Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    146s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/10/2024, 05:19 UTC

General

  • Target

    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe

  • Size

    573KB

  • MD5

    2b9103addd66f83517888b11249dc44d

  • SHA1

    92a0fd9ae55be9eb1af2b8d5c7b55cf43899f0e0

  • SHA256

    7b5c65ae580d887398957fdeb574f54427e5dccdd0ab8cb7a9e6f91074e28b17

  • SHA512

    27e20865eea26f380c05350649d9489d6c0f19a4dd9fbcc2a7065fa060491e796480b54e596ea44f1355b91cdeb5d566e75cd2ae88198f719e62b870f18abd3d

  • SSDEEP

    12288:Aw0BXaqyCBubFFEcc48v0h5MkrbJoXrPRom433Aod72yzg4y:70KqyNtL5MkrVo7Jod3Aod5zg/

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

cd8dc1031358b1aec55cc6bc447df1018b068607

Attributes
  • url4cnc

    https://telete.in/jagressor_kz

rc4.plain
1
$Z2s`ten\@bE9vzR
rc4.plain
1
25ef3d2ceb7c85368a843a6d0ff8291d

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

  • Raccoon Stealer V1 payload 5 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3964

Network

  • flag-us
    DNS
    telete.in
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    8.8.8.8:53
    Request
    telete.in
    IN A
    Response
    telete.in
    IN A
    199.59.243.227
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:24:30 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 2f79fb73-b7f6-447c-a214-2e7931c1cc03
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=2f79fb73-b7f6-447c-a214-2e7931c1cc03; expires=Wed, 09 Oct 2024 15:39:30 GMT; path=/
    Connection: close
  • flag-us
    DNS
    g.bing.com
    Remote address:
    8.8.8.8:53
    Request
    g.bing.com
    IN A
    Response
    g.bing.com
    IN CNAME
    g-bing-com.ax-0001.ax-msedge.net
    g-bing-com.ax-0001.ax-msedge.net
    IN CNAME
    ax-0001.ax-msedge.net
    ax-0001.ax-msedge.net
    IN A
    150.171.27.10
    ax-0001.ax-msedge.net
    IN A
    150.171.28.10
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid=
    Remote address:
    150.171.27.10:443
    Request
    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MUID=13F003BC39326FB21AB816AF38036E48; domain=.bing.com; expires=Mon, 03-Nov-2025 15:24:31 GMT; path=/; SameSite=None; Secure; Priority=High;
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: BB29E001A25A4BD195DD90CDB9BED5FC Ref B: LON601060102023 Ref C: 2024-10-09T15:24:30Z
    date: Wed, 09 Oct 2024 15:24:30 GMT
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid=
    Remote address:
    150.171.27.10:443
    Request
    GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=13F003BC39326FB21AB816AF38036E48
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    set-cookie: MSPTC=Y9RlaCRpBtw4TUpbodEG9EzW8haCJx-4wESKrJevAA0; domain=.bing.com; expires=Mon, 03-Nov-2025 15:24:31 GMT; path=/; Partitioned; secure; SameSite=None
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 79388B2F6ED34896861812C205ACE21B Ref B: LON601060102023 Ref C: 2024-10-09T15:24:31Z
    date: Wed, 09 Oct 2024 15:24:30 GMT
  • flag-us
    GET
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid=
    Remote address:
    150.171.27.10:443
    Request
    GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid= HTTP/2.0
    host: g.bing.com
    accept-encoding: gzip, deflate
    user-agent: WindowsShellClient/9.0.40929.0 (Windows)
    cookie: MUID=13F003BC39326FB21AB816AF38036E48; MSPTC=Y9RlaCRpBtw4TUpbodEG9EzW8haCJx-4wESKrJevAA0
    Response
    HTTP/2.0 204
    cache-control: no-cache, must-revalidate
    pragma: no-cache
    expires: Fri, 01 Jan 1990 00:00:00 GMT
    strict-transport-security: max-age=31536000; includeSubDomains; preload
    access-control-allow-origin: *
    x-cache: CONFIG_NOCACHE
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 4CE3FB0A44D84B30A2297F2B4634C474 Ref B: LON601060102023 Ref C: 2024-10-09T15:24:31Z
    date: Wed, 09 Oct 2024 15:24:30 GMT
  • flag-us
    DNS
    76.32.126.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    76.32.126.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    172.214.232.199.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    172.214.232.199.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    227.243.59.199.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    227.243.59.199.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    26.35.223.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    26.35.223.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    95.221.229.192.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    95.221.229.192.in-addr.arpa
    IN PTR
    Response
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:24:35 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: cb8a3ca1-e0d0-4b24-91a5-6e4171cf4c7f
