Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

a2877497a9...8.html

windows7-x64

3

a2877497a9...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2024, 12:28 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a2877497a9b678e080bec9ec21fe9e7b_JaffaCakes118.html

  • Size

    55KB

  • MD5

    a2877497a9b678e080bec9ec21fe9e7b

  • SHA1

    1ff5a03305a38cae6bec1dd6b02c2a414ccf1cd7

  • SHA256

    ce2ec60e3115c6b7a0fcdc1d0b5d46faf7a4ec58d1c0deb768cf6a1e6a27fd4d

  • SHA512

    145b9b4d145cd75b0a0c789e097fc32759185b796fb3da959d86df556d07f35c5e5341aaa52b40d134ac7bda4f8c662933d689a86b06f7dbc86f2158977ee364

  • SSDEEP

    1536:+1rzPIDuG7rUrPrSrurdr0ivfyo8brk6cqIG:2zPIDbPgzO6Z0ivfyo8fk6IG

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2877497a9b678e080bec9ec21fe9e7b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2648
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2648 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

  • flag-us
    DNS
    www.urdubook.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.urdubook.com
    IN A
    Response
    www.urdubook.com
    IN CNAME
    shops.myshopify.com
    shops.myshopify.com
    IN A
    23.227.38.74
  • flag-ca
    GET
    http://www.urdubook.com/images/T/shakespearKdayssMAY.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.74:80
    Request
    GET /images/T/shakespearKdayssMAY.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sat, 17 Aug 2024 12:28:34 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    location: https://urdubook.com/images/T/shakespearKdayssMAY.gif
    x-redirect-reason: https_required
    x-frame-options: DENY
    content-security-policy: frame-ancestors 'none';
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    powered-by: Shopify
    server-timing: processing;dur=12, db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="5xz6", requestID;desc="1c8a0ba0-25b3-4453-9edd-6537cad9e395-1723897714"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: 1c8a0ba0-25b3-4453-9edd-6537cad9e395-1723897714
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSCk19e6xV1suh6U0m2IfOztBz8HDzq7yEI7x73rajK4AY9nh2hAQJr8LmtCLh6KpShDSG4xYZZ6ZSfb%2Bb8MvsT9DboOQeJL5mVRrQrWxRsZZ%2BYMcHQz5Z6%2BLtLra3dFeU0%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=59.999943
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa2d399d9424-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    http://www.urdubook.com/images/T/chaltay%20rahiye%20tandrust%20rahiye.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.74:80
    Request
    GET /images/T/chaltay%20rahiye%20tandrust%20rahiye.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sat, 17 Aug 2024 12:28:34 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    location: https://urdubook.com/images/T/chaltay%20rahiye%20tandrust%20rahiye.gif
    x-redirect-reason: https_required
    x-frame-options: DENY
    content-security-policy: frame-ancestors 'none';
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    powered-by: Shopify
    server-timing: processing;dur=13, db;dur=4, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="g9tg", requestID;desc="172ffa3a-53d0-44ad-86d8-030f2db93370-1723897714"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: 172ffa3a-53d0-44ad-86d8-030f2db93370-1723897714
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3%2FNohFjkf6zFhCMJZYyMrwkk8VBB%2BQYW1UD4nTYqnmtWv51lbEliLSYxxLQqzI3FrmqZWDegqPgEHcts0DW4K%2Fav6obkc0K3IMcpkrfQg3S5xBfFX9Tnv2RxnIwTQmp%2B3U%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=63.999891
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa2d2a6b52b8-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    http://www.urdubook.com/images/T/ashk%20pe%20kar%20ji%20rahay%20hain.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.74:80
    Request
    GET /images/T/ashk%20pe%20kar%20ji%20rahay%20hain.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sat, 17 Aug 2024 12:28:34 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    location: https://urdubook.com/images/T/ashk%20pe%20kar%20ji%20rahay%20hain.gif
    x-redirect-reason: https_required
    x-frame-options: DENY
    content-security-policy: frame-ancestors 'none';
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    powered-by: Shopify
    server-timing: processing;dur=12;desc="gc:1", db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="2wkb", requestID;desc="3bed426f-18e7-4fea-a7b9-e75e3c186eda-1723897714"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: 3bed426f-18e7-4fea-a7b9-e75e3c186eda-1723897714
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJWR3%2FGIm7ZOstD4T85lci7cj%2FYor9LndM5RaMFkTcQRjt%2Bl1eRGaQ8Yb7rC4hnualJftDyOFnynewGOZntZPiJypFIrbSSNpVzW%2FF5OgHBU1Ez6lr042LY2SsHFRIrd5cM%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=57.999849
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa2d3957957e-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    http://www.urdubook.com/images/T/karway%20gulab.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.74:80
    Request
    GET /images/T/karway%20gulab.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sat, 17 Aug 2024 12:28:34 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    location: https://urdubook.com/images/T/karway%20gulab.gif
    x-redirect-reason: https_required
    x-frame-options: DENY
    content-security-policy: frame-ancestors 'none';
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    powered-by: Shopify
    server-timing: processing;dur=12, db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="6dpr", requestID;desc="dd3c8b90-52da-4dab-ae59-b3e5f870eda1-1723897714"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: dd3c8b90-52da-4dab-ae59-b3e5f870eda1-1723897714
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gz0fAHbR071Zr2UzhxEwZJNZFEkff5ilK4%2FV2SPhupD0w2sPr99F2yHj4XLcjdGH3AW2lbEpxuE0VP3vSl0RLdzy%2BzMPm7bOVpjQcQcr5y%2FXPH9tpja1INGECM7yxwtwcQk%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=59.000015
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa2d2e78bd80-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    http://www.urdubook.com/images/T/dolat%20app%20k%20qadmoon%20may.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.74:80
    Request
    GET /images/T/dolat%20app%20k%20qadmoon%20may.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sat, 17 Aug 2024 12:28:34 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    location: https://urdubook.com/images/T/dolat%20app%20k%20qadmoon%20may.gif
    x-redirect-reason: https_required
    x-frame-options: DENY
    content-security-policy: frame-ancestors 'none';
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    powered-by: Shopify
    server-timing: processing;dur=12, db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="btld", requestID;desc="e9db1460-3368-42c3-ac4e-31a459c5c82d-1723897714"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: e9db1460-3368-42c3-ac4e-31a459c5c82d-1723897714
