV2_Ud4MGx0uFwDdIRDVzpwA==
age: 1969
GET

https://videoplayer.chip.de/p/player/latest/index.js

msedge.exe

Remote address:

52.85.223.81:443

Request

GET /p/player/latest/index.js HTTP/2.0
host: videoplayer.chip.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://videoplayer.chip.de/p/player/latest/index.html?tid=chip-download-detail-no-autoplay&key=f6876ff40f5a74303c2b874c26eeb219bb08a0e6&playerName=dl8-player-instance-0&isPrimary=true
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: application/javascript
last-modified: Fri, 14 Jun 2024 12:47:45 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 26 Jul 2024 14:30:20 GMT
cache-control: max-age=3600
expires: Fri, 14 Jun 2024 13:47:44 GMT
etag: W/"6388a19d17c3723f3fb61803f38539b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fcca3ac5312885628d9e08bf264922b2.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: 6Uw4itnu-98oanV2yxLqRnLF-Ci-u4AShD8NZLskqnxU-wa-_q0NoA==
age: 2401
DNS

app.varify.io

msedge.exe

Remote address:

8.8.8.8:53

Request

app.varify.io

IN A

Response

app.varify.io

IN A

104.26.8.83

app.varify.io

IN A

104.26.9.83

app.varify.io

IN A

172.67.70.203
GET

http://www.chip.de/securedownload/guided-download/js.php?pid=chipderedesign&browser=edge&source=BLUB2&os=windows&proto=http://&lang=de&filename=Ultra+Virus+Killer&maxWebCamp=2&cids=a%3A1%3A%7Bi%3A0%3Ba%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22104856003%22%3Bi%3A1%3Bs%3A19%3A%2220240707T0658000000%22%3Bi%3A2%3Bs%3A8%3A%22Download%22%3Bi%3A3%3Bs%3A6%3A%22hosted%22%3Bi%3A4%3Bs%3A0%3A%22%22%3B%7D%7D&ck=1690437600

msedge.exe

Remote address:

2.16.167.72:80

Request

GET /securedownload/guided-download/js.php?pid=chipderedesign&browser=edge&source=BLUB2&os=windows&proto=http://&lang=de&filename=Ultra+Virus+Killer&maxWebCamp=2&cids=a%3A1%3A%7Bi%3A0%3Ba%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22104856003%22%3Bi%3A1%3Bs%3A19%3A%2220240707T0658000000%22%3Bi%3A2%3Bs%3A8%3A%22Download%22%3Bi%3A3%3Bs%3A6%3A%22hosted%22%3Bi%3A4%3Bs%3A0%3A%22%22%3B%7D%7D&ck=1690437600 HTTP/1.1
Host: www.chip.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/1.1 301 Moved Permanently

Server: AkamaiGHost
Content-Length: 0
Location: https://www.chip.de/securedownload/guided-download/js.php?pid=chipderedesign&browser=edge&source=BLUB2&os=windows&proto=http://&lang=de&filename=Ultra+Virus+Killer&maxWebCamp=2&cids=a%3A1%3A%7Bi%3A0%3Ba%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22104856003%22%3Bi%3A1%3Bs%3A19%3A%2220240707T0658000000%22%3Bi%3A2%3Bs%3A8%3A%22Download%22%3Bi%3A3%3Bs%3A6%3A%22hosted%22%3Bi%3A4%3Bs%3A0%3A%22%22%3B%7D%7D&ck=1690437600
Date: Fri, 26 Jul 2024 15:10:20 GMT
Connection: keep-alive
Permissions-Policy: ch-ua-model=*,ch-ua-platform-version=*
Accept-CH: sec-ch-ua-model,sec-ch-ua-platform-version
GET

http://www.chip.de/securedownload/instructions/style.css?1721944800

msedge.exe

Remote address:

2.16.167.72:80

Request

GET /securedownload/instructions/style.css?1721944800 HTTP/1.1
Host: www.chip.de
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/1.1 301 Moved Permanently

Server: AkamaiGHost
Content-Length: 0
Location: https://www.chip.de/securedownload/instructions/style.css?1721944800
Date: Fri, 26 Jul 2024 15:10:21 GMT
Connection: keep-alive
Permissions-Policy: ch-ua-model=*,ch-ua-platform-version=*
Accept-CH: sec-ch-ua-model,sec-ch-ua-platform-version
GET

https://app.varify.io/varify.js

msedge.exe

Remote address:

104.26.8.83:443

Request

GET /varify.js HTTP/2.0
host: app.varify.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

date: Fri, 26 Jul 2024 15:10:20 GMT
content-type: application/javascript
last-modified: Mon, 22 Jul 2024 17:31:20 GMT
etag: W/"669e9768-b013"
expires: Fri, 26 Jul 2024 15:11:42 GMT
cache-control: max-age=120
content-encoding: gzip
cf-cache-status: HIT
age: 38
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDCYTUlnBb3sWO8LGWLYZM39vdshfJbHTVRLQ19oSNJz2UcJsQkbWWkdTrdQMIQ0lzI0%2BJF6U1fYWhsckwijrqZ1045KcsE6HKmerMfoUbvmtqwGNzCtMK15X%2Bg89oU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8a9550dfda4963c3-LHR
GET

https://app.varify.io/v/2422

msedge.exe

Remote address:

104.26.8.83:443

Request

GET /v/2422 HTTP/2.0
host: app.varify.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

date: Fri, 26 Jul 2024 15:10:20 GMT
content-type: application/json
cf-ray: 8a9550e0cb9363c3-LHR
cf-cache-status: HIT
access-control-allow-origin: null
age: 10721
cache-control: max-age=120, public, s-maxage=86400
etag: W/"071fa7e9cea8487548c1860676102390"
strict-transport-security: max-age=0
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization, X-Xsrf-Token
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-powered-by: PHP/8.1.26
x-worker: cors
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxIUMlVPBVKFl8J%2B40xO%2BQFj3Qdc9kRTuaz9tXzQ88HaTBAbXtl%2FZ2Zk47aBTl8u4Q7LFDWxeiFnotXJBzl4TQmQ1V5tmSQFIdrRUp3lj3Rz7N0RSH%2FtYw86pO4A7As%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
DNS

assets.sp.chip.de

Remote address:

