Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

8b1e33cfbe...8.html

windows7-x64

3

8b1e33cfbe...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 16:36 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html

  • Size

    20KB

  • MD5

    8b1e33cfbe8b686231c5bdb059f4e4b9

  • SHA1

    34f07de5cf034820dbfcaa7bf4f6c85ef07d5299

  • SHA256

    413c27468789bd7365268c729bea796f22d19e7363eb9776ce14f5486e0badcc

  • SHA512

    2a2a6a6b6c816817b8309c660e6b101eb54718c0eef3cfa38ad34bad363dbba68d377c3563f0bfd60ec1e24f5977b1c2f7bacbc42a7bded43989cfbc7e965e46

  • SSDEEP

    384:1GypM6LyfZG3Pz+TkTHAd+hx/X3mrREdB9mg:YyprQGoeHsyVnmrU

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2884
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2884 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2720

Network

  • flag-us
    DNS
    s3.wordpress.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s3.wordpress.com
    IN A
    Response
    s3.wordpress.com
    IN A
    192.0.77.33
  • flag-us
    DNS
    interia.hit.gemius.pl
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    interia.hit.gemius.pl
    IN A
    Response
    interia.hit.gemius.pl
    IN A
    217.74.74.29
  • flag-us
    DNS
    s.wordpress.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s.wordpress.com
    IN A
    Response
    s.wordpress.com
    IN A
    192.0.77.33
  • flag-us
    DNS
    ict4peace.files.wordpress.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ict4peace.files.wordpress.com
    IN A
    Response
    ict4peace.files.wordpress.com
    IN CNAME
    s7.files.wordpress.com
    s7.files.wordpress.com
    IN A
    192.0.72.29
    s7.files.wordpress.com
    IN A
    192.0.72.28
  • flag-us
    DNS
    public.slideshare.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    public.slideshare.net
    IN A
    Response
    public.slideshare.net
    IN CNAME
    webapp.production.slideshare.net
    webapp.production.slideshare.net
    IN A
    52.71.43.210
    webapp.production.slideshare.net
    IN A
    18.211.147.111
    webapp.production.slideshare.net
    IN A
    52.0.5.218
    webapp.production.slideshare.net
    IN A
    44.217.150.232
    webapp.production.slideshare.net
    IN A
    54.211.36.57
  • flag-us
    DNS
    www.linkedin.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.linkedin.com
    IN A
    Response
    www.linkedin.com
    IN CNAME
    exp1.www.linkedin.com
    exp1.www.linkedin.com
    IN CNAME
    www-linkedin-com.l-0005.l-msedge.net
    www-linkedin-com.l-0005.l-msedge.net
    IN CNAME
    l-0005.l-msedge.net
    l-0005.l-msedge.net
    IN A
    13.107.42.14
  • flag-us
    DNS
    x.interia.pl
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    x.interia.pl
    IN A
    Response
    x.interia.pl
    IN A
    217.74.65.42
  • flag-us
    GET
    http://s.wordpress.com/wp-content/themes/h4/global.css?m=1214319868a
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:80
    Request
    GET /wp-content/themes/h4/global.css?m=1214319868a HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:11 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://s.wordpress.com/wp-content/themes/h4/global.css?m=1214319868a
  • flag-pl
    GET
    http://x.interia.pl/inpl/inpl.ad.1.4.9.js
    IEXPLORE.EXE
    Remote address:
    217.74.65.42:80
    Request
    GET /inpl/inpl.ad.1.4.9.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: x.interia.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    content-type: text/javascript
    last-modified: Wed, 01 Jul 2009 11:49:35 GMT
    access-control-allow-origin: *
    access-control-allow-methods: GET, POST, OPTIONS
    p3p: CP="CAO PSA OUR"
    date: Sun, 11 Aug 2024 16:36:11 GMT
    content-length: 1749
    vary: Accept-Encoding
    content-encoding: gzip
    expires: Sun, 11 Aug 2024 17:36:12 GMT
    cache-control: max-age=1814400
    server: IPL/2.2
    accept-ranges: bytes
  • flag-pl
    DNS
    IEXPLORE.EXE
    Remote address:
    217.74.65.42:80
    Response
    HTTP/1.1 408 Request Time-out
    content-length: 110
    cache-control: no-cache
    content-type: text/html
    connection: close
  • flag-us
    GET
    http://s3.wordpress.com/wp-content/themes/pub/simpla/style.css?m=1219803973a
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:80
    Request
    GET /wp-content/themes/pub/simpla/style.css?m=1219803973a HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s3.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:11 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://s3.wordpress.com/wp-content/themes/pub/simpla/style.css?m=1219803973a
  • flag-us
    GET
    http://s3.wordpress.com/wp-content/themes/pub/simpla/images/bg.png
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:80
    Request
    GET /wp-content/themes/pub/simpla/images/bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s3.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://s3.wordpress.com/wp-content/themes/pub/simpla/images/bg.png
  • flag-us
    GET
    http://s3.wordpress.com/wp-content/themes/pub/simpla/images/user.gif
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:80
    Request
    GET /wp-content/themes/pub/simpla/images/user.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s3.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:18 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://s3.wordpress.com/wp-content/themes/pub/simpla/images/user.gif
  • flag-us
    GET
    http://public.slideshare.net/images/badge85_62.gif
    IEXPLORE.EXE
    Remote address:
    52.71.43.210:80
    Request
    GET /images/badge85_62.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: public.slideshare.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: awselb/2.0
    Date: Sun, 11 Aug 2024 16:36:12 GMT
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Location: https://public.slideshare.net:443/images/badge85_62.gif
  • flag-us
    GET
    http://s3.wordpress.com/wp-content/themes/pub/simpla/images/post.gif
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:80
    Request
    GET /wp-content/themes/pub/simpla/images/post.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s3.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:18 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://s3.wordpress.com/wp-content/themes/pub/simpla/images/post.gif
  • flag-pl
    GET
    http://interia.hit.gemius.pl/xgemius.js
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:80
    Request
    GET /xgemius.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:36:12 GMT
    Expires: Mon, 12 Aug 2024 04:36:12 GMT
    Server: GHC
    Accept-Ranges: none
    Cache-Control: max-age=43200
    Last-Modified: Fri, 19 Jul 2024 16:08:07 GMT
    Vary: Accept-Encoding,Origin
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Connection: keep-alive
    Keep-Alive: timeout=10
    Content-Type: application/x-javascript
    Content-Length: 21202
    Content-Encoding: gzip
  • flag-pl
    GET
    http://interia.hit.gemius.pl/fpdata.js?href=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:80
    Request
    GET /fpdata.js?href= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Expires: Sat, 10 Aug 2024 16:36:13 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Location: https://interia.hit.gemius.pl/_sslredir/fpdata.js?href=
    Connection: keep-alive
    Keep-Alive: timeout=10
    Content-Length: 0
  • flag-pl
    GET
    http://interia.hit.gemius.pl/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:80
    Request
    GET /_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Expires: Sat, 10 Aug 2024 16:36:13 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Location: https://interia.hit.gemius.pl/_sslredir/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap=