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2LlvfLovXDLmYOJ63wpGm%2Baqa5K8sTWkmBTiMw3k91io0%2BSmTea5TH9l2jg09RRKq%2BVp4AwdsnIWLIwwKS6KBvEw3af7mm5X3XlKzvRRHytYQxX9W6m3ow68QiFvO%2BdhMs%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=62.000036
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa2d2c69641f-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    http://www.urdubook.com/images/T/Halakat%20guraiz%20almi%20ilm%20siyasat.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.74:80
    Request
    GET /images/T/Halakat%20guraiz%20almi%20ilm%20siyasat.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sat, 17 Aug 2024 12:28:34 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    location: https://urdubook.com/images/T/Halakat%20guraiz%20almi%20ilm%20siyasat.gif
    x-redirect-reason: https_required
    x-frame-options: DENY
    content-security-policy: frame-ancestors 'none';
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    powered-by: Shopify
    server-timing: processing;dur=16;desc="gc:1", db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="tg7f", requestID;desc="f5841aa6-1e98-4d2a-9046-03e03ea4168d-1723897714"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: f5841aa6-1e98-4d2a-9046-03e03ea4168d-1723897714
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bljhU9RYYuSItANzEGR8qsUn%2FovoOpzSHlNa0oieHX%2FGFaI3zIcXoHdsCqWBNoNVeReChJoqJzf%2B9jf6793UPdYf0hrDqhP2bTbNIctKsTFpufDycmeFeyWKfdoU8u5Hrfw%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=69.999933
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa2d3d7863c5-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    exist.butterflyeffect.gs
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    exist.butterflyeffect.gs
    IN A
    Response
  • flag-us
    DNS
    urdubook.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    urdubook.com
    IN A
    Response
    urdubook.com
    IN A
    23.227.38.66
  • flag-ca
    GET
    https://urdubook.com/images/T/ashk%20pe%20kar%20ji%20rahay%20hain.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.66:443
    Request
    GET /images/T/ashk%20pe%20kar%20ji%20rahay%20hain.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Content-Type: image/gif; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    x-shopify-nginx-no-cookies: 0
    set-cookie: _shopify_country=United+Kingdom; path=/; expires=Sat, 17 Aug 2024 12:58:35 GMT; SameSite=Lax
    Set-Cookie: _shopify_y=e8d901de-b1dc-4834-8527-92eba3102e28; Expires=Sun, 17-Aug-25 12:28:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    Set-Cookie: _shopify_s=77a9268c-21c7-4054-9767-1958bb1954c1; Expires=Sat, 17-Aug-24 12:58:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    etag: "cacheable:031497e30259087d1dc997d620b2b2b9"
    x-cache: miss
    x-frame-options: DENY
    content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
    strict-transport-security: max-age=7889238
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    content-language: en
    powered-by: Shopify
    server-timing: processing;dur=17, db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="k2ff", requestID;desc="63452bda-89a6-4105-9487-a2c00c799246-1723897715"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: 63452bda-89a6-4105-9487-a2c00c799246-1723897715
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eW2WoYjsspumwdmalcq5cHQPX5LIJw8A%2FoIV3%2FMfhW2kbOj14dSB8ZmeLKgdigNgmvHIemJdOKcp3%2FRKh2Cv79Qd9jlO3V8slvRbuaxVcyxkigMFjzDUYXh00e0F8A%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=51.999807
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa3329ff48c3-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    https://urdubook.com/images/T/shakespearKdayssMAY.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.66:443
    Request
    GET /images/T/shakespearKdayssMAY.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Sat, 17 Aug 2024 12:28:36 GMT
    Content-Type: image/gif; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    x-shopify-nginx-no-cookies: 0
    set-cookie: _shopify_country=United+Kingdom; path=/; expires=Sat, 17 Aug 2024 12:58:36 GMT; SameSite=Lax
    Set-Cookie: _shopify_y=4c473695-ef22-4769-b3fa-05765640d03f; Expires=Sun, 17-Aug-25 12:28:36 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    Set-Cookie: _shopify_s=0ab619a2-35c8-45c1-9341-60e1ede2aec6; Expires=Sat, 17-Aug-24 12:58:36 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    etag: "cacheable:0a13b19cdc6e57855b26b8f2f4d477a5"
    x-cache: miss
    x-frame-options: DENY
    content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
    strict-transport-security: max-age=7889238
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    content-language: en
    powered-by: Shopify
    server-timing: processing;dur=22;desc="gc:1", db;dur=4, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="7fpb", requestID;desc="075f8eb4-6942-47b4-9647-fedf254b13ce-1723897716"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: 075f8eb4-6942-47b4-9647-fedf254b13ce-1723897716
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEOAjKw7lHxjea1%2B5hmPWMd4Hq53vH3W%2ByIxOT9gED9l8wqdyIz2pdjkmepqXBs2gZAXGaRJUZ2NmRNbYx4wm9b5mJItOTdyELRcgg%2Fd5LF3VLZvPfqMY0YqcWPcAw%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=66.999912
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa35184c6388-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    https://urdubook.com/images/T/karway%20gulab.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.66:443
    Request
    GET /images/T/karway%20gulab.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Content-Type: image/gif; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    x-shopify-nginx-no-cookies: 0
    set-cookie: _shopify_country=United+Kingdom; path=/; expires=Sat, 17 Aug 2024 12:58:35 GMT; SameSite=Lax
    Set-Cookie: _shopify_y=c49153b4-052c-4025-8c3c-28b018f4c0eb; Expires=Sun, 17-Aug-25 12:28:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    Set-Cookie: _shopify_s=bb74b421-15ca-463d-b8b1-86b2955ed231; Expires=Sat, 17-Aug-24 12:58:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    etag: "cacheable:689d4fc5284fac383d9ce46b2aae2d94"
    x-cache: miss
    x-frame-options: DENY
    content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
    strict-transport-security: max-age=7889238
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    content-language: en
    powered-by: Shopify
    server-timing: processing;dur=18;desc="gc:1", db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="2wkb", requestID;desc="a60eaa85-a3cb-41ca-a519-c4fb33ce5810-1723897715"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: a60eaa85-a3cb-41ca-a519-c4fb33ce5810-1723897715
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAvAxH697ZKdqoaNApcOuSgn8fsaBoAhKaGQKPrGN83b3t1NQoyAUQfFryeIibeXq%2FzILKftf2AHbQrlbD%2FzJS3RnjUnfXk2AdKUviACkSvaZXZ84jYSi58av4PuIA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=65.999985