8.8.8.8:53

Request

assets.sp.chip.de

IN A

Response

assets.sp.chip.de

IN A

52.85.223.26

assets.sp.chip.de

IN A

52.85.223.51

assets.sp.chip.de

IN A

52.85.223.11

assets.sp.chip.de

IN A

52.85.223.124
DNS

cdn.bf-sugarless-production.aws.bfops.io

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.bf-sugarless-production.aws.bfops.io

IN A

Response

cdn.bf-sugarless-production.aws.bfops.io

IN A

52.85.223.3

cdn.bf-sugarless-production.aws.bfops.io

IN A

52.85.223.122

cdn.bf-sugarless-production.aws.bfops.io

IN A

52.85.223.72

cdn.bf-sugarless-production.aws.bfops.io

IN A

52.85.223.112
DNS

cdn.delight-vr.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.delight-vr.com

IN A

Response

cdn.delight-vr.com

IN A

52.85.223.73

cdn.delight-vr.com

IN A

52.85.223.35

cdn.delight-vr.com

IN A

52.85.223.111

cdn.delight-vr.com

IN A

52.85.223.64
DNS

5baf1288cf.dl8.me

msedge.exe

Remote address:

8.8.8.8:53

Request

5baf1288cf.dl8.me

IN A

Response

5baf1288cf.dl8.me

IN A

3.251.25.141

5baf1288cf.dl8.me

IN A

99.80.50.5

5baf1288cf.dl8.me

IN A

34.247.22.223
GET

https://cdn.bf-sugarless-production.aws.bfops.io/pearpie/client/1.0.0/index.min.js

msedge.exe

Remote address:

52.85.223.3:443

Request

GET /pearpie/client/1.0.0/index.min.js HTTP/2.0
host: cdn.bf-sugarless-production.aws.bfops.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: application/javascript
last-modified: Fri, 05 May 2023 11:49:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 26 Jul 2024 15:06:28 GMT
etag: W/"e3eda1933cd5edf16852f327c0437573"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2e14fb9d8f93852aec2f703fe567e56c.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: qEI5sNZ3BT3U7L91_9BQ0Ps8yOih2JS5_Rnsy1lqAp04ILiQ8RLcXQ==
age: 234
cache-control: max-age=3600
GET

https://cdn.delight-vr.com/latest-bf/dl8enabler.js

msedge.exe

Remote address:

52.85.223.73:443

Request

GET /latest-bf/dl8enabler.js HTTP/1.1
Host: cdn.delight-vr.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/1.1 200 OK

Content-Type: application/javascript; charset=utf-8
Content-Length: 14366
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Server: nginx/1.14.1
Date: Fri, 26 Jul 2024 14:19:59 GMT
Cache-Control: max-age=3600
ETag: W/"381e-niDP696gk4GKyzsdT5b++qA+Mhs"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 ece6fb64024e3d43644c86fda4cf06a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ATH50-C1
X-Amz-Cf-Id: 4Ef_SW_LCDUT1FU9TkIpAkPvW_Hbyb3tG5CMLyZhMlhZzi0wOOvvVw==
Age: 3027
GET

https://5baf1288cf.dl8.me/1.6.8/v-f6876ff40f5a74303c2b874c26eeb219bb08a0e6.gif?i=eyJ0IjoiaV9wcmVsb2FkIiwicCI6eyJwcm9kdWN0X2lkIjoicGxheWVyIiwiYWJfdGVzdF9pZCI6ImxhdGVzdCIsInVzZXJfcmVjdXJyaW5nIjpmYWxzZSwiaXNfbW9iaWxlIjpmYWxzZSwiaXNfdGFibGV0IjpmYWxzZSwiaXNfZGVza3RvcCI6dHJ1ZX19

msedge.exe

Remote address:

3.251.25.141:443

Request

GET /1.6.8/v-f6876ff40f5a74303c2b874c26eeb219bb08a0e6.gif?i=eyJ0IjoiaV9wcmVsb2FkIiwicCI6eyJwcm9kdWN0X2lkIjoicGxheWVyIiwiYWJfdGVzdF9pZCI6ImxhdGVzdCIsInVzZXJfcmVjdXJyaW5nIjpmYWxzZSwiaXNfbW9iaWxlIjpmYWxzZSwiaXNfdGFibGV0IjpmYWxzZSwiaXNfZGVza3RvcCI6dHJ1ZX19 HTTP/1.1
Host: 5baf1288cf.dl8.me
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Type: image/gif
Date: Fri, 26 Jul 2024 15:10:20 GMT
ETag: "5c06815d-2a"
Last-Modified: Tue, 04 Dec 2018 13:30:05 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Length: 42
Connection: keep-alive
DNS

2.211.222.173.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.211.222.173.in-addr.arpa

IN PTR

Response

2.211.222.173.in-addr.arpa

IN PTR

a173-222-211-2deploystaticakamaitechnologiescom
DNS

81.223.85.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.223.85.52.in-addr.arpa

IN PTR

Response

81.223.85.52.in-addr.arpa

IN PTR

server-52-85-223-81ath50r cloudfrontnet
DNS

183.142.211.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.142.211.20.in-addr.arpa

IN PTR

Response
DNS

83.8.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.8.26.104.in-addr.arpa

IN PTR

Response
GET

https://cdn.delight-vr.com/latest-bf/dl8-f6876ff40f5a74303c2b874c26eeb219bb08a0e6.js

msedge.exe

Remote address:

52.85.223.73:443

Request

GET /latest-bf/dl8-f6876ff40f5a74303c2b874c26eeb219bb08a0e6.js HTTP/1.1
Host: cdn.delight-vr.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://videoplayer.chip.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/1.1 200 OK

Content-Type: application/javascript; charset=utf-8
Content-Length: 282316
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Server: nginx/1.14.1
Cache-Control: max-age=3600
Date: Fri, 26 Jul 2024 14:31:59 GMT
ETag: W/"44ecc-7OQ8DhzkBjH6o2qlJtFt5glROLs"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 681f9d1841b09d340072c749d4b22f0e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ATH50-C1
X-Amz-Cf-Id: IaJ0A3ABXWAoPYr2Y4Oup7xPVCEC1GjTwc_1ICoZTyTGk98sOIax2w==
Age: 2301
DNS

vteam.focus.de

msedge.exe

Remote address:

8.8.8.8:53

Request

vteam.focus.de

IN A

Response

vteam.focus.de

IN CNAME

vteam.focus.de.26045.edgekey.net

vteam.focus.de.26045.edgekey.net

IN CNAME

e26045.dscf.akamaiedge.net

e26045.dscf.akamaiedge.net

IN A

2.16.167.146

e26045.dscf.akamaiedge.net

IN A

2.16.167.8
DNS

media-api-prod.delight-vr.com

msedge.exe

Remote address:

8.8.8.8:53

Request

media-api-prod.delight-vr.com

IN A

Response

media-api-prod.delight-vr.com

IN A

52.85.223.60

media-api-prod.delight-vr.com

IN A

52.85.223.72

media-api-prod.delight-vr.com

IN A

52.85.223.121

media-api-prod.delight-vr.com

IN A

52.85.223.25
GET

https://vteam.focus.de/assets/chip/CHIP-Logo.svg

msedge.exe

Remote address:

2.16.167.146:443

Request

GET /assets/chip/CHIP-Logo.svg HTTP/2.0
host: vteam.focus.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://videoplayer.chip.de/
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/svg+xml
etag: "caebfa409fd143bc43ebfec1f8ca8388:1568636288.85325"
last-modified: Mon, 16 Sep 2019 12:18:08 GMT
server: AkamaiNetStorage
content-length: 3114
cache-control: max-age=60
expires: Fri, 26 Jul 2024 15:11:20 GMT
date: Fri, 26 Jul 2024 15:10:20 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
GET

https://vteam.focus.de/assets/fol/play-white-01.svg

msedge.exe

Remote address:

2.16.167.146:443

Request

GET /assets/fol/play-white-01.svg HTTP/2.0
host: vteam.focus.de
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://videoplayer.chip.de/
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/svg+xml
etag: "2381c24e6018856906ed22a50d3ffed4:1568636288.175301"
last-modified: Mon, 16 Sep 2019 12:18:08 GMT
server: AkamaiNetStorage
content-length: 529
cache-control: max-age=60
expires: Fri, 26 Jul 2024 15:11:20 GMT
date: Fri, 26 Jul 2024 15:10:20 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
OPTIONS

https://media-api-prod.delight-vr.com/api/v1/content/3fcced645b2707f1532ddccabf4861e879082004

msedge.exe

Remote address:

52.85.223.60:443

Request

OPTIONS /api/v1/content/3fcced645b2707f1532ddccabf4861e879082004 HTTP/2.0
host: media-api-prod.delight-vr.com
accept: */*
access-control-request-method: GET
access-control-request-headers: x-dl8-licensekey
origin: null
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 204

date: Fri, 26 Jul 2024 15:10:21 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: x-dl8-licensekey
x-cache: Miss from cloudfront
via: 1.1 bb8a874d65e0b595aaa3d9aa3f930102.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: T2G57AfnW4epOYox1-muewKoLqC5_VAVBofuNv-CGyEyNcFqvWnfxw==
GET

https://media-api-prod.delight-vr.com/api/v1/content/3fcced645b2707f1532ddccabf4861e879082004

msedge.exe

Remote address:

52.85.223.60:443

Request

GET /api/v1/content/3fcced645b2707f1532ddccabf4861e879082004 HTTP/2.0
host: media-api-prod.delight-vr.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
x-dl8-licensekey: f6876ff40f5a74303c2b874c26eeb219bb08a0e6
accept: */*
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Fri, 26 Jul 2024 15:10:21 GMT
server: nginx
access-control-allow-origin: *
cache-control: max-age=43200, public, must-revalidate
etag: W/"16cb-KHM3JLaV6+EVVxcThh16OR8uWD0"
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 bb8a874d65e0b595aaa3d9aa3f930102.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: hATxiZ1JL14rTyceUJXofQ46XLjYHG9b_qstr4VnBBjEkl_OY3MOIw==
GET

https://media-api-prod.delight-vr.com/api/v1/recommend/f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004?limit=20&tags=facebook&tags=virus&tags=link&tags=facebook+messenger

msedge.exe

Remote address:

52.85.223.60:443

Request

GET /api/v1/recommend/f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004?limit=20&tags=facebook&tags=virus&tags=link&tags=facebook+messenger HTTP/2.0
host: media-api-prod.delight-vr.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Fri, 26 Jul 2024 15:10:21 GMT
server: nginx
access-control-allow-origin: *
cache-control: max-age=1800, public, must-revalidate
etag: W/"2b38c-ZEat3lbJ611q1VL9FYsb4AAI56s"
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 bb8a874d65e0b595aaa3d9aa3f930102.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: -uOO1Ee-yIoKDw1ojF7IjyxCWtloff8mxTcpFDndhB9EyuT6OJyvRw==
DNS

141.25.251.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

141.25.251.3.in-addr.arpa

IN PTR

Response

141.25.251.3.in-addr.arpa

IN PTR

ec2-3-251-25-141 eu-west-1compute amazonawscom
DNS

3.223.85.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.223.85.52.in-addr.arpa

IN PTR

Response

3.223.85.52.in-addr.arpa

IN PTR

server-52-85-223-3ath50r cloudfrontnet
DNS

73.223.85.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.223.85.52.in-addr.arpa

IN PTR

Response

73.223.85.52.in-addr.arpa

IN PTR

server-52-85-223-73ath50r cloudfrontnet
DNS

146.167.16.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

146.167.16.2.in-addr.arpa

IN PTR

Response

146.167.16.2.in-addr.arpa

IN PTR

a2-16-167-146deploystaticakamaitechnologiescom
DNS

60.223.85.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

60.223.85.52.in-addr.arpa

IN PTR

Response

60.223.85.52.in-addr.arpa

IN PTR

server-52-85-223-60ath50r cloudfrontnet
DNS

assets.sp.chip.de

Remote address:

8.8.8.8:53

Request

assets.sp.chip.de

IN A

Response

assets.sp.chip.de

IN A

52.85.223.51

assets.sp.chip.de

IN A

52.85.223.11

assets.sp.chip.de

IN A

52.85.223.124

assets.sp.chip.de

IN A

52.85.223.26
DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.dual-a-0034.a-msedge.net

g-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

204.79.197.237

dual-a-0034.a-msedge.net

IN A

13.107.21.237
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid=

Remote address:

204.79.197.237:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1C8F7FC70BC8634422786B0F0A73627D; domain=.bing.com; expires=Wed, 20-Aug-2025 15:10:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 346D1F8286FB486E93478DF1ED6B6C23 Ref B: LON04EDGE0922 Ref C: 2024-07-26T15:10:22Z
date: Fri, 26 Jul 2024 15:10:22 GMT
GET

https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid=

Remote address:

204.79.197.237:443

Request

GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=1C8F7FC70BC8634422786B0F0A73627D

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=yExm5kGR5cfLM_dscvL9Bl9xik4wIMsptHR1w55azI0; domain=.bing.com; expires=Wed, 20-Aug-2025 15:10:22 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 98C01F3E666E48B2A06DC7E963781354 Ref B: LON04EDGE0922 Ref C: 2024-07-26T15:10:22Z
date: Fri, 26 Jul 2024 15:10:22 GMT
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid=

Remote address:

204.79.197.237:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=1C8F7FC70BC8634422786B0F0A73627D; MSPTC=yExm5kGR5cfLM_dscvL9Bl9xik4wIMsptHR1w55azI0

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 268FEB540BA44200A60749C44826E456 Ref B: LON04EDGE0922 Ref C: 2024-07-26T15:10:22Z
date: Fri, 26 Jul 2024 15:10:22 GMT
DNS

237.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.197.79.204.in-addr.arpa

IN PTR

Response
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

217.106.137.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.106.137.52.in-addr.arpa

IN PTR

Response
DNS

tags.chip.de

msedge.exe

Remote address:

8.8.8.8:53

Request

tags.chip.de

IN A

Response

tags.chip.de

IN CNAME

tags.chip.de.greylabeldelivery.com

tags.chip.de.greylabeldelivery.com

IN A

52.85.223.36

tags.chip.de.greylabeldelivery.com

IN A

52.85.223.117

tags.chip.de.greylabeldelivery.com

IN A

52.85.223.61

tags.chip.de.greylabeldelivery.com

IN A

52.85.223.125
DNS

26.165.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.165.165.52.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

192.142.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

192.142.123.92.in-addr.arpa

IN PTR

Response

192.142.123.92.in-addr.arpa

IN PTR

a92-123-142-192deploystaticakamaitechnologiescom
DNS

57.169.31.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.169.31.20.in-addr.arpa

IN PTR

Response
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

ax-0001.ax-msedge.net

ax-0001.ax-msedge.net

IN A

150.171.28.10

ax-0001.ax-msedge.net

IN A

150.171.27.10
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340418586_15W93I98EWXDJY7GO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239340418586_15W93I98EWXDJY7GO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 488476
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C521E6219B4745339B11F7F7E9A0DFDD Ref B: LON04EDGE1018 Ref C: 2024-07-26T15:12:02Z
date: Fri, 26 Jul 2024 15:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340418585_1K319IV1QEN3HBC0V&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239340418585_1K319IV1QEN3HBC0V&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 443925
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A4A4F01A8725436BBD60E9CD4E42DB3B Ref B: LON04EDGE1018 Ref C: 2024-07-26T15:12:02Z
date: Fri, 26 Jul 2024 15:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239339388104_1WOMQSFLGSNQV3AH1&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239339388104_1WOMQSFLGSNQV3AH1&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 659067
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2D890DC8C7F1452191383E350C67CC1F Ref B: LON04EDGE1018 Ref C: 2024-07-26T15:12:02Z
date: Fri, 26 Jul 2024 15:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301192_1O6NEWTZHCNXAKIDN&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239317301192_1O6NEWTZHCNXAKIDN&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 357673
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E5AF0DD7F9A41EF9725CE69A9342ED4 Ref B: LON04EDGE1018 Ref C: 2024-07-26T15:12:02Z
date: Fri, 26 Jul 2024 15:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239339388103_1CSWF230IMLBJ1BZH&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239339388103_1CSWF230IMLBJ1BZH&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 714240
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 472383963DF640BC81F7EAB976FA69D0 Ref B: LON04EDGE1018 Ref C: 2024-07-26T15:12:02Z
date: Fri, 26 Jul 2024 15:12:02 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301601_1XLI7BR2VR1H1YJXB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

150.171.28.10:443

Request

GET /th?id=OADD2.10239317301601_1XLI7BR2VR1H1YJXB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 331612
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2998CE775E7648808D35AE6517C5E9DF Ref B: LON04EDGE1018 Ref C: 2024-07-26T15:12:03Z
date: Fri, 26 Jul 2024 15:12:03 GMT
DNS

28.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.73.42.20.in-addr.arpa

IN PTR

Response
DNS

28.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.73.42.20.in-addr.arpa

IN PTR

Response

2.16.167.72:443

www.chip.de

tls

msedge.exe

1.1kB
4.6kB
10
9
2.16.167.72:443

www.chip.de

tls

msedge.exe

1.1kB
4.6kB
10
10
2.16.167.72:443

www.chip.de

tls

msedge.exe

1.1kB
4.6kB
10
9
2.16.167.72:443

www.chip.de

tls

msedge.exe

1.1kB
4.6kB
10
10
2.16.167.72:443

https://www.chip.de/fec/assets/font/Asap-Regular.woff2?cache=bust210115

tls, http2

msedge.exe

4.0kB
71.5kB
51
68

HTTP Request

GET https://www.chip.de/fec/assets/font/Asap-Regular.woff2?cache=bust210115

HTTP Request

GET https://www.chip.de/fec/assets/font/Asap-Italic.woff2?cache=bust210115

HTTP Request

GET https://www.chip.de/fec/assets/font/Asap-Bold.woff2?cache=bust210115

HTTP Request

GET https://www.chip.de/fec/assets/font/Asap-BoldItalic.woff2?cache=bust210115

HTTP Request

GET https://www.chip.de/fec/assets/font/chip-icons-v02.woff2?cache=bust240320

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.chip.de/fec/assets/font/chip-icons-v02.woff2?cache=bust211011