    Connection: keep-alive
    Keep-Alive: timeout=10
    Content-Length: 0
  • flag-pl
    GET
    http://interia.hit.gemius.pl/_1723394186636/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394186&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:80
    Request
    GET /_1723394186636/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394186&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 11 Aug 2024 16:36:27 GMT
    Expires: Sat, 10 Aug 2024 16:36:27 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Location: https://interia.hit.gemius.pl/_sslredir/_1723394186636/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394186&fpcap=
    Connection: keep-alive
    Keep-Alive: timeout=10
    Content-Length: 0
  • flag-us
    GET
    http://ict4peace.files.wordpress.com/2008/09/un-on-youtube.png?w=425&h=332
    IEXPLORE.EXE
    Remote address:
    192.0.72.29:80
    Request
    GET /2008/09/un-on-youtube.png?w=425&h=332 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ict4peace.files.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:11 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    Location: https://ict4peace.files.wordpress.com/2008/09/un-on-youtube.png?w=425&h=332
  • flag-us
    GET
    http://www.linkedin.com/img/webpromo/btn_linkedin_120x30.gif
    IEXPLORE.EXE
    Remote address:
    13.107.42.14:80
    Request
    GET /img/webpromo/btn_linkedin_120x30.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.linkedin.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Cache-Control: no-cache, no-store
    Pragma: no-cache
    Expires: Thu, 01 Jan 1970 00:00:00 GMT
    Location: https://www.linkedin.com/img/webpromo/btn_linkedin_120x30.gif
    P3P: CP="CAO CUR ADM DEV PSA PSD OUR"
    Set-Cookie: bcookie="v=2&15455621-ee85-44c4-8ae5-5a4ffa92d89b"; Domain=.linkedin.com; Expires=Mon, 11-Aug-2025 16:36:12 GMT; Path=/; Secure; SameSite=None
    Set-Cookie: li_gc=MTswOzE3MjMzOTQxNzI7MjswMjFDhIYiG92/Z8UzNPofQnpyNcf6sfKlB/abdlnmiB9cnQ==; Domain=.linkedin.com; Expires=Fri, 07 Feb 2025 16:36:12 GMT; Path=/; Secure; SameSite=None
    X-Li-Fabric: prod-ltx1
    X-Li-Pop: afd-prod-ltx1-x
    X-Li-Proto: http/1.1
    X-LI-UUID: AAYfavluypXu0fGevq2egQ==
    X-Cache: CONFIG_NOCACHE
    X-MSEdge-Ref: Ref A: 0BD308B832FD492E9DC20B06DE902D54 Ref B: LON04EDGE0922 Ref C: 2024-08-11T16:36:11Z
    Date: Sun, 11 Aug 2024 16:36:11 GMT
    Content-Length: 0
  • flag-us
    GET
    https://s3.wordpress.com/wp-content/themes/pub/simpla/style.css?m=1219803973a
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:443
    Request
    GET /wp-content/themes/pub/simpla/style.css?m=1219803973a HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s3.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Vary: Accept-Encoding
    x-minify: t
    x-minify-cache: hit
    etag: W/6784-1684461279092.7097
    Content-Encoding: gzip
    Expires: Thu, 19 Jun 2025 22:56:52 GMT
    Cache-Control: max-age=31536000
    X-ac: 4.lhr _dca MISS
    Strict-Transport-Security: max-age=15552000
    Alt-Svc: h3=":443"; ma=86400
    X-nc: HIT lhr 1
  • flag-us
    GET
    https://s3.wordpress.com/wp-content/themes/pub/simpla/images/bg.png
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:443
    Request
    GET /wp-content/themes/pub/simpla/images/bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s3.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Content-Type: image/png
    Content-Length: 147
    Connection: keep-alive
    Last-Modified: Fri, 22 Sep 2023 22:36:56 GMT
    ETag: "650e1708-93"
    Expires: Wed, 09 Jul 2025 10:59:27 GMT
    Cache-Control: max-age=31536000
    X-ac: 4.lhr _dca MISS
    Strict-Transport-Security: max-age=15552000
    Alt-Svc: h3=":443"; ma=86400
    X-nc: HIT lhr 1
    Accept-Ranges: bytes
  • flag-us
    GET
    https://s3.wordpress.com/wp-content/themes/pub/simpla/images/post.gif
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:443
    Request
    GET /wp-content/themes/pub/simpla/images/post.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s3.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:18 GMT
    Content-Type: image/gif
    Content-Length: 276
    Connection: keep-alive
    Last-Modified: Fri, 19 May 2023 01:49:11 GMT
    ETag: "6466d597-114"
    Expires: Tue, 08 Jul 2025 21:22:20 GMT
    Cache-Control: max-age=31536000
    X-ac: 4.lhr _dca MISS
    Strict-Transport-Security: max-age=15552000
    Alt-Svc: h3=":443"; ma=86400
    X-nc: HIT lhr 1
    Accept-Ranges: bytes
  • flag-us
    GET
    https://s3.wordpress.com/wp-content/themes/pub/simpla/images/user.gif
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:443
    Request
    GET /wp-content/themes/pub/simpla/images/user.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s3.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:18 GMT
    Content-Type: image/gif
    Content-Length: 287
    Connection: keep-alive
    Last-Modified: Fri, 19 May 2023 02:59:11 GMT
    ETag: "6466e5ff-11f"
    Expires: Tue, 20 May 2025 12:38:06 GMT
    Cache-Control: max-age=31536000
    X-ac: 4.lhr _dca MISS
    Strict-Transport-Security: max-age=15552000
    Alt-Svc: h3=":443"; ma=86400
    X-nc: HIT lhr 1
    Accept-Ranges: bytes
  • flag-us
    GET
    https://s.wordpress.com/wp-content/themes/h4/global.css?m=1214319868a
    IEXPLORE.EXE
    Remote address:
    192.0.77.33:443
    Request
    GET /wp-content/themes/h4/global.css?m=1214319868a HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Content-Type: text/css
    Content-Length: 311
    Connection: keep-alive
    x-minify: t
    x-minify-cache: hit
    etag: W/471-1684461197956.71
    Expires: Fri, 20 Jun 2025 00:29:15 GMT
    Cache-Control: max-age=31536000
    X-ac: 4.lhr _dca MISS
    Strict-Transport-Security: max-age=15552000
    Alt-Svc: h3=":443"; ma=86400
    X-nc: HIT lhr 1
  • flag-us
    GET
    https://ict4peace.files.wordpress.com/2008/09/un-on-youtube.png?w=425&h=332
    IEXPLORE.EXE
    Remote address:
    192.0.72.29:443
    Request
    GET /2008/09/un-on-youtube.png?w=425&h=332 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ict4peace.files.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Moved Temporarily
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Content-Type: text/html
    Content-Length: 138
    Connection: keep-alive
    Location: https://ict4peace.wordpress.com/wp-content/uploads/2008/09/un-on-youtube.png?w=425&h=332
    X-nc: lhr 29 np
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://public.slideshare.net/images/badge85_62.gif
    IEXPLORE.EXE
    Remote address:
    52.71.43.210:443
    Request
    GET /images/badge85_62.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: public.slideshare.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 11 Aug 2024 16:36:14 GMT
    Content-Type: text/html
    Content-Length: 162
    Connection: keep-alive
    server: envoy
    location: https://www.slideshare.net/images/badge85_62.gif
    p3p: CP="OTI DSP COR CUR ADM DEV PSD IVD CONo OUR IND"
    x-content-type-options: nosniff
    cache-control: private, no-store
    strict-transport-security: max-age=63072000; includeSubDomains; preload
    x-envoy-upstream-service-time: 1
  • flag-us
    GET
    https://www.linkedin.com/img/webpromo/btn_linkedin_120x30.gif
    IEXPLORE.EXE
    Remote address:
    13.107.42.14:443
    Request
    GET /img/webpromo/btn_linkedin_120x30.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.linkedin.com
    Connection: Keep-Alive
    Cookie: bcookie="v=2&15455621-ee85-44c4-8ae5-5a4ffa92d89b"; li_gc=MTswOzE3MjMzOTQxNzI7MjswMjFDhIYiG92/Z8UzNPofQnpyNcf6sfKlB/abdlnmiB9cnQ==
