CapTipper Report

CapTipper

Analysis Info

PCAP File	Analysis Time	CapTipper Version	Traffic Time
/opt/Malware-Project/BigDataset/Scenarios/CTU-Malware-Capture-Botnet-332-1//2018-02-02_win8.pcap	02/02/18 21:43:35	0.3 b13	01/01/78 10:59:54

Flow View

Client Details

IP	192.168.1.118
MAC	08:00:27:c3:f9:98
USER-AGENT	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)

Conversations

dlg-configs.buzzrin.de (23.102.60.206:80)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

0.html

200 OK

0.0 B

01/01/78 10:59:54

/config-from-production

text/plain

config-from-production

200 OK

TEXT

6.5 KB

01/08/78 14:51:52

eyJjZXJ0aWZpY2F0ZSI6ImZyZWVtaXVtIiwicHJvZHVjdFNldHVwIjoiZG93bmxvYWRndWlkZS90 ZW1wL2ViYTY5YjVhLTZmNWEtNDQ3Yy05YjgzLTE3NDAyNmZkZDEyMi9Eb05vdGhpbmcuZXhlIiwi d2luZG93SGVpZ2h0IjozODksIndpbmRvd1dpZHRoIjo1MDYsInByb2R1Y3QiOnsidmVyc2lvbiI6 IjEuMCIsImRpc3BsYXlOYW1lIjoiRnJlZXdhcmUuZGUiLCJpbnN0YWxsQ29kZUpzIjoiIiwiaW5z dGFsbFRlc3QiOiJ0cnVlIiwiZmlsZXMiOlt7InVybCI6IltjZG5VcmxdL3B1YmxpYy1zb3VyY2Uv ZG93bmxvYWRndWlkZS9mcmVld2FyZS1kZS8xLjAvZGVmYXVsdC9jYW1wYWlnbnMvcHJvZHVjdCt3 ZWJzaXRlL2V4ZS9Eb05vdGhpbmcuZXhlIiwibG9jYWxGaWxlIjoiRG9Ob3RoaW5nLmV4ZSIsImNt ZFBhcmFtZXRlcnNKcyI6IiIsImZpbGVUeXBlIjp7Im5hbWUiOiJQcm9kdWN0IiwiYXNzZW1ibHlR dWFsaWZpZWROYW1lIjoiRnJlZW1pdW0uRG9tYWluLkNhbXBhaWduLlByb2R1Y3QsIEZyZWVtaXVt LkRvbWFpbiJ9LCJldGFnIjpudWxsLCJoYXNoIjpudWxsLCJpc0V4dGVybmFsRmlsZSI6ZmFsc2Us InJlZ2lvbiI6ImRlZmF1bHQiLCJ2ZXJzaW9uIjoiMS4wIiwiaWQiOiJmcmVld2FyZS1kZS8xLjAv ZGVmYXVsdCIsIm5hbWUiOiJGcmVld2FyZS1kZSIsImlzRW5jb2RlZCI6ZmFsc2V9XSwidWlGaWxl IjoiW2NkblVybF0vcHVibGljLXNvdXJjZS9kb3dubG9hZGd1aWRlL2ZyZWV3YXJlLWRlLzEuMC9k ZWZhdWx0L2NhbXBhaWducy9wcm9kdWN0K3dlYnNpdGUvdWkvZnJlZXdhcmUtZGUtZmxvdy01LXRl eHQtZW4tdXMuemlwIiwibG9nbyI6IltjZG5VcmxdL3B1YmxpYy1zb3VyY2UvZG93bmxvYWRndWlk ZS9mcmVld2FyZS1kZS8xLjAvZGVmYXVsdC9jYW1wYWlnbnMvcHJvZHVjdCt3ZWJzaXRlL3VpL0Rv Tm90aGluZy5wbmciLCJpbnN0YWxsYXRpb25QYXRoIjoiIiwiaW5mb1RleHQiOiI8cD5Eb3dubG9h