HTTP Response

200

HTTP Request

GET https://www.chip.de/fec/assets/font/Asap-Regular.woff2?cache=bust210115

HTTP Response

200
2.16.167.72:443

https://www.chip.de/fec/assets/favicon/favicon.ico?v=02

tls, http2

msedge.exe

14.2kB
518.7kB
237
414

HTTP Request

GET https://www.chip.de/static/assets/chip-pages/downloads/downloads-detail-v5.8.9.css?2289

HTTP Response

200

HTTP Request

GET https://www.chip.de/static/assets/chip-pages/downloads/downloads-detail-v5.8.9.js?7276

HTTP Request

GET https://content.chip.de/assets/css/global.css?1313

HTTP Request

GET https://content.chip.de/assets/js/output.min.js?9948

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://im.chip.de/ii/4/0/2/4/2/5/8/7/q8ET5oSz_TVxoq5kVfc_8zB5-Hfe7c0a054acc0c9.jpg?im=Resize%3D%28144%2C144%29%2Caspect%3Dfit%3BAspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%2CallowExpansion%3BBackgroundColor%2Ccolor%3Dffffff&hash=6940cfb524ed054a715ff09aa51f832f48e7cdecdececbfd592a739299086f9d

HTTP Request

GET https://im.chip.de/ii/0/9/1/1/2/6/0/9/q8zqBx_5cEVzoV-SkbzVIzS2-Jfc1daa8d3a89c03.png?im=Resize%3D%28144%2C144%29%2Caspect%3Dfit%3BAspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%2CallowExpansion%3BBackgroundColor%2Ccolor%3Dffffff&hash=b5e1716e85d3255be181c091ad10de4664e4861eccf26413a6e4a1c510065fab

HTTP Request

GET https://im.chip.de/ii/0/3/5/4/6/1/0/2/1/f8zx5b5EE_5xEqbB8EV_Izn2R-f480439a9b173433.gif?im=Resize%3D%28144%2C144%29%2Caspect%3Dfit%3BAspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%2CallowExpansion%3BBackgroundColor%2Ccolor%3Dffffff&hash=be23aa4903386db3802b3bf79505a4453b2ba6b3d47cf9172c073a70f19eaee3

HTTP Request

GET https://im.chip.de/ii/5/5/8/0/3/6/1/9/UVK-ICO-b246844b0f35e29e.jpg?im=AspectCrop%2Csize%3D%281%2C1%29%2Cgravity%3DCenter%3BResize%3D%28204%2C204%29%2Caspect%3Dfit%3BBackgroundColor%2Ccolor%3Dffffff&hash=767eb658099588e9464e5273350b7d5f90dc2e6b654b87d913cb99ba19873224

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.chip.de/fec/assets/downloads/img/instructions/dl_instruction_02_FF_ED.png

HTTP Request

GET https://www.chip.de/fec/assets/downloads/img/instructions/dl_instruction_07.png

HTTP Request

GET https://www.chip.de/fec/assets/downloads/img/instructions/dl_instruction_09.png

HTTP Request

GET https://www.chip.de/fec/assets/downloads/img/instructions/activitybar.gif

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.chip.de/securedownload/guided-download/js.php?pid=chipderedesign&browser=edge&source=BLUB2&os=windows&proto=http://&lang=de&filename=Ultra+Virus+Killer&maxWebCamp=2&cids=a%3A1%3A%7Bi%3A0%3Ba%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22104856003%22%3Bi%3A1%3Bs%3A19%3A%2220240707T0658000000%22%3Bi%3A2%3Bs%3A8%3A%22Download%22%3Bi%3A3%3Bs%3A6%3A%22hosted%22%3Bi%3A4%3Bs%3A0%3A%22%22%3B%7D%7D&ck=1690437600

HTTP Response

200

HTTP Request

GET https://www.chip.de/securedownload/instructions/style.css?1721944800

HTTP Response

200

HTTP Request

GET https://www.chip.de/fec/assets/favicon/favicon.ico?v=02

HTTP Response

200
2.16.167.152:443

content.chip.de

tls

msedge.exe

1.1kB
4.6kB
10
9
143.244.56.51:443

https://cp.chip.de/chunks/cp-chunk-cmp-sourcepoint.20240724100952-4c4c20aa95.0648b7a70ef49e17f8e1.js

tls, http2

msedge.exe

3.0kB
40.8kB
39
44

HTTP Request

GET https://cp.chip.de/now.js

HTTP Response

200

HTTP Request

GET https://cp.chip.de/chunks/cp-chunk-cmp-sourcepoint.20240724100952-4c4c20aa95.0648b7a70ef49e17f8e1.js

HTTP Response

200
52.85.223.36:443

https://tags.chip.de/chip-web/prod/utag.js

tls, http2

msedge.exe

2.7kB
31.3kB
36
37

HTTP Request

GET https://tags.chip.de/chip-web/prod/utag.js

HTTP Response

200
52.85.223.4:443

https://cmp.chip.de/unified/4.25.0/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js

tls, http2

msedge.exe

3.9kB
74.2kB
59
70

HTTP Request

GET https://cmp.chip.de/unified/wrapperMessagingWithoutDetection.js

HTTP Response

200

HTTP Request

GET https://cmp.chip.de/unified/4.25.0/custom.1a28bbe027bd69b90733.bundle.js

HTTP Request

GET https://cmp.chip.de/unified/4.25.0/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js

HTTP Response

200

HTTP Response

200
173.222.211.2:443

https://media-video.chip.de/f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004/POSTER_USER/v0/1603444800478-1_p1rm3hmc.jpeg

tls, http

msedge.exe

4.2kB
67.2kB
46
70

HTTP Request

GET https://media-video.chip.de/f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004/POSTER_USER/v0/1603444800478-1_p1rm3hmc.jpeg

HTTP Response

200

HTTP Request

GET https://media-video.chip.de/f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004/POSTER_USER/v0/1603444800478-1_p1rm3hmc.jpeg