    Response
    HTTP/1.1 200 OK
    Cache-Control: max-age=604800,private
    Content-Length: 2153
    Content-Type: image/gif
    Expires: Sun, 18 Aug 2024 16:36:12 GMT
    Last-Modified: Thu, 25 Jul 2024 20:20:40 GMT
    Accept-Ranges: bytes
    ETag: "66a2b398-869"
    P3P: CP="CAO CUR ADM DEV PSA PSD OUR"
    Set-Cookie: bscookie="v=1&202408111636122adb0e02-9d33-457f-8cbc-cd914efc476cAQGUlMIq2kz2jg3AGEoHEOMxD0EG7b1X"; domain=.www.linkedin.com; Path=/; Secure; Expires=Mon, 11-Aug-2025 16:36:12 GMT; HttpOnly; SameSite=None
    Strict-Transport-Security: max-age=31536000
    X-Content-Type-Options: nosniff
    X-Frame-Options: sameorigin
    Content-Security-Policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com login.microsoftonline.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-RFqsjmAF1N5LnfpaHFvPqFlVkeIS/DtTAFor+JjJJVc=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com edge-auth.microsoft.com flo.uri.sh; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=d
    X-Li-Fabric: prod-ltx1
    X-Li-Pop: afd-prod-ltx1-x
    X-Li-Proto: http/1.1
    X-LI-UUID: AAYfavl2q3ypPqdJTHZOVw==
    X-Cache: CONFIG_NOCACHE
    X-MSEdge-Ref: Ref A: 8C2BB23A90BF42D0A080DCCD1242538E Ref B: LON04EDGE1019 Ref C: 2024-08-11T16:36:12Z
    Date: Sun, 11 Aug 2024 16:36:11 GMT
  • flag-us
    DNS
    ict4peace.wordpress.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ict4peace.wordpress.com
    IN A
    Response
    ict4peace.wordpress.com
    IN CNAME
    lb.wordpress.com
    lb.wordpress.com
    IN A
    192.0.78.12
    lb.wordpress.com
    IN A
    192.0.78.13
  • flag-us
    GET
    https://ict4peace.wordpress.com/wp-content/uploads/2008/09/un-on-youtube.png?w=425&h=332
    IEXPLORE.EXE
    Remote address:
    192.0.78.12:443
    Request
    GET /wp-content/uploads/2008/09/un-on-youtube.png?w=425&h=332 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ict4peace.wordpress.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Content-Type: image/png
    Content-Length: 133771
    Connection: keep-alive
    Last-Modified: Mon, 29 Sep 2008 00:49:21 GMT
    Expires: Mon, 02 Sep 2024 06:05:42 GMT
    X-Orig-Src: 0_imageresize
    Vary: Accept
    X-ac: 1.lhr _dfw HIT
    Strict-Transport-Security: max-age=31536000
    Alt-Svc: h3=":443"; ma=86400
    Accept-Ranges: bytes
  • flag-nl
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    142.251.36.46:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 17168
    Date: Sun, 11 Aug 2024 15:58:10 GMT
    Expires: Sun, 11 Aug 2024 17:58:10 GMT
    Cache-Control: public, max-age=7200
    Age: 2283
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • flag-pl
    GET
    https://interia.hit.gemius.pl/_sslredir/fpdata.js?href=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:443
    Request
    GET /_sslredir/fpdata.js?href= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Expires: Tue, 10 Sep 2024 16:36:13 GMT
    Server: GHC
    Accept-Ranges: none
    Cache-Control: private, max-age=2592000
    Last-Modified: Mon, 16 Jul 2012 10:03:40 GMT
    ETag: PRIVATE7520710249
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Connection: keep-alive
    Keep-Alive: timeout=100
    Content-Type: application/x-javascript
    Content-Length: 269
  • flag-pl
    GET
    https://interia.hit.gemius.pl/_sslredir/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:443
    Request
    GET /_sslredir/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Expires: Sat, 10 Aug 2024 16:36:13 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:36:13 GMT
    Set-Cookie: Gtest=Klx4xMGGQMQGIRnjO0JxxgEUssGMXP8cfRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 18 Aug 2024 16:36:13 GMT
    Set-Cookie: Gdynp=t_wQN2U_q5CRwsJhGISJRNHJaG7lL42CvbZSct_YSkj.57; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:36:13 GMT
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Location: /__/_sslredir/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap=
    Connection: keep-alive
    Keep-Alive: timeout=100
    Content-Length: 0
  • flag-pl
    GET
    https://interia.hit.gemius.pl/__/_sslredir/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:443
    Request
    GET /__/_sslredir/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Cookie: receive-cookie-deprecation=1; Gtest=Klx4xMGGQMQGIRnjO0JxxgEUssGMXP8cfRbG; Gdynp=t_wQN2U_q5CRwsJhGISJRNHJaG7lL42CvbZSct_YSkj.57
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:36:13 GMT
    Expires: Sat, 10 Aug 2024 16:36:13 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:36:13 GMT
    Set-Cookie: Gtestem=~; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Fri, 1 Jan 2010 00:00:00 GMT
    Set-Cookie: Gdyn=KlQbgRGGQMQGIRnjO0JxxgEUssGMXP8c25nSGssIIm78EMxnGoG1onCWL18GGyPDGImTXsxaG0F6Sssa; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Wed, 10 Sep 2025 16:36:13 GMT
    Set-Cookie: Gdynp=4jDFCbyqDghcNXFk8VNxtSG3GJO4lvgZdLVKxIqx5Zf.Y7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:36:13 GMT
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Connection: keep-alive
    Keep-Alive: timeout=100
    Content-Type: application/x-javascript
    Content-Length: 167
  • flag-pl
    GET
    https://interia.hit.gemius.pl/_sslredir/_1723394186636/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394186&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:443
    Request
    GET /_sslredir/_1723394186636/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394186&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Cookie: receive-cookie-deprecation=1; Gtest=Klx4xMGGQMQGIRnjO0JxxgEUssGMXP8cfRbG; Gdynp=4jDFCbyqDghcNXFk8VNxtSG3GJO4lvgZdLVKxIqx5Zf.Y7; Gdyn=KlQbgRGGQMQGIRnjO0JxxgEUssGMXP8c25nSGssIIm78EMxnGoG1onCWL18GGyPDGImTXsxaG0F6Sssa
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:36:27 GMT
    Expires: Sat, 10 Aug 2024 16:36:27 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:36:27 GMT
    Set-Cookie: Gtest=; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Fri, 1 Jan 2010 00:00:00 GMT
    Set-Cookie: Gdyn=KlSdJRGGQMQGIRnjO0JxxgEUssGMr1goL6nxmG88eu7oLFxSG7lrGS6GtDftFlMXYH8Po1WrGQaPgjXoaQG.; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Wed, 10 Sep 2025 16:36:27 GMT
    Set-Cookie: Gdynp=uPpnbVg5gHRfCkQOpy0N.J23S4QEbIooikPd9K7GwsL.U7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:36:27 GMT
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Connection: keep-alive
    Keep-Alive: timeout=100
    Content-Type: application/x-javascript
    Content-Length: 2
  • flag-pl
    GET
    https://interia.hit.gemius.pl/_sslredir/_1723394234637/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394234&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:443
    Request
    GET /_sslredir/_1723394234637/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394234&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Cookie: receive-cookie-deprecation=1; Gdynp=uPpnbVg5gHRfCkQOpy0N.J23S4QEbIooikPd9K7GwsL.U7; Gdyn=KlSdJRGGQMQGIRnjO0JxxgEUssGMr1goL6nxmG88eu7oLFxSG7lrGS6GtDftFlMXYH8Po1WrGQaPgjXoaQG.
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:37:15 GMT
    Expires: Sat, 10 Aug 2024 16:37:15 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:37:15 GMT
    Set-Cookie: Gdyn=KlQW7RMGQMQGIRnjO0JxxgEUssGMN1goL6nxmG88eu7oLFxSG7lrGS6GtDftFlMXYH8Po1WrGQaPgjXcaQG.; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Wed, 10 Sep 2025 16:37:15 GMT
    Set-Cookie: Gdynp=drPQwkCrQ7RpQKRTsiX0qjB_h10YJQygq_dlxCQUn_P._7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:37:15 GMT
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Connection: keep-alive
    Keep-Alive: timeout=100
    Content-Type: application/x-javascript
    Content-Length: 2