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa332cdb63ea-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    https://urdubook.com/images/T/dolat%20app%20k%20qadmoon%20may.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.66:443
    Request
    GET /images/T/dolat%20app%20k%20qadmoon%20may.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Content-Type: image/gif; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    x-shopify-nginx-no-cookies: 0
    set-cookie: _shopify_country=United+Kingdom; path=/; expires=Sat, 17 Aug 2024 12:58:35 GMT; SameSite=Lax
    Set-Cookie: _shopify_y=52ba0c6e-a55b-43c7-8bdd-b2dda6aded03; Expires=Sun, 17-Aug-25 12:28:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    Set-Cookie: _shopify_s=a4ca53c2-d83e-47fe-af09-0fa9e2cbc37c; Expires=Sat, 17-Aug-24 12:58:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    etag: "cacheable:d79ad46f9bc1f7ededd94450f2d9c66a"
    x-cache: miss
    x-frame-options: DENY
    content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
    strict-transport-security: max-age=7889238
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    content-language: en
    powered-by: Shopify
    server-timing: processing;dur=17, db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="4s68", requestID;desc="645b0aba-936c-440d-af91-ad3214deecfb-1723897715"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: 645b0aba-936c-440d-af91-ad3214deecfb-1723897715
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CKA2CzLmxgaTTxfEzI56zktmyM%2Futg9njwOcJcbs0hsYDTiNSkbYQYwMhQeOksn3wKD8VLo8WO09sMwH%2Bo8kg1qfz%2Fal39bi%2BKVFxPVI0lbbu%2BGmlbMlny51N%2Be6bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=62.999964
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa333d093855-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    https://urdubook.com/images/T/Halakat%20guraiz%20almi%20ilm%20siyasat.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.66:443
    Request
    GET /images/T/Halakat%20guraiz%20almi%20ilm%20siyasat.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Content-Type: image/gif; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    x-shopify-nginx-no-cookies: 0
    set-cookie: _shopify_country=United+Kingdom; path=/; expires=Sat, 17 Aug 2024 12:58:35 GMT; SameSite=Lax
    Set-Cookie: _shopify_y=c762bd66-2272-4b91-b8df-55757dda675b; Expires=Sun, 17-Aug-25 12:28:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    Set-Cookie: _shopify_s=98b7f6c5-ea9d-455c-8b0a-a15e7ad6a480; Expires=Sat, 17-Aug-24 12:58:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    etag: "cacheable:0bd542cd9b7187365b88ac74682768ca"
    x-cache: miss
    x-frame-options: DENY
    content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
    strict-transport-security: max-age=7889238
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    content-language: en
    powered-by: Shopify
    server-timing: processing;dur=15, db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="5ng4", requestID;desc="663f7ef3-78a4-45ff-81db-a8f28e7c9069-1723897715"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: 663f7ef3-78a4-45ff-81db-a8f28e7c9069-1723897715
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljmw4Um%2B6tz%2BJyhNQ4VNRjdXMyzzUOsrhxYAoFxmPD0HkQPwwmQnAFKZHHY%2FaUzXDQ3sEzu1JAvmDr%2FKttXuHHtsYK%2FRP6LXQP76Iqw5C7JDQnhWed%2Bzgg9X869%2Fng%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=59.999943
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa332b786427-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-ca
    GET
    https://urdubook.com/images/T/chaltay%20rahiye%20tandrust%20rahiye.gif
    IEXPLORE.EXE
    Remote address:
    23.227.38.66:443
    Request
    GET /images/T/chaltay%20rahiye%20tandrust%20rahiye.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: urdubook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Content-Type: image/gif; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    X-Sorting-Hat-PodId: 79
    X-Sorting-Hat-ShopId: 8802730064
    X-Storefront-Renderer-Rendered: 1
    x-shopify-nginx-no-cookies: 0
    set-cookie: _shopify_country=United+Kingdom; path=/; expires=Sat, 17 Aug 2024 12:58:35 GMT; SameSite=Lax
    Set-Cookie: _shopify_y=99232092-1fc2-4234-9850-c5fd9f6c2a19; Expires=Sun, 17-Aug-25 12:28:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    Set-Cookie: _shopify_s=ceac093e-e16f-4655-a29a-91be1314b3e7; Expires=Sat, 17-Aug-24 12:58:35 GMT; Domain=urdubook.com; Path=/; SameSite=Lax
    etag: "cacheable:33283736e9b3f9933bd14fa7ae430d41"
    x-cache: miss
    x-frame-options: DENY
    content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
    strict-transport-security: max-age=7889238
    x-shopid: 8802730064
    x-shardid: 79
    vary: Accept
    content-language: en
    powered-by: Shopify
    server-timing: processing;dur=14, db;dur=3, asn;desc="174", edge;desc="LHR", country;desc="GB", servedBy;desc="k58c", requestID;desc="3a1ca06a-5e01-46b3-94cd-f8e98b6ef4b3-1723897715"
    x-dc: gcp-europe-west2,gcp-europe-west1,gcp-europe-west1
    x-request-id: 3a1ca06a-5e01-46b3-94cd-f8e98b6ef4b3-1723897715
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HzNV1hzk88MvfGPp4bDq5PCXEYvKXS3VgsNntH7drIzYKs%2Ft7DWkXhx3pTJkGzO327JRxVeGn5y3pIHhB5A%2Bnv32cv8U%2BwoNiX4oJvQgyw45yVKbcGi8PlXGbRDtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    Server-Timing: cfRequestDuration;dur=52.999973
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Permitted-Cross-Domain-Policies: none
    X-Download-Options: noopen
    Server: cloudflare
    CF-RAY: 8b49aa3368a2068a-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    apps.identrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apps.identrust.com
    IN A
    Response
    apps.identrust.com
    IN CNAME
    identrust.edgesuite.net
    identrust.edgesuite.net
    IN CNAME
    a1952.dscq.akamai.net
    a1952.dscq.akamai.net
    IN A
    92.123.143.201
    a1952.dscq.akamai.net
    IN A
    92.123.143.169
  • flag-us
    DNS
    apps.identrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apps.identrust.com
    IN A
    Response
    apps.identrust.com
    IN CNAME
    identrust.edgesuite.net
    identrust.edgesuite.net
    IN CNAME
    a1952.dscq.akamai.net
    a1952.dscq.akamai.net
    IN A
    92.123.143.201
    a1952.dscq.akamai.net
    IN A
    92.123.143.169
  • flag-us
    DNS
    apps.identrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apps.identrust.com
    IN A
    Response
    apps.identrust.com
    IN CNAME
    identrust.edgesuite.net
    identrust.edgesuite.net
    IN CNAME
    a1952.dscq.akamai.net
    a1952.dscq.akamai.net
    IN A
    92.123.143.201
    a1952.dscq.akamai.net
    IN A
    92.123.143.169
  • flag-us
    DNS
    apps.identrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apps.identrust.com
    IN A
    Response
    apps.identrust.com
    IN CNAME
    identrust.edgesuite.net
    identrust.edgesuite.net
    IN CNAME
    a1952.dscq.akamai.net
    a1952.dscq.akamai.net
    IN A