HTTP Response

200
143.244.56.51:443

https://cp.chip.de/properties/3a2d4c15/config.json

tls, http2

msedge.exe

1.9kB
7.9kB
18
20

HTTP Request

GET https://cp.chip.de/properties/3a2d4c15/config.json

HTTP Response

200
52.85.223.4:443

https://cmp.chip.de/wrapper/metrics/v1/custom-metrics

tls, http2

msedge.exe

2.6kB
8.3kB
23
27

HTTP Request

GET https://cmp.chip.de/mms/v2/get_site_data?hasCsp=true&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FUltra-Virus-Killer_104856004.html&account_id=217

HTTP Response

400

HTTP Request

OPTIONS https://cmp.chip.de/wrapper/metrics/v1/custom-metrics

HTTP Response

200

HTTP Request

POST https://cmp.chip.de/wrapper/metrics/v1/custom-metrics

HTTP Response

200
52.85.223.81:443

https://videoplayer.chip.de/p/player/latest/index.js

tls, http2

msedge.exe

6.8kB
223.5kB
113
175

HTTP Request

GET https://videoplayer.chip.de/p/player/latest/tfa.js?key=f6876ff40f5a74303c2b874c26eeb219bb08a0e6

HTTP Response

200

HTTP Request

GET https://videoplayer.chip.de/p/player/latest/index.html?tid=chip-download-detail-no-autoplay&key=f6876ff40f5a74303c2b874c26eeb219bb08a0e6&playerName=dl8-player-instance-0&isPrimary=true

HTTP Response

200

HTTP Request

GET https://videoplayer.chip.de/p/player/latest/index.js

HTTP Response

200
2.16.167.72:80

http://www.chip.de/securedownload/instructions/style.css?1721944800

http

msedge.exe

2.0kB
1.9kB
20
19

HTTP Request

GET http://www.chip.de/securedownload/guided-download/js.php?pid=chipderedesign&browser=edge&source=BLUB2&os=windows&proto=http://&lang=de&filename=Ultra+Virus+Killer&maxWebCamp=2&cids=a%3A1%3A%7Bi%3A0%3Ba%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22104856003%22%3Bi%3A1%3Bs%3A19%3A%2220240707T0658000000%22%3Bi%3A2%3Bs%3A8%3A%22Download%22%3Bi%3A3%3Bs%3A6%3A%22hosted%22%3Bi%3A4%3Bs%3A0%3A%22%22%3B%7D%7D&ck=1690437600

HTTP Response

301

HTTP Request

GET http://www.chip.de/securedownload/instructions/style.css?1721944800

HTTP Response

301
104.26.8.83:443

https://app.varify.io/v/2422

tls, http2

msedge.exe

2.8kB
21.4kB
36
43

HTTP Request

GET https://app.varify.io/varify.js

HTTP Response

200

HTTP Request

GET https://app.varify.io/v/2422

HTTP Response

200
52.85.223.26:445

assets.sp.chip.de

260 B
5
52.85.223.3:443

https://cdn.bf-sugarless-production.aws.bfops.io/pearpie/client/1.0.0/index.min.js

tls, http2

msedge.exe

2.3kB
18.5kB
26
28

HTTP Request

GET https://cdn.bf-sugarless-production.aws.bfops.io/pearpie/client/1.0.0/index.min.js

HTTP Response

200
52.85.223.73:443

https://cdn.delight-vr.com/latest-bf/dl8enabler.js

tls, http

msedge.exe

2.1kB
22.7kB
21
29

HTTP Request

GET https://cdn.delight-vr.com/latest-bf/dl8enabler.js

HTTP Response

200
3.251.25.141:443

https://5baf1288cf.dl8.me/1.6.8/v-f6876ff40f5a74303c2b874c26eeb219bb08a0e6.gif?i=eyJ0IjoiaV9wcmVsb2FkIiwicCI6eyJwcm9kdWN0X2lkIjoicGxheWVyIiwiYWJfdGVzdF9pZCI6ImxhdGVzdCIsInVzZXJfcmVjdXJyaW5nIjpmYWxzZSwiaXNfbW9iaWxlIjpmYWxzZSwiaXNfdGFibGV0IjpmYWxzZSwiaXNfZGVza3RvcCI6dHJ1ZX19

tls, http

msedge.exe

2.1kB
6.4kB
13
14

HTTP Request

GET https://5baf1288cf.dl8.me/1.6.8/v-f6876ff40f5a74303c2b874c26eeb219bb08a0e6.gif?i=eyJ0IjoiaV9wcmVsb2FkIiwicCI6eyJwcm9kdWN0X2lkIjoicGxheWVyIiwiYWJfdGVzdF9pZCI6ImxhdGVzdCIsInVzZXJfcmVjdXJyaW5nIjpmYWxzZSwiaXNfbW9iaWxlIjpmYWxzZSwiaXNfdGFibGV0IjpmYWxzZSwiaXNfZGVza3RvcCI6dHJ1ZX19

HTTP Response

200
52.85.223.73:443

https://cdn.delight-vr.com/latest-bf/dl8-f6876ff40f5a74303c2b874c26eeb219bb08a0e6.js

tls, http

msedge.exe

6.8kB
298.9kB
121
227

HTTP Request

GET https://cdn.delight-vr.com/latest-bf/dl8-f6876ff40f5a74303c2b874c26eeb219bb08a0e6.js

HTTP Response

200
2.16.167.146:443

vteam.focus.de

tls

msedge.exe

1.1kB
4.6kB
10
9
2.16.167.146:443

https://vteam.focus.de/assets/fol/play-white-01.svg

tls, http2

msedge.exe

2.1kB
9.6kB
19
23

HTTP Request

GET https://vteam.focus.de/assets/chip/CHIP-Logo.svg

HTTP Request

GET https://vteam.focus.de/assets/fol/play-white-01.svg

HTTP Response

200

HTTP Response

200
52.85.223.60:443

https://media-api-prod.delight-vr.com/api/v1/recommend/f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004?limit=20&tags=facebook&tags=virus&tags=link&tags=facebook+messenger

tls, http2

msedge.exe

2.6kB
21.3kB
25
36

HTTP Request

OPTIONS https://media-api-prod.delight-vr.com/api/v1/content/3fcced645b2707f1532ddccabf4861e879082004

HTTP Response

204

HTTP Request

GET https://media-api-prod.delight-vr.com/api/v1/content/3fcced645b2707f1532ddccabf4861e879082004