  • flag-pl
    GET
    https://interia.hit.gemius.pl/_sslredir/_1723394266648/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394266&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:443
    Request
    GET /_sslredir/_1723394266648/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394266&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Cookie: receive-cookie-deprecation=1; Gdynp=drPQwkCrQ7RpQKRTsiX0qjB_h10YJQygq_dlxCQUn_P._7; Gdyn=KlQW7RMGQMQGIRnjO0JxxgEUssGMN1goL6nxmG88eu7oLFxSG7lrGS6GtDftFlMXYH8Po1WrGQaPgjXcaQG.
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:37:47 GMT
    Expires: Sat, 10 Aug 2024 16:37:47 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:37:47 GMT
    Set-Cookie: Gdyn=KlQgoRGGQMQGIRnjO0JxxgEUssGMk14oL6nxmG88eu7oLFxSG7lrGS6GtDftFlMXYH8Po1WrGQaPgjKaaQG.; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Wed, 10 Sep 2025 16:37:47 GMT
    Set-Cookie: Gdynp=_D3Vz5rxI3Ia9_3x1LJFOC7QxbS0aomVYpMkfDW5WNH.x7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:37:47 GMT
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Connection: keep-alive
    Keep-Alive: timeout=100
    Content-Type: application/x-javascript
    Content-Length: 2
  • flag-pl
    GET
    https://interia.hit.gemius.pl/_sslredir/_1723394308643/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394308&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:443
    Request
    GET /_sslredir/_1723394308643/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394308&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Cookie: receive-cookie-deprecation=1; Gdynp=_D3Vz5rxI3Ia9_3x1LJFOC7QxbS0aomVYpMkfDW5WNH.x7; Gdyn=KlQgoRGGQMQGIRnjO0JxxgEUssGMk14oL6nxmG88eu7oLFxSG7lrGS6GtDftFlMXYH8Po1WrGQaPgjKaaQG.
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:38:29 GMT
    Expires: Sat, 10 Aug 2024 16:38:29 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    Set-Cookie: receive-cookie-deprecation=1; Domain=hit.gemius.pl; Path=/; HttpOnly; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:38:29 GMT
    Set-Cookie: Gdyn=KlxK2MXGQMQGIRnjO0JxxgEUssGMnMYhFenxmG88eu7oLFxSG7lrGS6GtDftFlMXYH8Po1WrGQaPgG9UMG..; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Wed, 10 Sep 2025 16:38:29 GMT
    Set-Cookie: Gdynp=nRscq.cUGCtfOnw4CEDgDBkceruTAi2o0nx9o5rUlHP.f7; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Partitioned; Expires=Wed, 10 Sep 2025 16:38:29 GMT
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Connection: keep-alive
    Keep-Alive: timeout=100
    Content-Type: application/x-javascript
    Content-Length: 2
  • flag-us
    DNS
    tangoing.info
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    tangoing.info
    IN A
    Response
  • flag-us
    DNS
    ocsp.r2m02.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m02.amazontrust.com
    IN A
    Response
    ocsp.r2m02.amazontrust.com
    IN A
    143.204.67.183
  • flag-gb
    GET
    http://ocsp.r2m02.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRmbQtwnInkvkvr7BNFR%2BS2lTYPjAQUwDFSzVpQw4J8dHHOy%2Bmc%2BXrrguICEAZGWZAMnSKW5OXbIFYv0bo%3D
    IEXPLORE.EXE
    Remote address:
    143.204.67.183:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBRmbQtwnInkvkvr7BNFR%2BS2lTYPjAQUwDFSzVpQw4J8dHHOy%2Bmc%2BXrrguICEAZGWZAMnSKW5OXbIFYv0bo%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m02.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Sun, 11 Aug 2024 14:52:09 GMT
    Last-Modified: Sun, 11 Aug 2024 14:52:09 GMT
    Server: ECAcc (lhd/3587)
    X-Cache: Hit from cloudfront
    Via: 1.1 22256b58fb1796f3914f338d1d6ef560.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: LHR61-P1
    X-Amz-Cf-Id: eq2J0U-_9DnSGRb45EgIScHkmJM2TFkXBcncy58HkscnXxhbLdbBgw==
    Age: 6245
  • flag-us
    DNS
    www.slideshare.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.slideshare.net
    IN A
    Response
    www.slideshare.net
    IN CNAME
    scribd.map.fastly.net
    scribd.map.fastly.net
    IN A
    151.101.2.152
    scribd.map.fastly.net
    IN A
    151.101.130.152
    scribd.map.fastly.net
    IN A
    151.101.194.152
    scribd.map.fastly.net
    IN A
    151.101.66.152
  • flag-us
    DNS
    crl.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    crl.microsoft.com
    IN A
    Response
    crl.microsoft.com
    IN CNAME
    crl.www.ms.akadns.net
    crl.www.ms.akadns.net
    IN CNAME
    a1363.dscg.akamai.net
    a1363.dscg.akamai.net
    IN A
    92.123.142.59
    a1363.dscg.akamai.net
    IN A
    92.123.143.234
  • flag-gb
    GET
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    Remote address:
    92.123.142.59:80
    Request
    GET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Wed, 01 May 2024 09:28:59 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crl.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1036
    Content-Type: application/octet-stream
    Content-MD5: 5xIscz+eN7ugykyYXOEdbQ==
    Last-Modified: Thu, 11 Jul 2024 01:45:51 GMT
    ETag: 0x8DCA14B323B2CC0
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: 5fc09696-301e-0053-5f42-d374de000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Sun, 11 Aug 2024 16:36:42 GMT
    Connection: keep-alive
  • flag-pl
    GET
    http://interia.hit.gemius.pl/_1723394234637/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394234&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:80
    Request
    GET /_1723394234637/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394234&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 11 Aug 2024 16:37:15 GMT
    Expires: Sat, 10 Aug 2024 16:37:15 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Location: https://interia.hit.gemius.pl/_sslredir/_1723394234637/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394234&fpcap=
    Connection: keep-alive
    Keep-Alive: timeout=10
    Content-Length: 0
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    184.25.193.234
  • flag-pl
    GET
    http://interia.hit.gemius.pl/_1723394266648/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394266&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:80
    Request
    GET /_1723394266648/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394266&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 11 Aug 2024 16:37:47 GMT
    Expires: Sat, 10 Aug 2024 16:37:47 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Location: https://interia.hit.gemius.pl/_sslredir/_1723394266648/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394266&fpcap=
    Connection: keep-alive
    Keep-Alive: timeout=10
    Content-Length: 0
  • flag-pl
    GET
    http://interia.hit.gemius.pl/_1723394308643/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394308&fpcap=
    IEXPLORE.EXE
    Remote address:
    217.74.74.29:80
    Request
    GET /_1723394308643/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394308&fpcap= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: interia.hit.gemius.pl
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 11 Aug 2024 16:38:29 GMT
    Expires: Sat, 10 Aug 2024 16:38:29 GMT
    Server: GHC
    Accept-Ranges: none
    Pragma: no-cache
    Cache-Control: no-store, no-cache, must-revalidate, max-age=0
    Cross-Origin-Resource-Policy: cross-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
    P3P: CP="NOI DSP COR NID PSAo OUR IND"
    Location: https://interia.hit.gemius.pl/_sslredir/_1723394308643/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394308&fpcap=
    Connection: keep-alive
    Keep-Alive: timeout=10
    Content-Length: 0
  • 192.0.77.33:80
    http://s.wordpress.com/wp-content/themes/h4/global.css?m=1214319868a
    http
    IEXPLORE.EXE
    547 B
     611 B
     6
    5

