Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

82a4aab706...18.exe

windows7-x64

6

82a4aab706...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    143s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    02/08/2024, 02:10 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    82a4aab7067b45cd96d537032344f1ce_JaffaCakes118.exe

  • Size

    92KB

  • MD5

    82a4aab7067b45cd96d537032344f1ce

  • SHA1

    771c110c63747dadbfa602158caeb565a79051b0

  • SHA256

    b6bec6857a59ca483398d6117278e43ff626fa31d040b2ee0a72158846dac2cc

  • SHA512

    7b5fc5ec054177e93ba3eb2a8b31e12b5a4dba0d36dc9b77c07d80aa8289281dee0257ef54161a5dbd862f6eef411cc6f337a83a30b162eeb1110a8e1b7a5a5b

  • SSDEEP

    1536:VaaafML+d3RsNESWJHHB1avM22iwMwOEQon:Vaaa0Lo3Rhp3ak22PhOE

Score
6/10
discoverypersistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\82a4aab7067b45cd96d537032344f1ce_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\82a4aab7067b45cd96d537032344f1ce_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.danidutra.com.br/trabalho/Amizade.wmv
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1012
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1012 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1956

Network

  • flag-us
    DNS
    www.danidutra.com.br
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.danidutra.com.br
    IN A
    Response
    www.danidutra.com.br
    IN CNAME
    danidutra.com.br
    danidutra.com.br
    IN A
    192.185.217.27
  • flag-us
    GET
    http://www.danidutra.com.br/trabalho/Amizade.wmv
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /trabalho/Amizade.wmv HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Fri, 02 Aug 2024 02:10:39 GMT
    Server: Apache
    Expires: Wed, 11 Jan 1984 05:00:00 GMT
    Cache-Control: no-cache, must-revalidate, max-age=0
    X-Redirect-By: WordPress
    Upgrade: h2,h2c
    Connection: Upgrade, Keep-Alive
    Location: http://danidutra.com.br/trabalho/Amizade.wmv
    Content-Length: 0
    Keep-Alive: timeout=5, max=75
    Content-Type: text/html; charset=UTF-8
  • flag-us
    DNS
    danidutra.com.br
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    danidutra.com.br
    IN A
    Response
    danidutra.com.br
    IN A
    192.185.217.27
  • flag-us
    GET
    http://danidutra.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-includes/css/dist/block-library/style.min.css?ver=6.6.1 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Upgrade: h2,h2c
    Connection: Upgrade, Keep-Alive
    Last-Modified: Tue, 23 Jul 2024 17:16:14 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Keep-Alive: timeout=5, max=75
    Transfer-Encoding: chunked
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/uploads/elementor/css/post-153.css?ver=1667577041
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/uploads/elementor/css/post-153.css?ver=1667577041 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Fri, 04 Nov 2022 15:50:41 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 430
    Keep-Alive: timeout=5, max=74
    Connection: Keep-Alive
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Wed, 09 Aug 2023 05:17:17 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 5422
    Keep-Alive: timeout=5, max=73
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.9.0-dev5
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.9.0-dev5 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:15 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 2474
    Keep-Alive: timeout=5, max=72
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.9.0-dev5
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.9.0-dev5 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:15 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 7668
    Keep-Alive: timeout=5, max=71
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/trabalho/Amizade.wmv
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /trabalho/Amizade.wmv HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Fri, 02 Aug 2024 02:10:42 GMT
    Server: Apache
    Expires: Wed, 11 Jan 1984 05:00:00 GMT
    Cache-Control: no-cache, must-revalidate, max-age=0
    Link: <https://danidutra.com.br/wp-json/>; rel="https://api.w.org/"
    Upgrade: h2,h2c
    Connection: Upgrade, Keep-Alive
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 16852
    Keep-Alive: timeout=5, max=75
    Content-Type: text/html; charset=UTF-8
  • flag-us
    GET
    http://danidutra.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Wed, 19 Oct 2022 01:31:34 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 2332
    Keep-Alive: timeout=5, max=74
    Connection: Keep-Alive
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.9.0-dev5
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.9.0-dev5 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:14 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 1588
    Keep-Alive: timeout=5, max=73
    Connection: Keep-Alive
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/uploads/elementor/css/global.css?ver=1667577041
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/uploads/elementor/css/global.css?ver=1667577041 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Upgrade: h2,h2c
    Connection: Upgrade, Keep-Alive
    Last-Modified: Fri, 04 Nov 2022 15:50:41 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 3975
    Keep-Alive: timeout=5, max=75
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:23 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 7112
    Keep-Alive: timeout=5, max=74
    Connection: Keep-Alive
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/happy-elementor-addons/assets/js/happy-addons.min.js?ver=3.7.1
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/happy-elementor-addons/assets/js/happy-addons.min.js?ver=3.7.1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 03 Nov 2022 02:08:46 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 11122
    Keep-Alive: timeout=5, max=73
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.0-dev4
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.0-dev4 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:23 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 12649
    Keep-Alive: timeout=5, max=72
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.3 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Tue, 16 Jul 2024 17:51:55 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 8375
    Keep-Alive: timeout=5, max=71
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Upgrade: h2,h2c
    Connection: Upgrade, Keep-Alive
    Last-Modified: Wed, 19 Oct 2022 01:31:34 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 3725
    Keep-Alive: timeout=5, max=75
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.7.1