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=cb8a3ca1-e0d0-4b24-91a5-6e4171cf4c7f; expires=Wed, 09 Oct 2024 15:39:36 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:24:40 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 852934ba-1ffe-4730-85df-a285034b6b75
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=852934ba-1ffe-4730-85df-a285034b6b75; expires=Wed, 09 Oct 2024 15:39:41 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:24:46 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: f62bc412-8d77-474d-8911-5ad3545da318
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=f62bc412-8d77-474d-8911-5ad3545da318; expires=Wed, 09 Oct 2024 15:39:46 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:24:51 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: da4fcd6c-e312-41ab-9cbd-744ed15e0b2e
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=da4fcd6c-e312-41ab-9cbd-744ed15e0b2e; expires=Wed, 09 Oct 2024 15:39:52 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:24:57 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 74c2ce72-dcea-4039-a77f-3d27c1533d8e
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=74c2ce72-dcea-4039-a77f-3d27c1533d8e; expires=Wed, 09 Oct 2024 15:39:57 GMT; path=/
    Connection: close
  • flag-us
    DNS
    200.163.202.172.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    200.163.202.172.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    206.23.85.13.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    206.23.85.13.in-addr.arpa
    IN PTR
    Response
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:01 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: fb43c692-5b42-4f46-b733-6f50609a6170
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=fb43c692-5b42-4f46-b733-6f50609a6170; expires=Wed, 09 Oct 2024 15:40:02 GMT; path=/
    Connection: close
  • flag-us
    DNS
    75.117.19.2.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    75.117.19.2.in-addr.arpa
    IN PTR
    Response
    75.117.19.2.in-addr.arpa
    IN PTR
    a2-19-117-75deploystaticakamaitechnologiescom
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:08 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 54fd7a53-1811-4d67-88a6-b485283c7a16
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=54fd7a53-1811-4d67-88a6-b485283c7a16; expires=Wed, 09 Oct 2024 15:40:08 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:13 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 2c0697e7-27f7-4b3f-9851-68088f901116
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=2c0697e7-27f7-4b3f-9851-68088f901116; expires=Wed, 09 Oct 2024 15:40:13 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:18 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 35bcf52d-0f37-4150-8593-bb8fbd30dd81
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=35bcf52d-0f37-4150-8593-bb8fbd30dd81; expires=Wed, 09 Oct 2024 15:40:18 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:24 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: d6461304-7164-4eb9-a622-50a0b5a02053
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=d6461304-7164-4eb9-a622-50a0b5a02053; expires=Wed, 09 Oct 2024 15:40:24 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:28 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 158e77f9-4506-457e-b5d2-8d7383fdeb1e
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=158e77f9-4506-457e-b5d2-8d7383fdeb1e; expires=Wed, 09 Oct 2024 15:40:29 GMT; path=/
    Connection: close
  • flag-us
    DNS
    101.209.201.84.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    101.209.201.84.in-addr.arpa
    IN PTR
    Response
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:34 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 8dc22c09-d98e-4880-a4ac-6f82abdad67a
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=8dc22c09-d98e-4880-a4ac-6f82abdad67a; expires=Wed, 09 Oct 2024 15:40:34 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:40 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 7c08aba6-bbfa-4dcd-b14d-c8fd91609db7
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=7c08aba6-bbfa-4dcd-b14d-c8fd91609db7; expires=Wed, 09 Oct 2024 15:40:40 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:45 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: ab050237-3c23-491d-adfd-0b94a0df4a99
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=ab050237-3c23-491d-adfd-0b94a0df4a99; expires=Wed, 09 Oct 2024 15:40:45 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:49 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 3f07c044-7364-4896-b377-9a68bbdb8644