ZHMgw7xiZXIgZGVuIERvd25sb2FkIEd1aWRlIGVyZm9sZ2VuIHbDtmxsaWcgYW5vbnltIHVuZCBz dGV0cyBrb3N0ZW5sb3MuIFdlZGVyIElQIEFkcmVzc2VuIG5vY2ggYW5kZXJlIE51dHplcmRhdGVu IHdlcmRlbiB2b24gdW5zIGdlc3BlaWNoZXJ0LiBMZWRpZ2xpY2ggYW5vbnltaXNpZXJ0ZSBTdGF0 aXN0aWtlbiB6dXIgT3B0aW1pZXJ1bmcgZGVyIEJlbnV0emVyZnJldW5kbGljaGtlaXQgdW5kIHVu c2VyZXMgQW5nZWJvdGVzIHdlcmRlbiB2b24gdW5zIGF1c2dld2VydGV0LiBNaXQgZGVyIE51dHp1 bmcgZGVzIERvd25sb2FkIEd1aWRlcyBnZXN0YXR0ZW4gU2llIHVucyBkaWUgQXVzd2VydHVuZyBz b2xjaGVyIERhdGVuIGdlbcOkw58gZGVyIHN0cmVuZ2VuIERhdGVuc2NodXR6cmljaHRsaW5pZSB1 bnRlciBFaW5oYWx0dW5nIGRlciBEYXRlbnNjaHV0emdlc2V0emUgZGVyIEJ1bmRlc3JlcHVibGlr IERldXRzY2hsYW5kLiBCaXR0ZSBsZXNlbiBTaWUgaGllcnp1IGF1Y2ggdW5zZXJlIGF1c2bDvGhy bGljaGVuIExpemVuemJlZGluZ3VuZ2VuIChFVUxBKS48L3A+PHA+VW5zZXIgU29mdHdhcmVrYXRh bG9nIHdpcmQgc3TDpG5kaWcgZXJ3ZWl0ZXJ0LCBJaG5lbiBpbW1lciBha3R1ZWxsIHp1ciBWZXJm w7xndW5nIGdlc3RlbGx0LCByZWRha3Rpb25lbGwgYmVndXRhY2h0ZXQgdW5kIGF1ZiBTZXJpw7Zz aXTDpHQsIHNvd2llIHZvcmhhbmRlbmVuIFZpcmVuc2NodXR6IGRlcyBTb2Z0d2FyZWFuYmlldGVy cyBnZXByw7xmdC4gRGVyIERvd25sb2FkIEd1aWRlIHZlcmhpbmRlcnQgaW0gRG93bmxvYWRwcm96 ZXNzIGLDtnNhcnRpZ2UgQW5ncmlmZmUsIHNvIGdlbmFubnRlIFBoaXNoaW5nIEF0dGFja2VuLCBk YSBkaWUgRG93bmxvYWQtVVJMIGbDvHIgQW5ncmVpZmVyIGltIFZlcmJvcmdlbmVuIGJsZWlidCB1 bmQgZGVyIERvd25sb2FkIGlubmVyaGFsYiBkZXIgQW53ZW5kdW5nIHN0YXR0IGZpbmRldC48L3A+ PHA+WnVyIEZpbmFuemllcnVuZyB1bnNlcmVzIFNlcnZpY2VzIGVybcO2Z2xpY2hlbiB3aXIgU29m dHdhcmUtSGVyc3RlbGxlcm4gZGllIEJld2VyYnVuZyB2b24gUHJvZHVrdGVuIGlubmVyaGFsYiBk ZXMgRG93bmxvYWQtR3VpZGVzLiBWb3IgZGVyIEVpbmJpbmR1bmcgZHVyY2hsYXVmZW4gYWxsZSBB bmdlYm90ZSB1bnNlcmVyIFdlcmJlcGFydG5lciBlaW5lIFNpY2hlcmhlaXRza29udHJvbGxlLiBP aG5lIHBvc2l0aXZlIEJlc3TDpHRpZ3VuZyBhbGxlciBuYW1oYWZ0ZXIgU2ljaGVyaGVpdHNzb2Z0 d2FyZS1IZXJzdGVsbGVyIGVyc2NoZWludCBrZWluIFdlcmJlYW5nZWJvdCBpbSBEb3dubG9hZCBH dWlkZS4gQWxsZSBBbmdlYm90ZSBzaW5kIGtvc3RlbmxvcywgYnp3LiBrw7ZubmVuIGtvc3Rlbmxv cyBmw7xyIGVpbmVuIGdld2lzc2VuIFplaXRyYXVtIG9kZXIgbWl0IGVpbmdlc2NocsOkbmt0ZXIg