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.7.1 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 03 Nov 2022 02:08:46 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 5242
    Keep-Alive: timeout=5, max=74
    Connection: Keep-Alive
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Wed, 08 Nov 2023 05:32:04 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Keep-Alive: timeout=5, max=73
    Connection: Keep-Alive
    Transfer-Encoding: chunked
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Wed, 03 Apr 2024 08:13:45 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 1589
    Keep-Alive: timeout=5, max=72
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.0-dev4
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.0-dev4 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:23 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 16167
    Keep-Alive: timeout=5, max=71
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.0-dev4
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.0-dev4 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Upgrade: h2,h2c
    Connection: Upgrade, Keep-Alive
    Last-Modified: Thu, 27 Oct 2022 20:06:23 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 17639
    Keep-Alive: timeout=5, max=75
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.0-dev4
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.0-dev4 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:23 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 2997
    Keep-Alive: timeout=5, max=74
    Connection: Keep-Alive
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:15 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 9638
    Keep-Alive: timeout=5, max=73
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Wed, 03 Apr 2024 08:13:45 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 3937
    Keep-Alive: timeout=5, max=72
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.9.0-dev5
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.9.0-dev5 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:15 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 7130
    Keep-Alive: timeout=5, max=71
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/uploads/elementor/css/post-5.css?ver=1667577041
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/uploads/elementor/css/post-5.css?ver=1667577041 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Upgrade: h2,h2c
    Connection: Upgrade, Keep-Alive
    Last-Modified: Fri, 04 Nov 2022 15:50:41 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 756
    Keep-Alive: timeout=5, max=75
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/uploads/elementor/css/post-204.css?ver=1667577041
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/uploads/elementor/css/post-204.css?ver=1667577041 HTTP/1.1
    Accept: text/css, */*
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Fri, 04 Nov 2022 15:50:41 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 3048
    Keep-Alive: timeout=5, max=74
    Connection: Keep-Alive
    Content-Type: text/css
  • flag-us
    GET
    http://danidutra.com.br/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Wed, 19 Oct 2022 01:31:34 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 1048
    Keep-Alive: timeout=5, max=73
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.0-dev4
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.0-dev4 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:23 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 2313
    Keep-Alive: timeout=5, max=72
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    GET
    http://danidutra.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
    IEXPLORE.EXE
    Remote address:
    192.185.217.27:80
    Request
    GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: http://danidutra.com.br/trabalho/Amizade.wmv
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: danidutra.com.br
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 02 Aug 2024 02:10:43 GMT
    Server: Apache
    Last-Modified: Thu, 27 Oct 2022 20:06:23 GMT
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 3747
    Keep-Alive: timeout=5, max=71
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-nl
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 02 Aug 2024 02:04:10 GMT
    Expires: Fri, 02 Aug 2024 02:54:10 GMT
    Cache-Control: public, max-age=3000
    Age: 393
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-nl
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 02 Aug 2024 02:04:10 GMT
    Expires: Fri, 02 Aug 2024 02:54:10 GMT
    Cache-Control: public, max-age=3000
    Age: 393
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Fri, 02 Aug 2024 01:54:32 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 971
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Fri, 02 Aug 2024 01:12:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3480
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Fri, 02 Aug 2024 01:54:32 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 971
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Fri, 02 Aug 2024 01:12:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3480
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Fri, 02 Aug 2024 01:12:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3480
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Fri, 02 Aug 2024 01:12:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3480
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Fri, 02 Aug 2024 01:12:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3480
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Fri, 02 Aug 2024 01:12:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3480
  • flag-us
    DNS
    crl.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    crl.microsoft.com
    IN A
    Response
    crl.microsoft.com
    IN CNAME
    crl.www.ms.akadns.net
    crl.www.ms.akadns.net
    IN CNAME
    a1363.dscg.akamai.net
    a1363.dscg.akamai.net
    IN A
    173.222.211.58
    a1363.dscg.akamai.net
    IN A
    173.222.211.50
  • flag-gb
    GET
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    Remote address:
    173.222.211.58:80
    Request
    GET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Wed, 01 May 2024 09:28:59 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crl.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1036
    Content-Type: application/octet-stream
    Content-MD5: 5xIscz+eN7ugykyYXOEdbQ==
    Last-Modified: Thu, 11 Jul 2024 01:45:51 GMT
    ETag: 0x8DCA14B323B2CC0
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: ff5f5f93-e01e-0040-183b-d350d2000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Fri, 02 Aug 2024 02:11:14 GMT
    Connection: keep-alive
  • 192.185.217.27:80
    http://www.danidutra.com.br/trabalho/Amizade.wmv
    http
    IEXPLORE.EXE
    827 B
     574 B
     12
    4