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=3f07c044-7364-4896-b377-9a68bbdb8644; expires=Wed, 09 Oct 2024 15:40:50 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:25:55 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 1a75cf3f-5cd7-496f-a7c2-ef4b615e5082
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=1a75cf3f-5cd7-496f-a7c2-ef4b615e5082; expires=Wed, 09 Oct 2024 15:40:56 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:00 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: bf5e2e82-90a7-4d40-b230-fbd5fb1e24da
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=bf5e2e82-90a7-4d40-b230-fbd5fb1e24da; expires=Wed, 09 Oct 2024 15:41:01 GMT; path=/
    Connection: close
  • flag-us
    DNS
    83.210.23.2.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    83.210.23.2.in-addr.arpa
    IN PTR
    Response
    83.210.23.2.in-addr.arpa
    IN PTR
    a2-23-210-83deploystaticakamaitechnologiescom
  • flag-us
    DNS
    14.227.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    14.227.111.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:06 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: c0635508-c411-45d3-94a7-a7cd56bc8c1b
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=c0635508-c411-45d3-94a7-a7cd56bc8c1b; expires=Wed, 09 Oct 2024 15:41:06 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:12 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 083e3494-0f75-4e6a-ba5c-14485a19f8ab
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=083e3494-0f75-4e6a-ba5c-14485a19f8ab; expires=Wed, 09 Oct 2024 15:41:12 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:17 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: cd1ae41f-f90e-4b58-80d8-edcc05a47b97
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=cd1ae41f-f90e-4b58-80d8-edcc05a47b97; expires=Wed, 09 Oct 2024 15:41:17 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:22 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: fbd4f952-a8ad-4133-a333-55d489295fec
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=fbd4f952-a8ad-4133-a333-55d489295fec; expires=Wed, 09 Oct 2024 15:41:22 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:27 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: d166acb4-8411-4312-8ad4-53d58b4d443a
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=d166acb4-8411-4312-8ad4-53d58b4d443a; expires=Wed, 09 Oct 2024 15:41:28 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:32 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: cd6d3ac0-7fee-4cd6-8e4d-018f05d57e26
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=cd6d3ac0-7fee-4cd6-8e4d-018f05d57e26; expires=Wed, 09 Oct 2024 15:41:33 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:38 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: ffa1baa9-5880-4638-9dba-20a830894b0b
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=ffa1baa9-5880-4638-9dba-20a830894b0b; expires=Wed, 09 Oct 2024 15:41:39 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:44 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 19d1d57e-a5a6-4d68-b8aa-54a218e44e2a
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=19d1d57e-a5a6-4d68-b8aa-54a218e44e2a; expires=Wed, 09 Oct 2024 15:41:45 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:50 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 64ac533e-ca87-4b72-b368-e17a374aa606
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=64ac533e-ca87-4b72-b368-e17a374aa606; expires=Wed, 09 Oct 2024 15:41:50 GMT; path=/
    Connection: close
  • flag-us
    GET
    https://telete.in/jagressor_kz
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    Remote address:
    199.59.243.227:443
    Request
    GET /jagressor_kz HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Content-Type: text/plain; charset=UTF-8
    Host: telete.in
    Response
    HTTP/1.1 200 OK
    Date: Wed, 09 Oct 2024 15:26:55 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 1050
    X-Request-Id: 3bbb045e-40b6-4c99-bd56-28ebda1acfbe
    Cache-Control: no-store, max-age=0
    Accept-Ch: sec-ch-prefers-color-scheme
    Critical-Ch: sec-ch-prefers-color-scheme
    Vary: sec-ch-prefers-color-scheme
    X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wpAwTfc7uX19LYjuKV2BihFPm2oOG+T0HAVqXFgwkS0dWE1Mcgw1pu0xZfKag50aaAFxmZ/Q8b3i8Y36jz/Bog==
    Set-Cookie: parking_session=3bbb045e-40b6-4c99-bd56-28ebda1acfbe; expires=Wed, 09 Oct 2024 15:41:56 GMT; path=/
    Connection: close
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 150.171.27.10:443
    https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid=
    tls, http2
    2.0kB
    9.4kB
    21
    19