    HTTP Request

    GET http://s.wordpress.com/wp-content/themes/h4/global.css?m=1214319868a

    HTTP Response

    301
  • 217.74.65.42:80
    http://x.interia.pl/inpl/inpl.ad.1.4.9.js
    http
    IEXPLORE.EXE
    540 B
     2.4kB
     6
    5

    HTTP Request

    GET http://x.interia.pl/inpl/inpl.ad.1.4.9.js

    HTTP Response

    200
  • 217.74.65.42:80
    x.interia.pl
    http
    IEXPLORE.EXE
    236 B
     365 B
     5
    3

    HTTP Response

    408
  • 192.0.77.33:80
    http://s3.wordpress.com/wp-content/themes/pub/simpla/images/user.gif
    http
    IEXPLORE.EXE
    1.5kB
     2.8kB
     13
    10

    HTTP Request

    GET http://s3.wordpress.com/wp-content/themes/pub/simpla/style.css?m=1219803973a

    HTTP Response

    301

    HTTP Request

    GET http://s3.wordpress.com/wp-content/themes/pub/simpla/images/bg.png

    HTTP Response

    301

    HTTP Request

    GET http://s3.wordpress.com/wp-content/themes/pub/simpla/images/user.gif

    HTTP Response

    301
  • 52.71.43.210:80
    http://public.slideshare.net/images/badge85_62.gif
    http
    IEXPLORE.EXE
    612 B
     614 B
     7
    6

    HTTP Request

    GET http://public.slideshare.net/images/badge85_62.gif

    HTTP Response

    301
  • 192.0.77.33:80
    http://s3.wordpress.com/wp-content/themes/pub/simpla/images/post.gif
    http
    IEXPLORE.EXE
    636 B
     1.1kB
     7
    6

    HTTP Request

    GET http://s3.wordpress.com/wp-content/themes/pub/simpla/images/post.gif

    HTTP Response

    301
  • 217.74.74.29:80
    http://interia.hit.gemius.pl/_1723394186636/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394186&fpcap=
    http
    IEXPLORE.EXE
    2.9kB
     25.7kB
     20
    23

    HTTP Request

    GET http://interia.hit.gemius.pl/xgemius.js

    HTTP Response

    200

    HTTP Request

    GET http://interia.hit.gemius.pl/fpdata.js?href=

    HTTP Response

    301

    HTTP Request

    GET http://interia.hit.gemius.pl/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap=

    HTTP Response

    301

    HTTP Request

    GET http://interia.hit.gemius.pl/_1723394186636/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394186&fpcap=

    HTTP Response

    301
  • 192.0.72.29:80
    http://ict4peace.files.wordpress.com/2008/09/un-on-youtube.png?w=425&h=332
    http
    IEXPLORE.EXE
    590 B
     617 B
     6
    5

    HTTP Request

    GET http://ict4peace.files.wordpress.com/2008/09/un-on-youtube.png?w=425&h=332

    HTTP Response

    301
  • 192.0.77.33:80
    s.wordpress.com
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 13.107.42.14:80
    http://www.linkedin.com/img/webpromo/btn_linkedin_120x30.gif
    http
    IEXPLORE.EXE
    484 B
     1.0kB
     4
    4

    HTTP Request

    GET http://www.linkedin.com/img/webpromo/btn_linkedin_120x30.gif

    HTTP Response

    301
  • 52.71.43.210:80
    public.slideshare.net
    IEXPLORE.EXE
    282 B
     212 B
     6
    5
  • 217.74.74.29:80
    interia.hit.gemius.pl
    IEXPLORE.EXE
    236 B
     172 B
     5
    4
  • 192.0.72.29:80
    ict4peace.files.wordpress.com
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 13.107.42.14:80
    www.linkedin.com
    IEXPLORE.EXE
    144 B
     132 B
     3
    3
  • 192.0.77.33:443
    https://s3.wordpress.com/wp-content/themes/pub/simpla/images/user.gif
    tls, http
    IEXPLORE.EXE
    2.6kB
     10.7kB
     20
    19

    HTTP Request

    GET https://s3.wordpress.com/wp-content/themes/pub/simpla/style.css?m=1219803973a

    HTTP Response

    200

    HTTP Request

    GET https://s3.wordpress.com/wp-content/themes/pub/simpla/images/bg.png

    HTTP Response

    200

    HTTP Request

    GET https://s3.wordpress.com/wp-content/themes/pub/simpla/images/post.gif

    HTTP Response

    200

    HTTP Request

    GET https://s3.wordpress.com/wp-content/themes/pub/simpla/images/user.gif

    HTTP Response

    200
  • 192.0.77.33:443
    https://s.wordpress.com/wp-content/themes/h4/global.css?m=1214319868a
    tls, http
    IEXPLORE.EXE
    1.4kB
     7.8kB
     16
    15