    HTTP Request

    GET http://www.danidutra.com.br/trabalho/Amizade.wmv

    HTTP Response

    301
  • 192.185.217.27:80
    www.danidutra.com.br
    IEXPLORE.EXE
    242 B
     144 B
     5
    3
  • 192.185.217.27:80
    http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.9.0-dev5
    http
    IEXPLORE.EXE
    2.9kB
     40.2kB
     24
    35

    HTTP Request

    GET http://danidutra.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/uploads/elementor/css/post-153.css?ver=1667577041

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.9.0-dev5

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.9.0-dev5

    HTTP Response

    200
  • 192.185.217.27:80
    http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.9.0-dev5
    http
    IEXPLORE.EXE
    1.7kB
     22.6kB
     16
    21

    HTTP Request

    GET http://danidutra.com.br/trabalho/Amizade.wmv

    HTTP Response

    404

    HTTP Request

    GET http://danidutra.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.9.0-dev5

    HTTP Response

    200
  • 192.185.217.27:80
    http://danidutra.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
    http
    IEXPLORE.EXE
    3.1kB
     46.3kB
     28
    39

    HTTP Request

    GET http://danidutra.com.br/wp-content/uploads/elementor/css/global.css?ver=1667577041

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/happy-elementor-addons/assets/js/happy-addons.min.js?ver=3.7.1

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.0-dev4

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3

    HTTP Response

    200
  • 192.185.217.27:80
    http://danidutra.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.0-dev4
    http
    IEXPLORE.EXE
    3.7kB
     68.9kB
     42
    56

    HTTP Request

    GET http://danidutra.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.7.1

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.0-dev4

    HTTP Response

    200
  • 192.185.217.27:80
    http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.9.0-dev5
    http
    IEXPLORE.EXE
    3.4kB
     44.4kB
     33
    38

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.0-dev4

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.0-dev4

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.9.0-dev5

    HTTP Response

    200
  • 192.185.217.27:80
    http://danidutra.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
    http
    IEXPLORE.EXE
    2.3kB
     13.0kB
     12
    13

    HTTP Request

    GET http://danidutra.com.br/wp-content/uploads/elementor/css/post-5.css?ver=1667577041

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/uploads/elementor/css/post-204.css?ver=1667577041

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.0-dev4

    HTTP Response

    200

    HTTP Request

    GET http://danidutra.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

    HTTP Response

    200
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    397 B
     219 B
     5
    5
  • 142.250.27.94:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
     1.7kB
     5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.27.94:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
     1.7kB
     5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    359 B
     219 B
     5
    5
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    http
    IEXPLORE.EXE
    838 B
     3.1kB
     8
    6

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

    HTTP Response

    200
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    http
    IEXPLORE.EXE
    884 B
     3.1kB
     9
    6