    92.123.143.169
    a1952.dscq.akamai.net
    IN A
    92.123.143.201
  • flag-us
    DNS
    apps.identrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apps.identrust.com
    IN A
    Response
    apps.identrust.com
    IN CNAME
    identrust.edgesuite.net
    identrust.edgesuite.net
    IN CNAME
    a1952.dscq.akamai.net
    a1952.dscq.akamai.net
    IN A
    92.123.143.201
    a1952.dscq.akamai.net
    IN A
    92.123.143.169
  • flag-us
    DNS
    apps.identrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apps.identrust.com
    IN A
    Response
    apps.identrust.com
    IN CNAME
    identrust.edgesuite.net
    identrust.edgesuite.net
    IN CNAME
    a1952.dscq.akamai.net
    a1952.dscq.akamai.net
    IN A
    92.123.143.169
    a1952.dscq.akamai.net
    IN A
    92.123.143.201
  • flag-gb
    GET
    http://apps.identrust.com/roots/dstrootcax3.p7c
    IEXPLORE.EXE
    Remote address:
    92.123.143.169:80
    Request
    GET /roots/dstrootcax3.p7c HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: apps.identrust.com
    Response
    HTTP/1.1 200 OK
    X-XSS-Protection: 1; mode=block
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    X-Robots-Tag: noindex
    Referrer-Policy: same-origin
    Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
    ETag: "37d-6079b8c0929c0"
    Accept-Ranges: bytes
    Content-Length: 893
    X-Content-Type-Options: nosniff
    X-Frame-Options: sameorigin
    Content-Type: application/pkcs7-mime
    Cache-Control: max-age=3600
    Expires: Sat, 17 Aug 2024 13:28:35 GMT
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Connection: keep-alive
  • flag-gb
    GET
    http://apps.identrust.com/roots/dstrootcax3.p7c
    IEXPLORE.EXE
    Remote address:
    92.123.143.201:80
    Request
    GET /roots/dstrootcax3.p7c HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: apps.identrust.com
    Response
    HTTP/1.1 200 OK
    X-XSS-Protection: 1; mode=block
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    X-Robots-Tag: noindex
    Referrer-Policy: same-origin
    Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
    ETag: "37d-6079b8c0929c0"
    Accept-Ranges: bytes
    Content-Length: 893
    X-Content-Type-Options: nosniff
    X-Frame-Options: sameorigin
    Content-Type: application/pkcs7-mime
    Cache-Control: max-age=3600
    Expires: Sat, 17 Aug 2024 13:28:35 GMT
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Connection: keep-alive
  • flag-gb
    GET
    http://apps.identrust.com/roots/dstrootcax3.p7c
    IEXPLORE.EXE
    Remote address:
    92.123.143.201:80
    Request
    GET /roots/dstrootcax3.p7c HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: apps.identrust.com
    Response
    HTTP/1.1 200 OK
    X-XSS-Protection: 1; mode=block
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    X-Robots-Tag: noindex
    Referrer-Policy: same-origin
    Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
    ETag: "37d-6079b8c0929c0"
    Accept-Ranges: bytes
    Content-Length: 893
    X-Content-Type-Options: nosniff
    X-Frame-Options: sameorigin
    Content-Type: application/pkcs7-mime
    Cache-Control: max-age=3600
    Expires: Sat, 17 Aug 2024 13:28:35 GMT
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Connection: keep-alive
  • flag-gb
    GET
    http://apps.identrust.com/roots/dstrootcax3.p7c
    IEXPLORE.EXE
    Remote address:
    92.123.143.169:80
    Request
    GET /roots/dstrootcax3.p7c HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: apps.identrust.com
    Response
    HTTP/1.1 200 OK
    X-XSS-Protection: 1; mode=block
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    X-Robots-Tag: noindex
    Referrer-Policy: same-origin
    Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
    ETag: "37d-6079b8c0929c0"
    Accept-Ranges: bytes
    Content-Length: 893
    X-Content-Type-Options: nosniff
    X-Frame-Options: sameorigin
    Content-Type: application/pkcs7-mime
    Cache-Control: max-age=3600
    Expires: Sat, 17 Aug 2024 13:28:35 GMT
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Connection: keep-alive
  • flag-gb
    GET
    http://apps.identrust.com/roots/dstrootcax3.p7c
    IEXPLORE.EXE
    Remote address:
    92.123.143.201:80
    Request
    GET /roots/dstrootcax3.p7c HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: apps.identrust.com
    Response
    HTTP/1.1 200 OK
    X-XSS-Protection: 1; mode=block
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    X-Robots-Tag: noindex
    Referrer-Policy: same-origin
    Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
    ETag: "37d-6079b8c0929c0"
    Accept-Ranges: bytes
    Content-Length: 893
    X-Content-Type-Options: nosniff
    X-Frame-Options: sameorigin
    Content-Type: application/pkcs7-mime
    Cache-Control: max-age=3600
    Expires: Sat, 17 Aug 2024 13:28:35 GMT
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Connection: keep-alive
  • flag-gb
    GET
    http://apps.identrust.com/roots/dstrootcax3.p7c
    IEXPLORE.EXE
    Remote address:
    92.123.143.201:80
    Request
    GET /roots/dstrootcax3.p7c HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: apps.identrust.com
    Response
    HTTP/1.1 200 OK
    X-XSS-Protection: 1; mode=block
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    X-Robots-Tag: noindex
    Referrer-Policy: same-origin
    Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
    ETag: "37d-6079b8c0929c0"
    Accept-Ranges: bytes
    Content-Length: 893
    X-Content-Type-Options: nosniff
    X-Frame-Options: sameorigin
    Content-Type: application/pkcs7-mime
    Cache-Control: max-age=3600
    Expires: Sat, 17 Aug 2024 13:28:35 GMT
    Date: Sat, 17 Aug 2024 12:28:35 GMT
    Connection: keep-alive
  • flag-us
    DNS
    crl.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    crl.microsoft.com
    IN A
    Response
    crl.microsoft.com
    IN CNAME
    crl.www.ms.akadns.net
    crl.www.ms.akadns.net
    IN CNAME
    a1363.dscg.akamai.net
    a1363.dscg.akamai.net
    IN A
    92.123.143.234
    a1363.dscg.akamai.net
    IN A
    92.123.142.59
  • flag-gb
    GET
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    Remote address:
    92.123.143.234:80
    Request
    GET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Wed, 01 May 2024 09:28:59 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crl.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1036
    Content-Type: application/octet-stream
    Content-MD5: 5xIscz+eN7ugykyYXOEdbQ==
    Last-Modified: Thu, 11 Jul 2024 01:45:51 GMT
    ETag: 0x8DCA14B323B2CC0
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: 72f579ca-d01e-0016-7f43-d3a13d000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Sat, 17 Aug 2024 12:29:05 GMT
    Connection: keep-alive
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • 23.227.38.74:80
    http://www.urdubook.com/images/T/shakespearKdayssMAY.gif
    http
    IEXPLORE.EXE
    572 B
     1.6kB
     6
    5