    HTTP Request

    GET https://s.wordpress.com/wp-content/themes/h4/global.css?m=1214319868a

    HTTP Response

    200
  • 192.0.72.29:443
    https://ict4peace.files.wordpress.com/2008/09/un-on-youtube.png?w=425&h=332
    tls, http
    IEXPLORE.EXE
    1.2kB
     4.7kB
     12
    10

    HTTP Request

    GET https://ict4peace.files.wordpress.com/2008/09/un-on-youtube.png?w=425&h=332

    HTTP Response

    302
  • 52.71.43.210:443
    https://public.slideshare.net/images/badge85_62.gif
    tls, http
    IEXPLORE.EXE
    1.3kB
     6.8kB
     13
    13

    HTTP Request

    GET https://public.slideshare.net/images/badge85_62.gif

    HTTP Response

    301
  • 13.107.42.14:443
    https://www.linkedin.com/img/webpromo/btn_linkedin_120x30.gif
    tls, http
    IEXPLORE.EXE
    1.3kB
     11.2kB
     10
    15

    HTTP Request

    GET https://www.linkedin.com/img/webpromo/btn_linkedin_120x30.gif

    HTTP Response

    200
  • 192.0.78.12:443
    https://ict4peace.wordpress.com/wp-content/uploads/2008/09/un-on-youtube.png?w=425&h=332
    tls, http
    IEXPLORE.EXE
    3.5kB
     144.3kB
     63
    114

    HTTP Request

    GET https://ict4peace.wordpress.com/wp-content/uploads/2008/09/un-on-youtube.png?w=425&h=332

    HTTP Response

    200
  • 192.0.78.12:443
    ict4peace.wordpress.com
    tls
    IEXPLORE.EXE
    898 B
     4.3kB
     13
    11
  • 142.251.36.46:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    812 B
     18.3kB
     12
    16

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 142.251.36.46:80
    www.google-analytics.com
    IEXPLORE.EXE
    190 B
     92 B
     4
    2
  • 217.74.74.29:443
    https://interia.hit.gemius.pl/_sslredir/_1723394308643/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394308&fpcap=
    tls, http
    IEXPLORE.EXE
    7.1kB
     12.7kB
     19
    14

    HTTP Request

    GET https://interia.hit.gemius.pl/_sslredir/fpdata.js?href=

    HTTP Response

    200

    HTTP Request

    GET https://interia.hit.gemius.pl/_sslredir/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap=

    HTTP Response

    301

    HTTP Request

    GET https://interia.hit.gemius.pl/__/_sslredir/_1723394173393/rexdot.js?l=100&sendf=24&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394173&fpcap=

    HTTP Response

    200

    HTTP Request

    GET https://interia.hit.gemius.pl/_sslredir/_1723394186636/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394186&fpcap=

    HTTP Response

    200

    HTTP Request

    GET https://interia.hit.gemius.pl/_sslredir/_1723394234637/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394234&fpcap=

    HTTP Response

    200

    HTTP Request

    GET https://interia.hit.gemius.pl/_sslredir/_1723394266648/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394266&fpcap=

    HTTP Response

    200

    HTTP Request

    GET https://interia.hit.gemius.pl/_sslredir/_1723394308643/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394308&fpcap=

    HTTP Response

    200
  • 143.204.67.183:80
    http://ocsp.r2m02.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRmbQtwnInkvkvr7BNFR%2BS2lTYPjAQUwDFSzVpQw4J8dHHOy%2Bmc%2BXrrguICEAZGWZAMnSKW5OXbIFYv0bo%3D
    http
    IEXPLORE.EXE
    476 B
     1.1kB
     5
    3

    HTTP Request

    GET http://ocsp.r2m02.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRmbQtwnInkvkvr7BNFR%2BS2lTYPjAQUwDFSzVpQw4J8dHHOy%2Bmc%2BXrrguICEAZGWZAMnSKW5OXbIFYv0bo%3D

    HTTP Response

    200
  • 151.101.2.152:443
    www.slideshare.net
    tls
    IEXPLORE.EXE
    399 B
     219 B
     5
    5
  • 151.101.2.152:443
    www.slideshare.net
    tls
    IEXPLORE.EXE
    445 B
     219 B
     6
    5
  • 151.101.2.152:443
    www.slideshare.net
    tls
    IEXPLORE.EXE
    361 B
     219 B
     5
    5
  • 151.101.2.152:443
    www.slideshare.net
    tls
    IEXPLORE.EXE
    361 B
     219 B
     5
    5
  • 151.101.2.152:443
    www.slideshare.net
    tls
    IEXPLORE.EXE
    288 B
     219 B
     5
    5
  • 151.101.2.152:443
    www.slideshare.net
    tls
    IEXPLORE.EXE
    334 B
     219 B
     6
    5
  • 151.101.2.152:443
    www.slideshare.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 151.101.2.152:443
    www.slideshare.net
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 192.0.77.33:443
    s3.wordpress.com
    tls
    IEXPLORE.EXE
    895 B
     6.1kB
     12
    12
  • 92.123.142.59:80
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    http
    451 B
     1.7kB
     5
    5

    HTTP Request

    GET http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl

    HTTP Response

    200
  • 217.74.74.29:80
    http://interia.hit.gemius.pl/_1723394234637/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394234&fpcap=
    http
    IEXPLORE.EXE
    1.0kB
     1.3kB
     6
    4

    HTTP Request

    GET http://interia.hit.gemius.pl/_1723394234637/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394234&fpcap=

    HTTP Response

    301
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    845 B
     7.8kB
     11
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    845 B
     7.8kB
     11
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    1.3kB
     7.9kB
     15
    14
  • 217.74.74.29:80
    http://interia.hit.gemius.pl/_1723394266648/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394266&fpcap=
    http
    IEXPLORE.EXE
    1.0kB
     1.3kB
     6
    4

    HTTP Request

    GET http://interia.hit.gemius.pl/_1723394266648/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394266&fpcap=

    HTTP Response

    301
  • 217.74.74.29:80
    http://interia.hit.gemius.pl/_1723394308643/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394308&fpcap=
    http
    IEXPLORE.EXE
    939 B
     1.2kB
     4
    2

    HTTP Request

    GET http://interia.hit.gemius.pl/_1723394308643/redot.js?l=109&sendf=16&id=0nJF._e.GUanfXqR4NZDC8Wnj_gZxRscrVlo4ElDjIT.a7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1723394173&tz=0&fv=-&href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b1e33cfbe8b686231c5bdb059f4e4b9_JaffaCakes118.html&screen=1280x720r1000&col=24&window=1280x626&vis=1&lsdata=-NOTSUP&fpdata=53JrdwVIcwDLhRYtzRwchpA9a9ywBKraOT747PTTbYb.37%7C1723394173&ltime=0&fr=1&ref=&inner=_ver%3D352%7C_lsd%3DnoLoStrg&exid=66b8e87c300e73b1&brts=1723394308&fpcap=

    HTTP Response

    301
  • 8.8.8.8:53
    s3.wordpress.com
    dns
    IEXPLORE.EXE
    62 B
     78 B
     1
    1

    DNS Request

    s3.wordpress.com

    DNS Response

    192.0.77.33

  • 8.8.8.8:53
    interia.hit.gemius.pl
    dns
    IEXPLORE.EXE
    67 B
     83 B
     1
    1