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

    HTTP Response

    200
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    288 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    397 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    397 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    397 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    http
    IEXPLORE.EXE
    468 B
     1.6kB
     5
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

    HTTP Response

    200
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    http
    IEXPLORE.EXE
    468 B
     1.6kB
     5
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

    HTTP Response

    200
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    http
    IEXPLORE.EXE
    514 B
     1.6kB
     6
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

    HTTP Response

    200
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    http
    IEXPLORE.EXE
    468 B
     1.6kB
     5
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

    HTTP Response

    200
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    359 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    359 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    359 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    288 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    288 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    tls
    IEXPLORE.EXE
    288 B
     219 B
     5
    5
  • 192.185.217.27:443
    danidutra.com.br
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 192.185.217.27:443
    danidutra.com.br
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 192.185.217.27:443
    danidutra.com.br
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 173.222.211.58:80
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    http
    399 B
     1.7kB
     4
    4

    HTTP Request

    GET http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl

    HTTP Response

    200
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.8kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
     7.8kB
     10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
  • 8.8.8.8:53
    www.danidutra.com.br
    dns
    IEXPLORE.EXE
    66 B
     96 B
     1
    1

    DNS Request

    www.danidutra.com.br

    DNS Response

    192.185.217.27

  • 8.8.8.8:53
    danidutra.com.br
    dns
    IEXPLORE.EXE
    62 B
     78 B
     1
    1

    DNS Request

    danidutra.com.br

    DNS Response

    192.185.217.27

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
     107 B
     1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
     107 B
     1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
     107 B
     1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
     107 B
     1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    crl.microsoft.com
    dns
    63 B
     162 B
     1
    1

    DNS Request

    crl.microsoft.com

    DNS Response

    173.222.211.58
    173.222.211.50

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4FA45AE1010E09657982D8D28B3BD38E_BE32D9F1882B93E37445F58E05C44495
    Filesize

    472B

    MD5

    3e5b9ddcf4b596748e9e9b0edaf0c332

    SHA1

    b84022e944db84f399f37227ee1115958db6aa6b

    SHA256

    2755681c98eb6366e0f78b7f3742718aa41d0c171e6c118241cf3359081c58cc

    SHA512

    3a6cfab89c3e19da9e398eede86b21a959f5e8367d1472ee98fe8446db2ed52f9dfc5dff28292ce06fc6942a6beaf648ba782b7647f8de98ff02e4ed4d10d710

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4FA45AE1010E09657982D8D28B3BD38E_BE32D9F1882B93E37445F58E05C44495
    Filesize

    398B

    MD5

    6df093cfb7cbc26b00a61ed57e475f0b

    SHA1

    be56600c274ed51789120a528cd4aa678c4a1793

    SHA256

    8f0deabfa3dc35d94af85fda1bbc1ed3cc38b1bf7989b6f31fa761a4ecbc5e2d

    SHA512

    9e688be664fa8cc05c9a48618017023827a6975ade0f1c35e69b70e86e548e2eb48e10d6b38334d4884cda29b3fb7f2da085ef71bfbcc3c1d6f766b37463766a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    698881df9988071ff84c91f61a54c0ad

    SHA1

    f34e8c96d7a82e36b6d26614432d891219bfc9b6

    SHA256

    494ba5816a725e00e400f5357d2a06c3522a4865ae05f98859c098d839222dc3

    SHA512

    041b40559d7685976984e7e0c5bc7786e039a559bc5faf653785c34b1e43d35d46d2988d64b8a5bf405414c0c33e99067fc6105f59c1fe9bb339d81fb0eff061

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b715659f417aca09752795dcef5b07eb

    SHA1

    253b3d7e5337148093e10b23b3e47e0b76215a98

    SHA256

    5fc78d756403ba6066cec9937d39939df932052e00b61df9665c707a15aefc2d

    SHA512

    c284b56dba8fb1cb1fedbb2df405cb8a8b4add254b195f79949319fbf371ae0cbc5868d076c8ef33df2fdf501983e6ea0f35ef5d1863194e25bf4c737e796901

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    047bd8825cc96184b80071c1c412c2fb