    HTTP Request

    GET http://www.urdubook.com/images/T/shakespearKdayssMAY.gif

    HTTP Response

    301
  • 23.227.38.74:80
    http://www.urdubook.com/images/T/chaltay%20rahiye%20tandrust%20rahiye.gif
    http
    IEXPLORE.EXE
    589 B
     1.7kB
     6
    5

    HTTP Request

    GET http://www.urdubook.com/images/T/chaltay%20rahiye%20tandrust%20rahiye.gif

    HTTP Response

    301
  • 23.227.38.74:80
    http://www.urdubook.com/images/T/ashk%20pe%20kar%20ji%20rahay%20hain.gif
    http
    IEXPLORE.EXE
    588 B
     1.7kB
     6
    5

    HTTP Request

    GET http://www.urdubook.com/images/T/ashk%20pe%20kar%20ji%20rahay%20hain.gif

    HTTP Response

    301
  • 23.227.38.74:80
    http://www.urdubook.com/images/T/karway%20gulab.gif
    http
    IEXPLORE.EXE
    567 B
     1.6kB
     6
    5

    HTTP Request

    GET http://www.urdubook.com/images/T/karway%20gulab.gif

    HTTP Response

    301
  • 23.227.38.74:80
    http://www.urdubook.com/images/T/dolat%20app%20k%20qadmoon%20may.gif
    http
    IEXPLORE.EXE
    584 B
     1.7kB
     6
    5

    HTTP Request

    GET http://www.urdubook.com/images/T/dolat%20app%20k%20qadmoon%20may.gif

    HTTP Response

    301
  • 23.227.38.74:80
    http://www.urdubook.com/images/T/Halakat%20guraiz%20almi%20ilm%20siyasat.gif
    http
    IEXPLORE.EXE
    592 B
     1.7kB
     6
    5

    HTTP Request

    GET http://www.urdubook.com/images/T/Halakat%20guraiz%20almi%20ilm%20siyasat.gif

    HTTP Response

    301
  • 23.227.38.66:443
    https://urdubook.com/images/T/ashk%20pe%20kar%20ji%20rahay%20hain.gif
    tls, http
    IEXPLORE.EXE
    1.3kB
     7.7kB
     13
    13

    HTTP Request

    GET https://urdubook.com/images/T/ashk%20pe%20kar%20ji%20rahay%20hain.gif

    HTTP Response

    404
  • 23.227.38.66:443
    https://urdubook.com/images/T/shakespearKdayssMAY.gif
    tls, http
    IEXPLORE.EXE
    1.6kB
     7.7kB
     13
    14