RnVua3Rpb25hbGl0w6R0IGdldGVzdGV0IHdlcmRlbi4gU2llIGdlaGVuIGtlaW5lcmxlaSBWZXJw ZmxpY2h0dW5nZW4gZWluLCBrw7ZubmVuIGFiZXIgbmV1ZSBzcGFubmVuZGUgdW5kIG7DvHR6bGlj aGUgU29mdHdhcmUtUHJvZHVrdGUgdGVzdGVuLjwvcD4iLCJpbnN0YWxsUHJvZHVjdEZpcnN0Ijpm YWxzZSwic3RhcnRQcm9kdWN0U2V0dXBPbkxhc3RTY3JlZW4iOnRydWUsInNob3dWZXJzaW9uIjpm YWxzZSwiaWQiOiJmcmVld2FyZS1kZS8xLjAvZGVmYXVsdCIsIm5hbWUiOiJGcmVld2FyZS1kZSIs ImlzRW5jb2RlZCI6ZmFsc2V9LCJmbG93UGFnZXMiOnsiYmFzZSI6IltjZG5VcmxdL3B1YmxpYy1z b3VyY2UvZG93bmxvYWRndWlkZS9mcmVld2FyZS1kZS8xLjAvZGVmYXVsdC9jYW1wYWlnbnMvcHJv ZHVjdCt3ZWJzaXRlL3VpL2Jhc2UuemlwIiwiaW5mbyI6IiIsImluc3RhbGwiOiIiLCJsYXN0Ijoi W2NkblVybF0vcHVibGljLXNvdXJjZS9kb3dubG9hZGd1aWRlL2ZyZWV3YXJlLWRlLzEuMC9kZWZh dWx0L2NhbXBhaWducy9wcm9kdWN0K3dlYnNpdGUvdWkvbGFzdC56aXAiLCJvcHRpb25zIjoiIiwi cHJvZ3Jlc3MiOiJbY2RuVXJsXS9wdWJsaWMtc291cmNlL2Rvd25sb2FkZ3VpZGUvZnJlZXdhcmUt ZGUvMS4wL2RlZmF1bHQvY2FtcGFpZ25zL3Byb2R1Y3Qrd2Vic2l0ZS91aS9wcm9ncmVzcy56aXAi LCJwcm9kdWN0UG9zaXRpb24iOnsia2V5Ijoic2luZ2xldGV4dHNjcmVlbiIsInZhbHVlIjoiU2lu Z2xlIFRleHQifSwid2luZG93SGVpZ2h0IjozODksIndpbmRvd1dpZHRoIjo1MDYsInByZXZpZXdJ bWFnZVVybCI6IiIsIm9mZmVyUG9zaXRpb25zIjpbeyJrZXkiOiJxdWlja3RleHRpbnN0YWxsIiwi dmFsdWUiOiJRdWljayBJbnN0YWxsIFRleHQiLCJwcmV2aWV3SW1hZ2VVcmwiOiIiLCJ0eXBlIjoi ZGVmYXVsdCIsImlzRW5jb2RlZCI6ZmFsc2V9LHsia2V5Ijoic2luZ2xldGV4dGF2aXJhIiwidmFs dWUiOiJTaW5nbGUgVGV4dCAoQXZpcmEpIiwicHJldmlld0ltYWdlVXJsIjoiIiwidHlwZSI6ImRl ZmF1bHQiLCJpc0VuY29kZWQiOmZhbHNlfSx7ImtleSI6InNpbmdsZXRleHRhdmlyYSIsInZhbHVl IjoiU2luZ2xlIFRleHQgKEF2aXJhKSIsInByZXZpZXdJbWFnZVVybCI6IiIsInR5cGUiOiJkZWZh dWx0IiwiaXNFbmNvZGVkIjpmYWxzZX0seyJrZXkiOiJzaW5nbGV0ZXh0YXZpcmEiLCJ2YWx1ZSI6 IlNpbmdsZSBUZXh0IChBdmlyYSkiLCJwcmV2aWV3SW1hZ2VVcmwiOiIiLCJ0eXBlIjoiZGVmYXVs dCIsImlzRW5jb2RlZCI6ZmFsc2V9LHsia2V5Ijoic2luZ2xldGV4dGF2aXJhIiwidmFsdWUiOiJT aW5nbGUgVGV4dCAoQXZpcmEpIiwicHJldmlld0ltYWdlVXJsIjoiIiwidHlwZSI6ImRlZmF1bHQi LCJpc0VuY29kZWQiOmZhbHNlfSx7ImtleSI6InNpbmdsZXRleHRhdmlyYSIsInZhbHVlIjoiU2lu