    DNS Request

    interia.hit.gemius.pl

    DNS Response

    217.74.74.29

  • 8.8.8.8:53
    s.wordpress.com
    dns
    IEXPLORE.EXE
    61 B
     77 B
     1
    1

    DNS Request

    s.wordpress.com

    DNS Response

    192.0.77.33

  • 8.8.8.8:53
    ict4peace.files.wordpress.com
    dns
    IEXPLORE.EXE
    75 B
     124 B
     1
    1

    DNS Request

    ict4peace.files.wordpress.com

    DNS Response

    192.0.72.29
    192.0.72.28

  • 8.8.8.8:53
    public.slideshare.net
    dns
    IEXPLORE.EXE
    67 B
     179 B
     1
    1

    DNS Request

    public.slideshare.net

    DNS Response

    52.71.43.210
    18.211.147.111
    52.0.5.218
    44.217.150.232
    54.211.36.57

  • 8.8.8.8:53
    www.linkedin.com
    dns
    IEXPLORE.EXE
    62 B
     161 B
     1
    1

    DNS Request

    www.linkedin.com

    DNS Response

    13.107.42.14

  • 8.8.8.8:53
    x.interia.pl
    dns
    IEXPLORE.EXE
    58 B
     74 B
     1
    1

    DNS Request

    x.interia.pl

    DNS Response

    217.74.65.42

  • 8.8.8.8:53
    ict4peace.wordpress.com
    dns
    IEXPLORE.EXE
    69 B
     118 B
     1
    1

    DNS Request

    ict4peace.wordpress.com

    DNS Response

    192.0.78.12
    192.0.78.13

  • 8.8.8.8:53
    tangoing.info
    dns
    IEXPLORE.EXE
    59 B
     138 B
     1
    1

    DNS Request

    tangoing.info

  • 8.8.8.8:53
    ocsp.r2m02.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
     88 B
     1
    1

    DNS Request

    ocsp.r2m02.amazontrust.com

    DNS Response

    143.204.67.183

  • 8.8.8.8:53
    www.slideshare.net
    dns
    IEXPLORE.EXE
    64 B
     160 B
     1
    1

    DNS Request

    www.slideshare.net

    DNS Response

    151.101.2.152
    151.101.130.152
    151.101.194.152
    151.101.66.152

  • 8.8.8.8:53
    crl.microsoft.com
    dns
    63 B
     162 B
     1
    1

    DNS Request

    crl.microsoft.com

    DNS Response

    92.123.142.59
    92.123.143.234

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
     230 B
     1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    184.25.193.234

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
    Filesize

    230B

    MD5

    d2ad0b8021b844500375635e8eafad5c

    SHA1

    2ad518cea8a6316bf055e481f376143146d19cae

    SHA256

    68de9326cf6f3801c9ccf0231b2c05262bdca7de90fe7d8553710eaebaae409c

    SHA512

    88e29aad2e8eb70a5b9462a9d762251606aec5eab3bcf323792d67dc23b154d3e231efafde160990445032bab761aa9807b5c3803b44e5da0ee847a813e2c423

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    44602765b0f4049ddf11cd9aad169345

    SHA1

    e6f9cae70cdd50bb3cbabbb6477ae359fbd7d4e5

    SHA256

    36002e58a4064aed9f253710586635cce51f43347f71ff10ef5cbf1ed6e972fe

    SHA512

    369afb04e0bd07f744f63d4f1601b9655074e68125575dac0b5112f0961496567074cff817ad0c149fc954a53334a223c4a5a503b8c8cd6372aa1936c14681a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8a7fc0252454fcf5b926b7a34b3b892

    SHA1

    e124d11cc2eb30d27c972b25ed4b7d5ee7f5d315

    SHA256

    3c894dbc21081c7643a6f05eaab1a4875a008e76fe03117f30c2956746b50eab

    SHA512

    9b6682f0149f9018aa2a4bb2b7e79071244b6cfcedc07a9ed10a59b1ed68a752056932db1bb06e1892c5da5ee5fd7d0d198b4159ae822077f5a29e81d46a43fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a5c795eda956a9ab4d5895c45ee43a4

    SHA1

    e04add8aa86d8e924798b48a9f759ad5e979b831

    SHA256

    0fd6f83f3071aae603df51a7cd33f1c1f356639acce913820c953787c51070f8

    SHA512

    2bae23ac2398685e9745ddd23a41ee62d23d6033ff9fd90b7888fc52f4dd2e47b47d3964a3b4bb47259687dbbed4036364e3f9b2a6b5f11973efe1cfe6da7a49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd06d15f73a4a112fef25260a718a2b2

    SHA1

    ba3a9e384df4ccd9720f8cd97c55a64b70a6aaab

    SHA256

    be80d9b53a4575341b403d8937243939afee9f0d60b309fadad3e960d81363d7

    SHA512

    b1c9402a796387d6f3570e56be87ab1faef8cb339ece8923cc9b8aaba3d470856527796c9be197407ab61362689b65d6b51b726823d5dcbb2564b760329030b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    786aec03e90f1bfd123b3c1e02c9b242

    SHA1

    4930a4257c0627f20fd05e2c6002e2d65af1e0a3

    SHA256

    47a8433c6b69f947be3f16a27f50c586348c3cd204dd294ff4c2ec7f8bf2270e

    SHA512

    01b03e08d369619c126187668af998f56981ce4b5db25098e4a06c7567eb53dcd6364659d4afbc77d562faf56a31d752d35fd35f699ccc024020869a5130bb02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c8a77e099fd2673464097f15af80e80

    SHA1

    fed2c216b95641160d6d0289fbb3e1d0d3767b84

    SHA256

    0c8293dae737d0eee765ac9d36580f7bbf486c2205ae3d0401521bac385d807f

    SHA512

    2679e58cb26587ef8ec690ececc9df71057cffe7c168be67f81c8b40a175d9cc5acb765abd328734474cb6d5d79975b0faeca2d0a6371adda6994a16ac8c9bf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04e30c2d9a0b02bdb189be175da48aae

    SHA1

    754750ec0ba93dbe60f5a97bf9784f4921e5193d

    SHA256

    3b444af2da5e907bd33268fa8ac75a9696c97bdf3b1b91c264cb013a5890a0b2

    SHA512

    08b4e345c146d3e772ee114cb58df4d7971d6faf7cf11ffec278fa2a64bf1ebc21f2a62070e759cc535137773db384843d5abfbc22a1eca14bf8c3c178674868

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bc5eaed7214e4197365a1b86c25250c

    SHA1

    069da432f808a94330611f51eff88d5a84ba50ac

    SHA256

    2c835d7025ce548d8278f57915c1cedf9d57971aa4ed763851191b80886f71be

    SHA512

    fae60da0319c38718034dde87fa2dafc5e7f99d89a4269181eb597410c217e3fe2361df7c7c4a36d2b05ea7d6c82e8ab9ccc8df2dc7e59827e6158375f4b8320

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1904bace4dc8c8ad7b246ead9d8a4401

    SHA1

    f48e647418237b5116c50ac9edb889ac3cab0df5

    SHA256

    6d96ba7ed9380c151d61461b1d518054b21accb16b032eaafcf4296869800436

    SHA512

    67a0468994963c5ff7a19042d0dc56d86c17b286b9eb341a23e2931e85b31fbd4ad8214909e1d049a91c92b20969a65bffa466b6626fd8419cb6899829b2b939