    HTTP Request

    GET https://urdubook.com/images/T/shakespearKdayssMAY.gif

    HTTP Response

    404
  • 23.227.38.66:443
    https://urdubook.com/images/T/karway%20gulab.gif
    tls, http
    IEXPLORE.EXE
    1.2kB
     7.7kB
     12
    14

    HTTP Request

    GET https://urdubook.com/images/T/karway%20gulab.gif

    HTTP Response

    404
  • 23.227.38.66:443
    https://urdubook.com/images/T/dolat%20app%20k%20qadmoon%20may.gif
    tls, http
    IEXPLORE.EXE
    1.3kB
     7.7kB
     13
    14

    HTTP Request

    GET https://urdubook.com/images/T/dolat%20app%20k%20qadmoon%20may.gif

    HTTP Response

    404
  • 23.227.38.66:443
    https://urdubook.com/images/T/Halakat%20guraiz%20almi%20ilm%20siyasat.gif
    tls, http
    IEXPLORE.EXE
    1.3kB
     7.7kB
     13
    14

    HTTP Request

    GET https://urdubook.com/images/T/Halakat%20guraiz%20almi%20ilm%20siyasat.gif

    HTTP Response

    404
  • 23.227.38.66:443
    https://urdubook.com/images/T/chaltay%20rahiye%20tandrust%20rahiye.gif
    tls, http
    IEXPLORE.EXE
    1.3kB
     8.3kB
     13
    14

    HTTP Request

    GET https://urdubook.com/images/T/chaltay%20rahiye%20tandrust%20rahiye.gif

    HTTP Response

    404
  • 92.123.143.169:80
    http://apps.identrust.com/roots/dstrootcax3.p7c
    http
    IEXPLORE.EXE
    369 B
     1.6kB
     5
    4

    HTTP Request

    GET http://apps.identrust.com/roots/dstrootcax3.p7c

    HTTP Response

    200
  • 92.123.143.201:80
    http://apps.identrust.com/roots/dstrootcax3.p7c
    http
    IEXPLORE.EXE
    369 B
     1.6kB
     5
    4

    HTTP Request

    GET http://apps.identrust.com/roots/dstrootcax3.p7c

    HTTP Response

    200
  • 92.123.143.201:80
    http://apps.identrust.com/roots/dstrootcax3.p7c
    http
    IEXPLORE.EXE
    369 B
     1.6kB
     5
    4

    HTTP Request

    GET http://apps.identrust.com/roots/dstrootcax3.p7c

    HTTP Response

    200
  • 92.123.143.169:80
    http://apps.identrust.com/roots/dstrootcax3.p7c
    http
    IEXPLORE.EXE
    369 B
     1.6kB
     5
    4

    HTTP Request

    GET http://apps.identrust.com/roots/dstrootcax3.p7c

    HTTP Response

    200
  • 92.123.143.201:80
    http://apps.identrust.com/roots/dstrootcax3.p7c
    http
    IEXPLORE.EXE
    369 B
     1.6kB
     5
    4

    HTTP Request

    GET http://apps.identrust.com/roots/dstrootcax3.p7c

    HTTP Response

    200
  • 92.123.143.201:80
    http://apps.identrust.com/roots/dstrootcax3.p7c
    http
    IEXPLORE.EXE
    369 B
     1.6kB
     5
    4

    HTTP Request

    GET http://apps.identrust.com/roots/dstrootcax3.p7c

    HTTP Response

    200
  • 92.123.143.234:80
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    http
    399 B
     1.7kB
     4
    4

    HTTP Request

    GET http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl

    HTTP Response

    200
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    785 B
     7.8kB
     9
    13
  • 8.8.8.8:53
    www.urdubook.com
    dns
    IEXPLORE.EXE
    62 B
     108 B
     1
    1

    DNS Request

    www.urdubook.com

    DNS Response

    23.227.38.74

  • 8.8.8.8:53
    exist.butterflyeffect.gs
    dns
    IEXPLORE.EXE
    70 B
     138 B
     1
    1

    DNS Request

    exist.butterflyeffect.gs

  • 8.8.8.8:53
    urdubook.com
    dns
    IEXPLORE.EXE
    58 B
     74 B
     1
    1

    DNS Request

    urdubook.com

    DNS Response

    23.227.38.66

  • 8.8.8.8:53
    apps.identrust.com
    dns
    IEXPLORE.EXE
    64 B
     165 B
     1
    1

    DNS Request

    apps.identrust.com

    DNS Response

    92.123.143.201
    92.123.143.169

  • 8.8.8.8:53
    apps.identrust.com
    dns
    IEXPLORE.EXE
    64 B
     165 B
     1
    1

    DNS Request

    apps.identrust.com

    DNS Response

    92.123.143.201
    92.123.143.169

  • 8.8.8.8:53
    apps.identrust.com
    dns
    IEXPLORE.EXE
    64 B
     165 B
     1
    1

    DNS Request

    apps.identrust.com

    DNS Response

    92.123.143.201
    92.123.143.169

  • 8.8.8.8:53
    apps.identrust.com
    dns
    IEXPLORE.EXE
    64 B
     165 B
     1
    1

    DNS Request

    apps.identrust.com

    DNS Response

    92.123.143.169
    92.123.143.201

  • 8.8.8.8:53
    apps.identrust.com
    dns
    IEXPLORE.EXE
    64 B
     165 B
     1
    1

    DNS Request

    apps.identrust.com

    DNS Response

    92.123.143.201
    92.123.143.169

  • 8.8.8.8:53
    apps.identrust.com
    dns
    IEXPLORE.EXE
    64 B
     165 B
     1
    1

    DNS Request

    apps.identrust.com

    DNS Response

    92.123.143.169
    92.123.143.201

  • 8.8.8.8:53
    crl.microsoft.com
    dns
    63 B
     162 B
     1
    1

    DNS Request

    crl.microsoft.com

    DNS Response

    92.123.143.234
    92.123.142.59

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
     230 B
     1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
     230 B
     1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    822467b728b7a66b081c91795373789a