Z2xlIFRleHQgKEF2aXJhKSIsInByZXZpZXdJbWFnZVVybCI6IiIsInR5cGUiOiJkZWZhdWx0Iiwi aXNFbmNvZGVkIjpmYWxzZX1dLCJ1c2VNaWNyb3NvZnRTdHlsZSI6dHJ1ZSwicmVnaW9uIjoiZW4t dXMiLCJ2ZXJzaW9uIjoiMS4wIiwiaWQiOiJmbG93LTUrdGV4dCthdmlyYS8xLjAvZW4tdXMiLCJu YW1lIjoiRmxvdy01IFRleHQgQXZpcmEiLCJwYXJhbWV0ZXJzIjpbXSwiaXNFbmNvZGVkIjpmYWxz ZX0sImJhbm5lciI6eyJodG1sQ29kZSI6IjxhIGhyZWY9XCJodHRwOi8vYnVuZGxpbmctbmV0d29y ay5jb20vdHJhY2tpbmcvZW1waXJlM1wiIHRhcmdldD1cIl9ibGFua1wiPjxpbWcgc3JjPVwiaHR0 cDovL2ZyZWVtaXVtLmJsb2IuY29yZS53aW5kb3dzLm5ldC9leGNoYW5nZS9TdWNjZXNzQmFubmVy L2VtXzE2MngxMzUuanBnXCIgd2lkdGg9XCIxNjJcIiBoZWlnaHQ9XCIxMzVcIj48L2E+IiwiaWQi OiJlbXBpcmUrdGV4dCtmdytzdy8xLjAvZGVmYXVsdCIsIm5hbWUiOiJFbXBpcmUgVGV4dCBGVyBT VyIsInJlZ2lvbiI6ImRlZmF1bHQiLCJ2ZXJzaW9uIjoiMS4wIiwiaXNFbmNvZGVkIjpmYWxzZX0s Im5lZWRGb3JUcmFjayI6ImZhbHNlIiwiY2FtcGFpZ25SZWdpb24iOiJkZWZhdWx0IiwidGhhbmtZ b3VQYWdlIjoiaHR0cDovL3d3dy5mcmVld2FyZS5kZS9kYW5rZS8iLCJjYW5jZWxQYWdlIjpudWxs LCJzaG93VmVyc2lvbiI6ZmFsc2UsIm9mZmVyc0xpc3QiOlt7Im9mZmVycyI6W3siaWQiOiJmcmVl bWl1bS93ZWF0aGVyK2h1Yi8xLjAvZGVmYXVsdCIsIm5hbWUiOiJXZWF0aGVyIEh1YiIsInJlcXVp cmVtZW50cyI6WyJ2YXIgYnJvd3NlcjEgPSAnQ2hyb21lJzsgdmFyIGJyb3dzZXIyID0gJ0ZpcmVm b3gnOyB2YXIgdjsgc3VibWl0KCgodiA9IGdldFJlZ1ZhbHVlKCdIS0NVJywgJ1NvZnR3YXJlXFxc XE1pY3Jvc29mdFxcXFxXaW5kb3dzXFxcXFNoZWxsXFxcXEFzc29jaWF0aW9uc1xcXFxVcmxBc3Nv Y2lhdGlvbnNcXFxcaHR0cFxcXFxVc2VyQ2hvaWNlJywgJ1Byb2dJZCcpKSAmJiB2LnRvU3RyaW5n KCkuaW5kZXhPZihicm93c2VyMSkgIT0gLTEpIHx8ICghdiAmJiAodiA9IGdldFJlZ1ZhbHVlKCdI S0NSJywgJ2h0dHBcXFxcc2hlbGxcXFxcb3BlblxcXFxjb21tYW5kJywgJycpKSAmJiB2LnRvU3Ry aW5nKCkudG9Mb3dlckNhc2UoKS5pbmRleE9mKGJyb3dzZXIxLnRvTG93ZXJDYXNlKCkpICE9IC0x KSB8fCAoKHYgPSBnZXRSZWdWYWx1ZSgnSEtDVScsICdTb2Z0d2FyZVxcXFxNaWNyb3NvZnRcXFxc V2luZG93c1xcXFxTaGVsbFxcXFxBc3NvY2lhdGlvbnNcXFxcVXJsQXNzb2NpYXRpb25zXFxcXGh0 dHBcXFxcVXNlckNob2ljZScsICdQcm9nSWQnKSkgJiYgdi50b1N0cmluZygpLmluZGV4T2YoYnJv d3NlcjIpICE9IC0xKSB8fCAoIXYgJiYgKHYgPSBnZXRSZWdWYWx1ZSgnSEtDUicsICdodHRwXFxc