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid=

    HTTP Response

    204

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid=

    HTTP Response

    204

    HTTP Request

    GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=aef47f75e3dc43f6bef2421352b6d83b&localId=w:02C7DD5D-B832-2571-1EDF-9D74CD57B9AA&deviceId=6896208602436814&anid=

    HTTP Response

    204
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    926 B
    4.7kB
    10
    10

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.2kB
    7.7kB
    15
    15

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    926 B
    4.7kB
    10
    10

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    926 B
    4.7kB
    10
    10

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    926 B
    4.7kB
    10
    10

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    13

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    978 B
    4.7kB
    11
    10

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    926 B
    4.7kB
    10
    10

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.0kB
    5.8kB
    12
    12

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 199.59.243.227:443
    https://telete.in/jagressor_kz
    tls, http
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    1.3kB
    6.0kB
    14
    14

    HTTP Request

    GET https://telete.in/jagressor_kz

    HTTP Response

    200
  • 8.8.8.8:53
    telete.in
    dns
    2b9103addd66f83517888b11249dc44d_JaffaCakes118.exe
    55 B
    71 B
    1
    1

    DNS Request

    telete.in

    DNS Response

    199.59.243.227

  • 8.8.8.8:53
    g.bing.com
    dns
    56 B
    148 B
    1
    1

    DNS Request

    g.bing.com

    DNS Response

    150.171.27.10
    150.171.28.10

  • 8.8.8.8:53
    76.32.126.40.in-addr.arpa
    dns
    71 B
    157 B
    1
    1

    DNS Request

    76.32.126.40.in-addr.arpa

  • 8.8.8.8:53
    172.214.232.199.in-addr.arpa
    dns
    74 B
    128 B
    1
    1

    DNS Request

    172.214.232.199.in-addr.arpa

  • 8.8.8.8:53
    227.243.59.199.in-addr.arpa
    dns
    73 B
    131 B
    1
    1

    DNS Request

    227.243.59.199.in-addr.arpa

  • 8.8.8.8:53
    26.35.223.20.in-addr.arpa
    dns
    71 B
    157 B
    1
    1

    DNS Request

    26.35.223.20.in-addr.arpa

  • 8.8.8.8:53
    95.221.229.192.in-addr.arpa
    dns
    73 B
    144 B
    1
    1

    DNS Request

    95.221.229.192.in-addr.arpa

  • 8.8.8.8:53
    200.163.202.172.in-addr.arpa
    dns
    74 B
    160 B
    1
    1

    DNS Request

    200.163.202.172.in-addr.arpa

  • 8.8.8.8:53
    206.23.85.13.in-addr.arpa
    dns
    71 B
    145 B
    1
    1

    DNS Request

    206.23.85.13.in-addr.arpa

  • 8.8.8.8:53
    75.117.19.2.in-addr.arpa
    dns
    70 B
    133 B
    1
    1

    DNS Request

    75.117.19.2.in-addr.arpa

  • 8.8.8.8:53
    101.209.201.84.in-addr.arpa
    dns
    73 B
    133 B
    1
    1

    DNS Request

    101.209.201.84.in-addr.arpa

  • 8.8.8.8:53
    83.210.23.2.in-addr.arpa
    dns
    70 B
    133 B
    1
    1

    DNS Request

    83.210.23.2.in-addr.arpa

  • 8.8.8.8:53
    14.227.111.52.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    14.227.111.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3964-1-0x0000000000C70000-0x0000000000D70000-memory.dmp

    Filesize

    1024KB

  • memory/3964-2-0x0000000000AC0000-0x0000000000B51000-memory.dmp

    Filesize

    580KB

  • memory/3964-3-0x0000000000400000-0x0000000000492000-memory.dmp

    Filesize

    584KB

  • memory/3964-4-0x0000000000C70000-0x0000000000D70000-memory.dmp

    Filesize

    1024KB

  • memory/3964-5-0x0000000000AC0000-0x0000000000B51000-memory.dmp

    Filesize

    580KB

  • memory/3964-7-0x0000000000400000-0x0000000000492000-memory.dmp

    Filesize

    584KB

  • memory/3964-6-0x0000000000400000-0x0000000000946000-memory.dmp

    Filesize

    5.3MB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.