    SHA1

    d8f2f02e1eef62485a9feffd59ce837511749865

    SHA256

    af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9

    SHA512

    bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
    Filesize

    893B

    MD5

    d4ae187b4574036c2d76b6df8a8c1a30

    SHA1

    b06f409fa14bab33cbaf4a37811b8740b624d9e5

    SHA256

    a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7

    SHA512

    1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    8b44000c1e111ca32f2ae26c3ac2e28b

    SHA1

    22b3bfa5be8027d99ed8b7d656b5d2ac09374736

    SHA256

    4a4f406cac3f4aeb1fc887685c779ddc31d7108da45b6a0dd179562a0ede938b

    SHA512

    05cf202a3ceb53836f950bf1aac82a828467457f33e25a36936d4519a1a06857104222d434b3fd054b411980c46801968b42766d49399faab135051d0b038edd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    884d7a23f758813d2f3e54d35acabfe7

    SHA1

    89a68df202a5b873850cbd76d740fab90815b0c4

    SHA256

    fca4a304a0baa4613c9c8c7ed7a9f3d27043b7f7a7102ee0f850744ea6b78143

    SHA512

    b077c4196b6e8e23644e05c20da4b4d1090994334cc54d30fbc63f5309f232760b26f303a99961ebde2a183d7cc985d4fb4a8bab6a89a461216b1c44d984a289

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a4eb1d869fa7036e9abebd4f1cac1b8

    SHA1

    53ea80e3b5d915024d40027445a7e670d629d3a4

    SHA256

    746e140ad805f79d06a8d7c5ae084be5606f267dec4ed01fae52de41b7d52a47

    SHA512

    5fd84fcb1bc553c43f0286314f106cfd313c75b27b1bcbec97a707bb61e285f57b47cbe79fa816857f3bf854d404ac21be900b195d1a17dd25a320536b9a7023

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfcddf706ce9b65742cb37f9c4d709b2

    SHA1

    384fe2a3f11fe750e8f1334a444b39fd2a49ca35

    SHA256

    a7981844e0f87e7ac7767a719075c8f3f0edea4a2fa04634c57b2e051f63c4d7

    SHA512

    7d3ce57c29ccaa786c2173c86a78e569170d4323ec48b0d21fbaaeda55d4d041d0c88e0a7bcdb9dd992a3dfd937aada59f12a913f7fb18b81693863041f79aef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bce71eab52046f1f45c3df90e391800d

    SHA1

    42b1e0c860973f72f8112feceeb488ed787875ee

    SHA256

    1ad91d5046fe5e8b415906f5f75addb47252feb5d64467625846dcd2e58cf4fc

    SHA512

    fc1a772b19249d0fd7df699f4dbdb09b86ba465315fe7f74149657265bd95fb0f30512d2c68ce647697ed974e61dfff65a050e265b423ed4f44f4be2065ea103

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2126f335be1df2ce344451bc9ebeb271

    SHA1

    d169ce4aad8f8f91d1c6687fac8c2eb9af25d467

    SHA256

    fcffb4ea5e7864957c9f1ded8304c02783f3586a1142eae706cbd8cdac52f685

    SHA512

    66420cea94e5e74423ff54a0da9b9b26e0890730ae7a4c2cf80c38292abce7d26b16384ae863578f4c671230b7fbcdb9e1782eac7f83736178872155515e9490

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cbf2fac2f4896966d6bee0c13343f3a9

    SHA1

    4763466f609f4b472fa16aa1fa7a32578fe74003

    SHA256

    e46d6342565dda0956e27c3cf5195a5c3f7b5a6074b6537bc02d97b4331dd1b3

    SHA512

    313b52b643664050e2a667c38e827ea2e59ab1997b0407cd4e155aca899bfe72376c14b6d5f7d436cadaa124fd15b1d17200e5d88c807ad1a61ee286e1736fc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4dcc7ae7e0a95a53ce9ced297deb0557

    SHA1

    98894c9c832405532b5f79b78f657b8f88f0f54b

    SHA256

    2c451f035bd21d788ae93d638cfbcf298430b1947e850cc65b07119fbbb22f27

    SHA512

    42aab97045e18e9af577cae94b673ca96faaa5a1d637c13ac3b363932da586575c5bf9c3c374597d42f86972874f78a7fd897ff0878ee1b90c503f0dade41e2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a84b1b970b4ba2d612e76a2222be7d3a

    SHA1

    fc4c20228fbc3c64b556983461b514e1426daed1

    SHA256

    1f1ad27f9fa8a0085a920ab065d5f3735406ea6a35c2b03a0e4090f2c88f3dec

    SHA512

    2158c12173cf0d84f9abb8b3685f318b1349edf9a1e5fd2d1042b12676b99b9a19ed332d34149d38e6985288aa11a669826bbf53e57396d41cb071d6451c66fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1a4d08bec6bce4b1c7b45fdd6f27dcd

    SHA1

    52c74d08d49de9524f40594e98c6da2359c1b699

    SHA256

    076aeff8a072e38e82d1a13c534cd715a84e5e323326b1a1bdb3137503c46d4a

    SHA512

    c447ff324150fdff136c7ad131fd43f3551af4ca798754e0eae0681d4d70e0dc513e7c17eb1cd4af4a21a3da52be6ffc86bc8c48955e26e9e6e4a2cb0912d644

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12a65887c8798b18236b12ad14f8d86a

    SHA1

    d0e0e0a9eaf99d64d54a97d6285ecaf9d9144c13

    SHA256

    377078491db05b93298ad92a8cceea18f5e59b900394dd312bbeb8577ce9008c

    SHA512

    292af046e6b05bf0e29bfb30489b46ca0882b92911ebb9b4eb42a16a095fba48fbcc2f02a618c0f56cc6c9d707b63166a0a4a4c72045854a234f02142dd8963f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1863c0bb9955ad355fe550ee10170705