XHNoZWxsXFxcXG9wZW5cXFxcY29tbWFuZCcsICcnKSkgJiYgdi50b1N0cmluZygpLnRvTG93ZXJD YXNlKCkuaW5kZXhPZihicm93c2VyMi50b0xvd2VyQ2FzZSgpKSAhPSAtMSkpIiwidHJ5IHtcdHZh ciBwYXRoID0gc3RyU3Vic3QoJyVMT0NBTF9BUFBEQVRBJVxcXFxHb29nbGVcXFxcQ2hyb21lXFxc XFVzZXIgRGF0YVxcXFxEZWZhdWx0XFxcXEV4dGVuc2lvbnNcXFxcYWJrYm5lY2dubGVjaG1wbmFj Z2VmYmthYWRtZmxta3AnKTtcdGlmIChkb2VzRmlsZUV4aXN0KHBhdGgpKSB7XHRcdHN1Ym1pdChm YWxzZSk7XHR9IGVsc2Uge1x0XHRzdWJtaXQodHJ1ZSk7XHR9fSBjYXRjaCAoZSkge1x0bG9nRXhj ZXB0aW9uKGUsICd0ZXN0IHJlcXVpcmVtZW50czogY2hyb21lJyk7XHRzdWJtaXQoZmFsc2UpO30i LCJ0cnkge1x0dmFyIHBhdGggPSBzdHJTdWJzdCgnJUxPQ0FMX0FQUERBVEElXFxcXEdvb2dsZVxc XFxDaHJvbWVcXFxcVXNlciBEYXRhXFxcXERlZmF1bHRcXFxcRXh0ZW5zaW9uc1xcXFxrYmVqYWNh cGZiYmZjYm9uaW1oaG1wZGJicGpkb3BsZicpO1x0aWYgKGRvZXNGaWxlRXhpc3QocGF0aCkpIHtc dFx0c3VibWl0KGZhbHNlKTtcdH0gZWxzZSB7XHRcdHN1Ym1pdCh0cnVlKTtcdH19IGNhdGNoIChl KSB7XHRsb2dFeGNlcHRpb24oZSwgJ3Rlc3QgcmVxdWlyZW1lbnRzOiBjaHJvbWUnKTtcdHN1Ym1p dChmYWxzZSk7fSJdLCJpbnN0YWxsVGVzdCI6InJldENvZGUgPT0gMCIsImluc3RhbGxDb2RlSnMi OiIiLCJmaWxlcyI6W3sidXJsIjoiaHR0cHM6Ly9kM20wMmpidnJqODJwai5jbG91ZGZyb250Lm5l dC93aGtja2M4MWt4Ym5qa3g4NWxrMS5leGUiLCJsb2NhbEZpbGUiOiJ3aGtja2M4MWt4Ym5qa3g4 NWxrMS5leGUiLCJjbWRQYXJhbWV0ZXJzSnMiOiInL1MgLWNob3B0aW4gLWZmbm9vcHRpbiciLCJm aWxlVHlwZSI6eyJuYW1lIjoiT2ZmZXIiLCJhc3NlbWJseVF1YWxpZmllZE5hbWUiOiJGcmVlbWl1 bS5Eb21haW4uQ2FtcGFpZ24uT2ZmZXIsIEZyZWVtaXVtLkRvbWFpbiJ9LCJldGFnIjpudWxsLCJo YXNoIjpudWxsLCJpc0V4dGVybmFsRmlsZSI6dHJ1ZSwicmVnaW9uIjoiZGVmYXVsdCIsInZlcnNp b24iOiIxLjAiLCJpZCI6IndlYXRoZXIraHViLzEuMC9kZWZhdWx0IiwibmFtZSI6IldlYXRoZXIg SHViIiwiaXNFbmNvZGVkIjpmYWxzZX1dLCJ1aUZpbGUiOiJbY2RuVXJsXS9wdWJsaWMtc291cmNl L2Rvd25sb2FkZ3VpZGUvZnJlZXdhcmUtZGUvMS4wL2RlZmF1bHQvY2FtcGFpZ25zL3Byb2R1Y3Qr d2Vic2l0ZS91aS93ZWF0aGVyLWh1Yi1zaW5nbGUtYXZpcmEtZW4tdXMuemlwIiwiaXNFbmNvZGVk IjpmYWxzZX1dLCJpZCI6InBvc2l0aW9uMiIsInR5cGUiOiJkZWZhdWx0IiwiaGFyZEJ1bmRsZSI6 ZmFsc2UsImlzRW5jb2RlZCI6ZmFsc2V9XSwiaWNvbnMiOltdLCJkaXNwbGF5TmFtZSI6IkZyZWV3 YXJlLmRlIDEuMCIsImlzRW5jb2RlZCI6ZmFsc2V9

