Created by potrace 1.15, written by Peter Selinger 2001-2017
  • Network

  • Files

  • Debug

Timeshift
Headers
Rep
PID
Process name
CN
URL
Сontent
  • BEFORE
    GET 200: OK
    4712
    MoUsoCoreWorker.exe
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    1 Kb
    binary
  • BEFORE
    GET 200: OK
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    1 Kb
    binary
  • BEFORE
    GET 200: OK
    http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
    973 b
    binary
  • BEFORE
    GET 200: OK
    4712
    MoUsoCoreWorker.exe
    http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
    973 b
    binary
  • BEFORE
    GET 200: OK
    http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
    973 b
    binary
  • BEFORE
    GET 200: OK
    http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
    314 b
    binary
  • 3813 ms
    GET 200: OK
    1176
    svchost.exe
    http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
    471 b
    binary
  • 4801 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    4 b
    text
    1 b
    binary
  • 6600 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    172 b
    text
    2 Kb
    text
  • 6606 ms
    GET 200: OK
    6452
    skotes.exe
    http://31.41.244.11/files/geopoxid/random.exe
    2 Mb
    executable
  • 9603 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 9605 ms
    GET 200: OK
    6452
    skotes.exe
    http://31.41.244.11/files/zhigarko/random.exe
    429 Kb
    executable
  • 13310 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 13316 ms
    GET 200: OK
    6452
    skotes.exe
    http://31.41.244.11/files/kardanvalov88/random.exe
    592 Kb
    executable
  • 13321 ms
    POST 200: OK
    6388
    Gxtuum.exe
    http://212.193.31.8/3ofn3jf3e2ljk2/index.php
    4 b
    text
    8 b
    text
  • 15316 ms
    POST 200: OK
    6388
    Gxtuum.exe
    http://212.193.31.8/3ofn3jf3e2ljk2/index.php
    172 b
    text
    7 b
    text
  • 15912 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 15913 ms
    GET 200: OK
    6452
    skotes.exe
    http://31.41.244.11/files/burpin1/random.exe
    4 Mb
    executable
  • 16221 ms
    GET 200: OK
    4640
    070bf52268.exe
    http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D
    1 Kb
    binary
  • 16317 ms
    GET 200: OK
    4640
    070bf52268.exe
    http://c.pki.goog/r/r1.crl
    854 b
    binary
  • 16413 ms
    GET 200: OK
    4640
    070bf52268.exe
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD8Elu9WzbqaxI7ClVJiEyf
    472 b
    binary
  • 16623 ms
    GET 200: OK
    4640
    070bf52268.exe
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDkqhDvrMuENxBpWocUnIUC
    472 b
    binary
  • 19331 ms
    GET 200: OK
    4640
    070bf52268.exe
    http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQP4sLiKCM%2FvRjdSfHXyEq3Tg%3D%3D
    504 b
    binary
  • 19332 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 19334 ms
    GET 200: OK
    6452
    skotes.exe
    http://31.41.244.11/files/martin/random.exe
    4 Mb
    executable
  • 19364 ms
    GET 200: OK
    4640
    070bf52268.exe
    http://ocsp.godaddy.com//MEQwQjBAMD4wPDAJBgUrDgMCGgUABBTkIInKBAzXkF0Qh0pel3lfHJ9GPAQU0sSw0pHUTBFxs2HLPaH%2B3ahq1OMCAxvnFQ%3D%3D
    2 Kb
    binary
  • 19365 ms
    GET 200: OK
    4640
    070bf52268.exe
    http://ocsp.godaddy.com//MEIwQDA%2BMDwwOjAJBgUrDgMCGgUABBQdI2%2BOBkuXH93foRUj4a7lAr4rGwQUOpqFBxBnKLbv9r0FQW4gwZTaD94CAQc%3D
    2 Kb
    binary
  • 19365 ms
    GET 200: OK
    4640
    070bf52268.exe
    http://ocsp.godaddy.com//MEowSDBGMEQwQjAJBgUrDgMCGgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9J47MNIMwojPX%2B2yz8LQsgM4CCQDflMUbWnbjyw%3D%3D
    2 Kb
    binary
  • 23025 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 23028 ms
    GET 200: OK
    6452
    skotes.exe
    http://31.41.244.11/files/loadman/random.exe
    1 Mb
    executable
  • 25326 ms
    POST 200: OK
    4308
    4d2c9cf192.exe
    http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv1734579851
    341 Kb
    binary
    26 b
    text
  • 26330 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 26331 ms
    GET 200: OK
    6452
    skotes.exe
    http://31.41.244.11/files/karl/random.exe
    22 Kb
    executable
  • 26362 ms
    GET 200: OK
    6188
    backgroundTaskHost.exe
    http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
    471 b
    binary
  • 28342 ms
    GET 200: OK
    4308
    4d2c9cf192.exe
    http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv1734579851?argument=3Y3BgAdOZx6k5Rjg1734781607
    10 Mb
    binary
  • 28347 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 28348 ms
    GET 200: OK
    6452
    skotes.exe
    http://31.41.244.11/files/unique1/random.exe
    4 Mb
    executable
  • 28354 ms
    GET 200: OK
    7076
    SIHClient.exe
    http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
    418 b
    binary
  • 28354 ms
    GET 200: OK
    7076
    SIHClient.exe
    http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
    408 b
    binary
  • 32233 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 32237 ms
    GET 200: OK
    6452
    skotes.exe
    http://31.41.244.11/files/unique2/random.exe
    2 Mb
    executable
  • 35356 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 35364 ms
    GET 200: OK
    6452
    skotes.exe
    http://185.215.113.16/luma/random.exe
    2 Mb
    executable
  • 38138 ms
    POST 200: OK
    4308
    4d2c9cf192.exe
    http://fivetk5ht.top/v1/upload.php
    464 b
    binary
    2 b
    text
  • 39040 ms
    POST 200: OK
    6452
    skotes.exe
    http://185.215.113.43/Zu7JuNko/index.php
    31 b
    text
    4 b
    text
  • 39041 ms
    GET 200: OK
    6452
    skotes.exe
    http://185.215.113.16/steam/random.exe
    3 Mb
    executable
  • 40053 ms
    GET 200: OK
    1796
    4ffa051aced74a63a77874674aebd51a.exe
    http://e5.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQeEcDJrP2kU%2B9LL2pzIRVgTVStuQQUmc0pw6FYJq96ekyEWo9ziGCw394CEgNBIhFFjhA0kjQ8Pog7HAGRuw%3D%3D
    346 b
    binary
  • 41039 ms
    POST 200: OK
    4308
    4d2c9cf192.exe
    http://fivetk5ht.top/v1/upload.php
    53 Kb
    binary
    2 b
    text
  • 41051 ms
    GET 200: OK
    4804
    34d27bb3d7.exe
    http://185.156.73.23/add?substr=mixtwo&s=three&sub=emp
    1 b
    binary
  • 42048 ms
    GET 200: OK
    2432
    4a050a201a.exe
    http://185.215.113.206/