    SHA1

    7b7f669166d30f5eeffbd9a0250c70f9a9dbc337

    SHA256

    6204df10f2c7a1f258c94e3778fe0a06209dc3e024957f4803d108b62be5d432

    SHA512

    452600f292bf1379d8c7e2ac7cffcf7200f9fca50b69548d568b3892b9b345200fc2a7013e3bf4f7e83b5008f41c255f5cf0958c338bd2431b413d3d147e9965

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    735a3609e16c475033e2038c798998bd

    SHA1

    8c8a3a02443ddd10f26f782c76de53f3cc5eede8

    SHA256

    348965d7d655acb2dd87cfe7bf79d2597d79dea41db2add3ae1daae6c855f38c

    SHA512

    96f306e2e6a38d9f7c907c1e98ed29c1f1d7e39a7cdcd24e2ac8b0c09cceb04132656cf7bec83651b27b93437f2b10f568eb7683fc06b33988503d2bcb892465

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2d43424dd9a0ab848656452b4934f36

    SHA1

    eb9cf860b9801bd6e2d94a095eb845ae3d691ad8

    SHA256

    36549a976770043b9073002fb4dbaac93d7a1355eb985d7128970b4f6afbd1d7

    SHA512

    4044093630fa7b32a3cb699d5c9807b0e390fc4ebcecc86c2a338863993c94022c06b575f9e3a53cf1eb388264eb50fc62c088fecd3210d852ef29c629dab312

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    377f583c955e7ff459f0e87dffbfca5b

    SHA1

    d0bebde20697811b01ef9bf2056752dfc73a82e4

    SHA256

    be6b5c9a7e3c08dbf3fa51c8e362158f277146428a7e71e656192da20526aa5e

    SHA512

    db0538aa82c44c2dfdf4a3fdf83eabf82c4f3ba1a7763ddb9e3e0b3cce52dda244a53119eda50aba9c1f7506bafdb4aa29c8fcea1370f1517a64a0cd0eed20b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b970550c9825a2bbb56b444b818536d

    SHA1

    4f20a63b84217a19d162d7ae484b9248dd423115

    SHA256

    4117aeec4e12520a667a0ad7bfbf3d5b691f5cc42716e2b69015bf0eac976038

    SHA512

    6c33600dda92eca2bf500bd5deb8165d595673a2815d97e758d580b31a5d54030e9563c37202e60ef8ac9151538edf5d2dae0e4f2244dff8ed0c006728eca5d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92d8ea825edc88699e24610e6cf9212a

    SHA1

    13c359b03aeae7a778b07d88ab785527cb02bd31

    SHA256

    da927b19a37df20e67e7504423fd78662155e3514a48fd8b381e6ffb752b5f42

    SHA512

    12a1f6bf25c6612efa6fbe30d5e352e647693296c484d6abf832cccc447e52d282598800f81c65665895d8d8909cacbdc00076fb861f53cdd02e470e99e17c1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66c5bb5dd8980e808b281a99c192c06e

    SHA1

    e5e6d14a51281d62e705b949f806b2b4b25d94b9

    SHA256

    82dae33b02ce680900498de68392cd3ad7a13409111727d9eb5690a229523eea

    SHA512

    2382c85ad41b7d741c8d5a352e3be42f6807a419a6fcea8a8c7e0e12bfc49092643ae83072db14af324a67b2eb8bb46b42129fa5d12e352879f1cedc56895162

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14a28ad699e5dd147eba774b0e21088f

    SHA1

    42689e83ba2ca58e1701d99b07063473d575ba6f

    SHA256

    c9d44a710de182a47cfdfa90404c5074da273c17fe4e96271c9abd16b61be216

    SHA512

    54d09ea21efe653acab6c9f5fb461dae291ce2ce8882612711618b3292d2088809bff8f9a191dae219b7338abb2e5a6e3be7a802f10280a0d8eea7ac6d9f7eda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6998e4dfb597f72326aac056c9b013a4

    SHA1

    a43b47200174f9ed6e3fd26728801c51f262f45d

    SHA256

    8e0352454a2daa7d441c0aef693eb03e3e5d7e07cff14d99a70ad7ccb8f5339d

    SHA512

    6874a6d3de04b992177c91c49b7f7aa96527be477fe006dadbf4b879f7072f85e4166dcca0e64ebb84a8f6fc0d2830b6c2ade99be2ff856824b34a370897122b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b408ad50f64b35a2b8c932378226538

    SHA1

    61d7cd8cd47588ff24df2ac3d266fa34975169ab

    SHA256

    35d2c868c51ff61f07560bc77e72a6d930c858cdb8d1da29a7a60c49da5a297b

    SHA512

    23be89e75c0c9e719629a5052739aa71c53533a2d3339ffde617242b98affa6ff21de5962861c53498855170b4419d101cf24a0bd4aea29e9c9b7d1c9e2ac678

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1de79dd25755101391a39b62ae0fb441

    SHA1

    307ad5bf2607ead1da171843e3c0420115d8a60f

    SHA256

    1d4349dfabbbf5f817cd47c808a4cc98464bad432ab49e5005a38336d4f48860

    SHA512

    b74d9e881d9e873697c953af69e10f7f0fd6597d5c81a96b24deb8e3fe5fa436614efddceb4be8514ec39593090b3753f2b96656f5502e09d104a0e732bc8f17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    b2282a8ca3cc6f588bfc6760449f0cde

    SHA1

    ddabce2a2429f5debf57abc6833355a1e7b942c2

    SHA256

    7a79c8bf265dd95183311dbfb4d8ab37013db4ea1a02ca807dce18c9cf04977a

    SHA512

    5ebf730bec4d778da6f5c5673872e6b87c562a570aa5563e98b66244e40e5d73a4da82f9f4659ecdd50c5a85f480de93548be96c8266ee820890bae53b500e37

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab41B4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar41B9.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.