HTTP Response

200

HTTP Request

GET https://media-api-prod.delight-vr.com/api/v1/recommend/f6876ff40f5a74303c2b874c26eeb219bb08a0e6/3fcced645b2707f1532ddccabf4861e879082004?limit=20&tags=facebook&tags=virus&tags=link&tags=facebook+messenger

HTTP Response

200
52.85.223.51:445

assets.sp.chip.de

260 B
5
52.85.223.11:445

assets.sp.chip.de

260 B
5
52.85.223.124:445

assets.sp.chip.de

260 B
5
52.85.223.51:139

assets.sp.chip.de

260 B
5
204.79.197.237:443

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid=

tls, http2

2.0kB
9.3kB
21
19

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=4ebdd1e02038464da6872cf900e5851a&localId=w:2199DD2E-A1D9-6377-4DC2-EDD793B3B417&deviceId=6825836757717110&anid=

HTTP Response

204
52.85.223.36:445

tags.chip.de

260 B
5
52.85.223.117:445

tags.chip.de

260 B
5
52.85.223.61:445

tags.chip.de

260 B
5
52.85.223.125:445

tags.chip.de

260 B
5
150.171.28.10:443

tse1.mm.bing.net

tls, http2

1.2kB
6.9kB
16
13
150.171.28.10:443

https://tse1.mm.bing.net/th?id=OADD2.10239317301601_1XLI7BR2VR1H1YJXB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

tls, http2

106.1kB
3.1MB
2255
2251

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340418586_15W93I98EWXDJY7GO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340418585_1K319IV1QEN3HBC0V&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239339388104_1WOMQSFLGSNQV3AH1&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301192_1O6NEWTZHCNXAKIDN&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239339388103_1CSWF230IMLBJ1BZH&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301601_1XLI7BR2VR1H1YJXB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Response