    SHA1

    09c1ecfa7882753b674a4d43ba08c878b09c5b87

    SHA256

    df18579dad220680d2ced09ef1f743379aacfab708e5d5234126d6daabbb430b

    SHA512

    dd733061447dc2012debdd36c3c6bef97fda8952c8abcd2d1d76cd601dc9f1781ff165c36e3da1593dc4d799607dfd90f47c5466773ea83e6a54394a35899fb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40ef1a2ab6bfdba412a9d561f87ac50f

    SHA1

    d6e8e47238651de45da27394e4b85fbf574c6547

    SHA256

    2a5b830461b8b5352f5657284e0d07ce1e2cb720d698a5e72328f441361f5ba4

    SHA512

    3ba2e2b0c3872fce0f47866a0ffe953aa8d29d01c1b45c55893761f98df9a15576b2ddbed473dd51540985a9075be9d517b03c07a8f2f95a8dc9b702e0dbd3b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed9f782f738baf31df0550affad6251d

    SHA1

    ecd5732a9e6fda5c7c293d737c5846a21271cb25

    SHA256

    152c6329c4de17d234d7e4a56242bd0f48520567cb302569fecbc352f5ce02b3

    SHA512

    a9575310f7cd9ed55111923746503928f9957dbe838a365a77703033ebcc045f2dd69a95a564eb971254c6b0220291e7855f04af710630dea249ea6ad271af1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a35c4372bc0fece0e7b78057d9b35410

    SHA1

    e4d2f4f4f966be19e47f8f56a72461831e8517f0

    SHA256

    b12136ada8eee4f1dd4cbd4478a02fe6224d9b52783820ddb3e5b77990e17f87

    SHA512

    652a5f1f0fb8e7f982ce98e359bfdd2f681a562dea42ebca774af88b11a6ca96de6b5d1837a390b872d93b0119d31f0f9bd5db5b128977fccc45a29f612e0445

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aacb802bbfcc13d886516038775aba97

    SHA1

    9726393b073d116146181908d94ba0ce8f579ece

    SHA256

    6dc327632d2efccc1f5496556e7ff36c03fcf4c25bcbb8fc16c4c8fc3f515768

    SHA512

    a9a6a8e98b699e80bf1b0824a36bf43f7a4f0da53d0d1d2d73ce8c0585e5d3035d0f58a1d4a03a0e92669918ebf0c1f1ac41cddc6f8b795fddb1a9c6103b041e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8343452f1cd3854840ed0130810bd0b

    SHA1

    e4a29463a292b87fe207cfb69278492862564917

    SHA256

    c2dd6f7d92c3e0e01c5757519bb75bc4023944b26cd43605761bc2d34e015174

    SHA512

    05fdac59433b6428a71d92a1416fe43f6a8114c18701b5cf30fb4a6104809a14bf2ab87631cfba4a71fff262be3bc89f6008da254cb4d63f8ddf54aeda949d26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27ec00929356c19c9ef9fe587e5250c3

    SHA1

    ba35aa828b91ddf5c69216889d9ae32b7c9adcd9

    SHA256

    7f955bb15947e6c3f9feb5208af86c223cc802172f6f0bf14051140f8165b537

    SHA512

    fd508e317be87bafcf2793f607a838032ec9acd97085adac24353fc0db3905d01ff4f8f7891d9b214a9b934ff49fcdad7d4510ffa9b4577db007e6c1024dd9eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f65edb7d438efaf23e84d13d0f14a72

    SHA1

    aadb771205036e4ab312dbfda44d0f4e0140d99b

    SHA256

    453b30ca180f20c7da288601f7b0119c9268ba48ae332fe3c3cf25b9e8a1b343

    SHA512

    c566625bfe1c711bb675d12bf4c622922dcfcecbb1e47e71f2c20f058c5d44db1e62585856cd92304a1b29ca081a4480c251990244328be334414f72c2f3a08e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ceafc660df064f3dfdb68c8a4c85dc78

    SHA1

    565cdef7604a44399c97d039c9b5fcce3c9f7b30

    SHA256

    ebc9dfa2e8ac3225196869f7ed36aad8115013ecaba5e272e67f93eabea6ea88

    SHA512

    146f960bd92eedfdde8a3cae31e42bfe1132a567155fcf71bdac39345a928ff9b9be5307057af2454f6a3288b1492c81f13bdee92b536e950ac9ddc3995bc733

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06a6f80395605ff496694c1aa1fe2e10