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9ed298160fa8d9b91b28aa9cc933f10

    SHA1

    8de00856ffd465fe7ef63c991fea66453a368200

    SHA256

    f3787a5560eb5956f158cbaad0cf61bce66fef38a91f5029134d98f217cc984e

    SHA512

    b449015c738058c16977e1c768aa9785a9acfe43ed4f2c055670876a35dd70ac6aeccbe2309db5146c9eed852f8ea2240591badf3762979ed54973dcb97a3517

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47776eef948ac3122c11c8bbf71649a3

    SHA1

    429015a393b5b51926f760f5d81e582e7255c0ab

    SHA256

    4b52190c742c2ac98cbacefc175733c34a4b606b1d91af8363822ee0b00c6b5c

    SHA512

    0425ce54c9cc98750c3bffa4c2dae0de9d1ec7cc27814372b5e9ac278c2ddd40c1c18f81ab5c63595f7b4262bd99e8afac86e8aba1a73ba655af7d77498a7199

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cde1836058ee5afea6999e143d71b1bd

    SHA1

    28f2eb4625fa827e59b2edca3fe999f9ea358d33

    SHA256

    6ec68d7ec21ff0f48bd0a41c58c93e9899bac79e9b732ca79cc91c8b21d74bfc

    SHA512

    685cb2e5b202d278349406b0665572203eb0742e90b94040346c7815e6a80bdfc10e4a07aac0d8ae907dc662d6df7dba4709a957d0a0c496f47338384e297a35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f7cfe2d38c1a1ed29fcd569732ee7cf

    SHA1

    6e5d373fa789a69eb5a148f362a4491047bdbcef

    SHA256

    293f60dfc79ea34208f2b10f4d077e5f77ef50e5b04cf4957191577a7b1bc262

    SHA512

    4ed0aa54b87df64530e827869c25d7121db8c30497bc1db45f8473489af385995ecb4076881a3f7bc51f514656feeb81df099c4d426918dece12ad226fa9263e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    629b456a1ac9302f19e45679e1a22989

    SHA1

    9545f50f5df0ca3686801f581df38181af1c319e

    SHA256

    967d97e24230e0d155532dcae8c9ba3266cbc7cfced80211e9a2da66f7c087f8

    SHA512

    9de20953248507bdcabffff71c2875dcaecf20d185a20b4ddb6f05ed9dd059bb36dfed2f59acd453bfd823be26a3d8e551ce9242b8db4354f2e4bfa15530047f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c864c98625b5470509044e25ff110eb

    SHA1

    1c0dcab28f298c8ce9fba8916215566c454720eb

    SHA256

    c851f5fb3dbfcb33b55ae4687353deb2cb4062468042ac6a0f392635753ab250

    SHA512

    4311a604c483a0875cde3da84ee4cd44bc5fe6346ebce19b8796308f03ee1c039feb085cd88c5d9ceb8a65a1bd6d3f0182fc30318fba17cd0e4dc4eef3d03143

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dfcf23cec690c4f1f79634d55ecf7ba

    SHA1

    ca2933edf2e2929f06f27eca9bc8550cfffe7aaf

    SHA256

    22297f1d69099b3945650bfcc77ab75e2cb9b048c7811537207682534cafe206

    SHA512

    b5fe5fa253cc2ac6cfd536b1827c519b82dde139eb48fd62b69e4f3509103725abadeb403dc1fb8e7714e5b3a828aa184c7b195a4d5095288508aa43fb715f05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bcb1fd51bef3040d2bddf780f48adf36

    SHA1

    1e617f4d063d45257333d9115b2a37593d62e5fa

    SHA256

    68e2ae80226f9df6a9759e93281702c601bff66093e71ee80c1e570258e1a677

    SHA512

    301703eb7453308f6f69c9d41e5513dacaecc4839bc6da185b086248e5a00230aca8831d75020dc0f5a1913073b6a047021518de34b2d406ba6953a9e88e3b38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ce0cd5ac0c9e45431090653a440134e

    SHA1

    61ffcfee5cd94296b0876236d1478f8e323a7b4c

    SHA256

    d8a22aa9b0b31e92a872920a4d240d68e4dd8f9f034ce794098b271043a5cf7b

    SHA512

    534a912bb3d686dae2829edb57a5f2cfd3f481976fcfc4728833055d9f66142c2ae362f67047424fee48b4e1733c17ad75df33d5d9be528b3fe58d26ad1a8615

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eba28e6cb12191b5a3424370bfbb0ed2

    SHA1

    81e92ec6980c76ad68dab1f6d770f29d085774de

    SHA256

    8d8633fae13e2274f212d688c940529d05bf01ca738876b63c845cf9d86a86a6

    SHA512

    de4429e4a933f894a39476d3f4402b829719a940f7c8fc1a78aeb2927868e1b31419bae9c24eefc4cb5189b93e5aa982a82d0e31ecd261420dfa1fe57398dd36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f021d65ef8e8861a0975ca9b3984bf4c

    SHA1

    0b8df85a195d9b1835d5f0558ca5e987c8cbd1c5

    SHA256

    b0cbb64f55588c2b4ab758d312a37d34b10f809f931014d1213400e94d0d5539

    SHA512

    eb88d3370db390b1186eb08604a651e073a9f42931888fda0c27124eeca0cff4f73b46e1db94d6120b63b429b7dccab5091ec25c79aab88d8661278af01ecb05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e67357d75827a68ecf17bd6fce8ede12

    SHA1

    e2aa53e5a46c12f143870f8b06317c7159675ae5

    SHA256

    91c8c9e01d8f3951bec4bc5ff4773db6bdba62f64781e0a3f7099f16ed486ce3

    SHA512

    f6f8dd4d0d94c2134787881c01270086cece99f4babb9c7aad0128e9b5a1c58d95b4be1d5f4de8a4aa97f8b856b946f476f124b1967e5acd8711e50477dad406

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5fa48755854779a3977142353724f644

    SHA1

    74c4b64e9612296de2d4243ef7888afa4ca95c44

    SHA256

    a5dcea573c04b76b404fc0d7a62d58327add398c86ed68e1f58962b1d2682779

    SHA512

    dda051786bce503f973fb348ccc742870d8a188facc83cc93af9d852ed73bc557c2fa157966af1e36d9e58c985491d94b404fa54bae2b66641481da1ae9d5b8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d72b90fa9cd44184c40bb89202646ee4

    SHA1

    62df11a0a89b1137725e3f32b7af9da7f9bb9236

    SHA256

    3ad17a10288ede6a0222baab0c5dbacaa182e48ebc509a816cbf0f3e9e82a4dc

    SHA512

    88c31b136074c353fc19cbd5bf88e85c6ce888735b021dc352929f59e3e0038c3f7271cc2fac936b8c1ac9c33982be084f3385542ddbccea0a450d1231abe37f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6XUZ2JLF\post[1].htm
    Filesize

    162B

    MD5

    4f8e702cc244ec5d4de32740c0ecbd97

    SHA1

    3adb1f02d5b6054de0046e367c1d687b6cdf7aff

    SHA256

    9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

    SHA512

    21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab66FF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6702.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.