200
150.171.28.10:443

tse1.mm.bing.net

tls, http2

1.2kB
6.9kB
16
13
150.171.28.10:443

tse1.mm.bing.net

tls, http2

1.2kB
6.9kB
16
13
150.171.28.10:443

tse1.mm.bing.net

tls, http2

1.2kB
6.9kB
16
13

8.8.8.8:53

www.chip.de

dns

msedge.exe

57 B
169 B
1
1

DNS Request

www.chip.de

DNS Response

2.16.167.72

2.16.167.152
8.8.8.8:53

content.chip.de

dns

msedge.exe

61 B
177 B
1
1

DNS Request

content.chip.de

DNS Response

2.16.167.152

2.16.167.72
8.8.8.8:53

cmp.chip.de

dns

msedge.exe

57 B
159 B
1
1

DNS Request

cmp.chip.de

DNS Response

52.85.223.4

52.85.223.54

52.85.223.92

52.85.223.111
8.8.8.8:53

cp.chip.de

dns

msedge.exe

56 B
156 B
1
1

DNS Request

cp.chip.de

DNS Response

143.244.56.51
8.8.8.8:53

tags.chip.de

dns

msedge.exe

58 B
170 B
1
1

DNS Request

tags.chip.de

DNS Response

52.85.223.36

52.85.223.125

52.85.223.117

52.85.223.61
8.8.8.8:53

im.chip.de

dns

msedge.exe

56 B
167 B
1
1

DNS Request

im.chip.de

DNS Response

2.16.167.152

2.16.167.72
8.8.8.8:53

media-video.chip.de

dns

msedge.exe

65 B
179 B
1
1

DNS Request

media-video.chip.de

DNS Response

173.222.211.2

173.222.210.91
143.244.56.51:443

cp.chip.de

https

msedge.exe

1.4kB
1
8.8.8.8:53

71.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

71.31.126.40.in-addr.arpa
8.8.8.8:53

72.167.16.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

72.167.16.2.in-addr.arpa
8.8.8.8:53

152.167.16.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

152.167.16.2.in-addr.arpa
8.8.8.8:53

51.56.244.143.in-addr.arpa

dns

72 B
114 B
1
1

DNS Request

51.56.244.143.in-addr.arpa
8.8.8.8:53

36.223.85.52.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

36.223.85.52.in-addr.arpa
8.8.8.8:53

4.223.85.52.in-addr.arpa

dns

70 B
125 B
1
1

DNS Request

4.223.85.52.in-addr.arpa
8.8.8.8:53

96.223.85.52.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

96.223.85.52.in-addr.arpa
8.8.8.8:53

videoplayer.chip.de

dns

msedge.exe

65 B
166 B
1
1

DNS Request

videoplayer.chip.de

DNS Response

52.85.223.81

52.85.223.75

52.85.223.27

52.85.223.87
8.8.8.8:53

app.varify.io

dns

msedge.exe

59 B
107 B
1
1

DNS Request

app.varify.io

DNS Response

104.26.8.83

104.26.9.83

172.67.70.203
8.8.8.8:53

assets.sp.chip.de

dns

63 B
127 B
1
1

DNS Request

assets.sp.chip.de

DNS Response

52.85.223.26

52.85.223.51

52.85.223.11

52.85.223.124
8.8.8.8:53

cdn.bf-sugarless-production.aws.bfops.io

dns

msedge.exe

86 B
150 B
1
1

DNS Request

cdn.bf-sugarless-production.aws.bfops.io

DNS Response

52.85.223.3

52.85.223.122

52.85.223.72

52.85.223.112
8.8.8.8:53

cdn.delight-vr.com

dns

msedge.exe

64 B
128 B
1
1

DNS Request

cdn.delight-vr.com

DNS Response

52.85.223.73

52.85.223.35

52.85.223.111

52.85.223.64
8.8.8.8:53

5baf1288cf.dl8.me

dns

msedge.exe

63 B
111 B
1
1

DNS Request

5baf1288cf.dl8.me

DNS Response

3.251.25.141

99.80.50.5

34.247.22.223
8.8.8.8:53

2.211.222.173.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

2.211.222.173.in-addr.arpa
8.8.8.8:53

81.223.85.52.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

81.223.85.52.in-addr.arpa
8.8.8.8:53

183.142.211.20.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

183.142.211.20.in-addr.arpa
8.8.8.8:53

83.8.26.104.in-addr.arpa

dns

70 B
132 B
1
1

DNS Request

83.8.26.104.in-addr.arpa
8.8.8.8:53

vteam.focus.de

dns

msedge.exe

60 B
175 B
1
1

DNS Request

vteam.focus.de

DNS Response

2.16.167.146

2.16.167.8
8.8.8.8:53

media-api-prod.delight-vr.com

dns

msedge.exe

75 B
139 B
1
1

DNS Request

media-api-prod.delight-vr.com

DNS Response

52.85.223.60

52.85.223.72

52.85.223.121

52.85.223.25
8.8.8.8:53

141.25.251.3.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

141.25.251.3.in-addr.arpa
8.8.8.8:53

3.223.85.52.in-addr.arpa

dns

70 B
125 B
1
1

DNS Request

3.223.85.52.in-addr.arpa
8.8.8.8:53

73.223.85.52.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

73.223.85.52.in-addr.arpa
8.8.8.8:53

146.167.16.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

146.167.16.2.in-addr.arpa
8.8.8.8:53

60.223.85.52.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

60.223.85.52.in-addr.arpa
8.8.8.8:53

assets.sp.chip.de

dns

63 B
127 B
1
1

DNS Request

assets.sp.chip.de

DNS Response

52.85.223.51

52.85.223.11

52.85.223.124

52.85.223.26
8.8.8.8:53

g.bing.com

dns

56 B
151 B
1
1

DNS Request

g.bing.com

DNS Response

204.79.197.237

13.107.21.237
8.8.8.8:53

237.197.79.204.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

237.197.79.204.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
224.0.0.251:5353

msedge.exe

528 B
8
8.8.8.8:53

217.106.137.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

217.106.137.52.in-addr.arpa
8.8.8.8:53

tags.chip.de

dns

msedge.exe

58 B
170 B
1
1

DNS Request

tags.chip.de

DNS Response

52.85.223.36

52.85.223.117

52.85.223.61

52.85.223.125
8.8.8.8:53

26.165.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

26.165.165.52.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

192.142.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

192.142.123.92.in-addr.arpa
8.8.8.8:53

57.169.31.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

57.169.31.20.in-addr.arpa
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

62 B
170 B
1
1

DNS Request

tse1.mm.bing.net

DNS Response

150.171.28.10

150.171.27.10
8.8.8.8:53

28.73.42.20.in-addr.arpa

dns

140 B
312 B
2
2

DNS Request

28.73.42.20.in-addr.arpa

DNS Request

28.73.42.20.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
584971c8ba88c824fd51a05dddb45a98

SHA1
b7c9489b4427652a9cdd754d1c1b6ac4034be421

SHA256
e2d8de6c2323bbb3863ec50843d9b58a22e911fd626d31430658b9ea942cd307

SHA512
5dbf1a4631a04d1149d8fab2b8e0e43ccd97b7212de43b961b9128a8bf03329164fdeb480154a8ffea5835f28417a7d2b115b8bf8d578d00b13c3682aa5ca726

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b28ef7d9f6d74f055cc49876767c886c

SHA1
d6b3267f36c340979f8fc3e012fdd02c468740bf

SHA256
fa6804456884789f4bdf9c3f5a4a8f29e0ededde149c4384072f3d8cc85bcc37

SHA512
491f893c8f765e5d629bce8dd5067cef4e2ebc558d43bfb05e358bca43e1a66ee1285519bc266fd0ff5b5e09769a56077b62ac55fa8797c1edf6205843356e75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
1ade8d8cf53d1c9ed19dadeee28e7453

SHA1
01eb6e404104ae74c324fcd1a9beb857e31f1776

SHA256
281e6661dd9537db72f56742dd45feadff01bbaaf327df71c968e177e2ff0a2d

SHA512
d35bd609970a6c5672f64c57a5bf8ae6c49319bce2ab7b3626bd29a925eaf5293656a1b95f58b837a8134a8ec2498dfa0de25bbbf324a67ab36badb1b13de4db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
11b239ce7a50948e322effb20535a151

SHA1
a7898d48ce16dcd00ab2757426962ab919cb8772

SHA256
2a66a22ca7126173f29fcf7252a89b200cdbf8cd070302f12aeb79cbb6462d74

SHA512
bbe5a5f15bfc91e0499428fbe2b9fafb4bebadd7b3f45826e409f6c1d866465df2c6134be8d9675b16fe8597bea850156ab8d21dd92210196dd1a77b64caddad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ae3d9e0ceac8c10387a5589ccc0eecff

SHA1
c9d9f7ac8b08016ac0a6a5500de92ade7865c175

SHA256
a0bfa480a61707e6576dbc960f90d4f7745254438206d7bb2b11242e2e0cbb32

SHA512
26818ffe7db9725cc7c70352e3473530c23e5e1d30961d843f11e16bf2783870754b164db75b614628c701cdff83d38ed87f4fc97c19feb43b60d0d1a76de87d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
50afb77f10bab83227bf8c04618520e9

SHA1
9e2fc9568094acfface2c0fb3867fd9efa220475

SHA256
968678204c2042b8b9cf7fd28c161bec75f8e7066c8cc1fd5bbfcf6fbcd0e977

SHA512
f97389e47581a41cd778d4cda729f970aae3cde7e287bc7fcd30a6a359f946e90b9907fe275e9c55440b3cf4f6fe7bbddbc5bfe05e89f77ae537e04235cc2f74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
148ae2babe229418cce60046706e1b00

SHA1
ef277cfe5c42bb1064521c78a2fdba04b99a1daf

SHA256
48d4903169928d59751ca034fc0e75dea0f5b5bd82e2806a1664cd7666672fe3

SHA512
f617cda100933a08d0b004e7003ccb976315914e6130aed3b59ff170e1b0d634c5939467bb2265cdc14cc6a719946836d676143b6548dc6e6d081ccb54022847

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
80cf6baba59a169017378c02aae84f77

SHA1
bad29dfdbc84a440b9d37af83cc908f2710d9bff

SHA256
0c9bca1a131c85526a668e0ce06a2fafe7d2d54728e0daff0eed2eafef1a55f8

SHA512
7ff59cf3b9680754e733fa50b0cff5e89d901d3c7117ea0502f5e9d483db74bfdc53f1578ace86399721eb12f31584c29e49126c59366183b565a04c024a5749

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response