Download
SHA256	f1e246eab26cac59dee6c50e2c7eafdfacd8f2282435821eb4d5f0e1b3682556
Referer
Magic	Inconclusive. Probably text (TEXT)
Request	POST /config-from-production HTTP/1.1 Cache-Control: no-cache Content-Type: application/json User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: dlg-configs.buzzrin.de Content-Length: 204 Connection: Close {"os":"WinNT","osver":"6.1.7600 () SP: 0.0","lang":"en-US","uid":"acc7fe12-3135-466d-a131-c5ba9b41ee06","prod":"freeware-de/1.0/campaigns/product+website/","expiresOn":"2115-02-06T17:09:56.3860824+00:00"}
Response Header	HTTP/1.1 200 OK Content-Type: text/plain Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Thu, 01 Feb 2018 19:10:07 GMT Connection: close Content-Length: 6699
Response Peek (128 B)	{"certificate":"freemium","productSetup":"downloadguide/temp/eba69b5a-6f5a-447c-9b83-174026fdd122/DoNothing.exe","windowHeight":...

dlg-messages.buzzrin.de (104.45.146.238:80)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

/1/dg/3/error

text/html

error

200 OK

0.0 B

01/17/78 05:21:42

Download
SHA256	dc937b59892604f5a86ac96936cd7ff09e25f18ae6b758e8014a24c7fa039e91
Referer
Magic	()
Request	POST /1/dg/3/error HTTP/1.1 Cache-Control: no-cache Content-Type: application/json User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: dlg-messages.buzzrin.de Content-Length: 577 Connection: Close {"ApplicationName":"DownloadGuide2","ApplicationVersion":"3.1.0.171","Client":"freemium","Culture":"en-US","Region":"default","ExceptionDateBinary":"2018-02-01T19:10:08-08:00","ExceptionName":"","Message":"Product uiFile property is not defined or invalid","MethodName":"","OsName":"WinNT","OsPlatform":"x32","OsVersion":"6.1.7600 () SP: 0.0","StackTrace":"","BuildId":"89471a09-fdf0-4015-ad79-e3ef8893992c","SessionId":"37ba863d-0460-4b8d-9d92-44f6c2007080","Product":"freeware-de","ProductVersion":"1.0","Campaign":"product+website","Offer":"","TrackBackUrl":"","SubId":null}
Response Header	HTTP/1.1 200 OK Content-Type: text/html Server: Microsoft-IIS/8.0 X-Powered-By: ASP.NET Date: Thu, 01 Feb 2018 19:10:08 GMT Connection: close Content-Length: 0

/1/dg/3

text/html

200 OK

0.0 B

01/17/78 05:28:46

Download
SHA256	dc937b59892604f5a86ac96936cd7ff09e25f18ae6b758e8014a24c7fa039e91
Referer
Magic	()
Request	POST /1/dg/3 HTTP/1.1 Cache-Control: no-cache Content-Type: application/json User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: dlg-messages.buzzrin.de Content-Length: 376 Connection: Close {"BuildId":"89471a09-fdf0-4015-ad79-e3ef8893992c","Client":"freemium","DlgVersion":"3.1.0.171","Culture":"en-US","LocalTime":"2018-02-01T19:10:08-08:00","SessionId":"37ba863d-0460-4b8d-9d92-44f6c2007080","MessageName":"ApplicationStarted","Product":"freeware-de","ProductVersion":"1.0","Region":"default","Campaign":"product+website","Offer":"","TrackBackUrl":"","SubId":null}
Response Header	HTTP/1.1 200 OK Content-Type: text/html Server: Microsoft-IIS/8.0 X-Powered-By: ASP.NET Date: Thu, 01 Feb 2018 19:10:08 GMT Connection: close Content-Length: 0