    SHA1

    f2089a353dbfc92f2688408850627d1ea27dc480

    SHA256

    ed8c760b8deb91e530d1a5ab6769d195a8b140e4a474541a6dc6469a1c6695e3

    SHA512

    84f4bcd731e7edabc814dec5e7a99718f8b94179529fee8bc70faa1fcb91fccf39cfd356442f82998828cba06964b7111a64ac98f0710183811902acffc6cf38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b32121c7a0b0840c87d0ad2774595ec

    SHA1

    9300eac291abd5d437cbcdba1f5576d02d86ca63

    SHA256

    b1ffae8a698c188a74d1673b89b89d27b1c688b5253f51efcac72875eb588a07

    SHA512

    3d0ab5073e0fd1b0df1dfcefc7099ecddc6d4016410e93648eccfeb037604736c7286770c63ac5449bf29d2c78a97e85dc05563f7e385082b741dee740368e5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32a8adca5f2b21e4858bb9602b844c2f

    SHA1

    e5bb09d551c2876cf2b1b5dcc16da62086d2de44

    SHA256

    9995b4de2f54116e4849097efd4efad1d05cba2424730eaf59396aec423e45c1

    SHA512

    f1f6d46566e37b62d631c2e830d5bf3a067758cbf4d9a314a0704849e2a646cac47d4fb7e58d92c0b630ca20f10f8276c26e1100c7beb5d9f299931e2ecb88a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc0a0c455ba7aa9870d273cf29c2638c

    SHA1

    0836d1e93f96ad8a308040435e55eeb3254d0eb4

    SHA256

    0d529caee87a6e0f6f122f5fe9eea599a49897617abd8eb9615f7669b626efe4

    SHA512

    c3eab61f4bbad0b26d64bda34385768b8bffe8e75f01f88d92a3d6853b8182a3581bb3348ebf90e06a171059fb0a1021977acbdc28cca67ce2057ef440c45e4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74937023850627a1b066d88dd917cef2

    SHA1

    049060880a8c416b03095d9c27546590e72f02de

    SHA256

    ef44bfdf3d562d40a46264084ff002f54193f1f3e7291978e6443f0120732f7c

    SHA512

    6fe818b4ab392ec82c123512a2baf42a83f0471f0316652ffde773df65529a176ac352790b04df38cb2cff193e2110567d15cfdfbbf5102098f51a18b8ea7882

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0cb61f922b6687cbdd92f0f63b61fea4

    SHA1

    cafa55bfb6548032569a8b72648dc0f08b50b628

    SHA256

    34f422e58feadb0468c7ded8804d2cedcf496b43d993fe8c466dbd71d8acd767

    SHA512

    73881c085b318a6f7200e3d364c9e598517525fde2d07e2f93130fa92196904b7d0a24a149f58196647437d944a305ec4e027cb7643f9789b3df5d8073155c21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    125c2c63fae9259259156ca1547632f6

    SHA1

    223b0427d3c756d1f1c789fd7419e037f411152f

    SHA256

    21d12093d4cd37f1b8b596500cfafd959aebb11ef2fa115d0b05d07cd9c34a7d

    SHA512

    26cbb01b4e83f2c2b95fc4759561f69855e76c165b63b5d954ea69ec909076b60091f4161b611eebffaccc39a961e528a80df80d872035523fdcbc2132bc0a74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bebf273cff64e6379a47a9e7c6f0281e

    SHA1

    85021605b420a37f1589b63cef365a68a4cfc59c

    SHA256

    d0ce3b597d4eb56884e5857e52f4c32d6f503bc41930af87277428dda0222ccf

    SHA512

    d3531c6414f3db22d0367048f7735d2bd91c212d08bc6be4e6dd575696401811b314d23114335ea45b4294857c81df19aacf946dc6736c42d619eb53b272bdc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2861e2ec30c53a88310d601cc2ada50

    SHA1

    607c0cf39bfbbc3570d9ad0dfc45c1388f7a242d

    SHA256

    5987316435b3fee6f8f7bccf3c35c7e37d776477f65082a9a2fb43b5428431d5

    SHA512

    75ebfbf64ffaa587ac89d6c5e85ebfc0877bc4379d8bfa539c08fb83d1d2120af8e7d49833b395e05342ca9355ca92d52796de489f9a7fff9589d6867df8e373

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab451C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar451F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/1688-0-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1688-5-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.