Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
143s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
09/03/2024, 22:44 UTC
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
bcffebd1410e17377d338c51d8dd6fb8.dll
Resource
win7-20240221-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
bcffebd1410e17377d338c51d8dd6fb8.dll
Resource
win10v2004-20240226-en
3 signatures
150 seconds
General
-
Target
bcffebd1410e17377d338c51d8dd6fb8.dll
-
Size
1.4MB
-
MD5
bcffebd1410e17377d338c51d8dd6fb8
-
SHA1
0fd0209f0f79799a63227e9059452f08eb067036
-
SHA256
200490755410146917c1ab9f9b4ce824c780e1edc14c6555fca5fc6eb7bd6231
-
SHA512
506a66032894ef0c65a822363b9c121a9c451742b9f55e0d1786e174779bd6220761a5237407a97585f238fd8dd1359afd26a35e1dc4413256fd3147485f1a36
-
SSDEEP
12288:jlDTobP0R5qau4eud+0KVfGeoNuOtG9rMIfLpoTp2/WFH8bW7INLtK4dRjKCH/YZ:jlc8g4jdpKVloEz9OIu4d1KCHk
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File created C:\Windows\SysWOW64\SkinH_EL.dll rundll32.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 5236 rundll32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3552 wrote to memory of 5236 3552 rundll32.exe 89 PID 3552 wrote to memory of 5236 3552 rundll32.exe 89 PID 3552 wrote to memory of 5236 3552 rundll32.exe 89
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\bcffebd1410e17377d338c51d8dd6fb8.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:3552 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\bcffebd1410e17377d338c51d8dd6fb8.dll,#12⤵
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx
PID:5236
-
Network
-
Remote address:8.8.8.8:53Requestg.bing.comIN AResponseg.bing.comIN CNAMEg-bing-com.a-0001.a-msedge.netg-bing-com.a-0001.a-msedge.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
GEThttps://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=Remote address:204.79.197.200:443RequestGET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=024D2507894D666F2926313A88F667A5; domain=.bing.com; expires=Thu, 03-Apr-2025 22:44:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0AFB9063181E4F96BDE6FA57678FABFE Ref B: LON04EDGE0907 Ref C: 2024-03-09T22:44:23Z
date: Sat, 09 Mar 2024 22:44:23 GMT
-
GEThttps://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=Remote address:204.79.197.200:443RequestGET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=024D2507894D666F2926313A88F667A5
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=0L3kCPhegndP12_Zw0NDb-qIURYFtDu5YAyvBmA86XE; domain=.bing.com; expires=Thu, 03-Apr-2025 22:44:23 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9C9A93C160B4F5CBBB6F68BAB295AB9 Ref B: LON04EDGE0907 Ref C: 2024-03-09T22:44:23Z
date: Sat, 09 Mar 2024 22:44:23 GMT
-
GEThttps://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=Remote address:204.79.197.200:443RequestGET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=024D2507894D666F2926313A88F667A5; MSPTC=0L3kCPhegndP12_Zw0NDb-qIURYFtDu5YAyvBmA86XE
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70D77DE538944BDF8AB066D8D767572A Ref B: LON04EDGE0907 Ref C: 2024-03-09T22:44:23Z
date: Sat, 09 Mar 2024 22:44:23 GMT
-
Remote address:8.8.8.8:53Request13.86.106.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request200.197.79.204.in-addr.arpaIN PTRResponse200.197.79.204.in-addr.arpaIN PTRa-0001a-msedgenet
-
Remote address:8.8.8.8:53Request177.178.17.96.in-addr.arpaIN PTRResponse177.178.17.96.in-addr.arpaIN PTRa96-17-178-177deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request71.159.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request71.159.190.20.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request9.228.82.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request26.35.223.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request41.110.16.96.in-addr.arpaIN PTRResponse41.110.16.96.in-addr.arpaIN PTRa96-16-110-41deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request103.169.127.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request103.169.127.40.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request154.239.44.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request100.5.17.2.in-addr.arpaIN PTRResponse100.5.17.2.in-addr.arpaIN PTRa2-17-5-100deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request119.110.54.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request228.249.119.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request228.249.119.40.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request210.178.17.96.in-addr.arpaIN PTRResponse210.178.17.96.in-addr.arpaIN PTRa96-17-178-210deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request217.135.221.88.in-addr.arpaIN PTRResponse217.135.221.88.in-addr.arpaIN PTRa88-221-135-217deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request50.134.221.88.in-addr.arpaIN PTRResponse50.134.221.88.in-addr.arpaIN PTRa88-221-134-50deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request204.178.17.96.in-addr.arpaIN PTRResponse204.178.17.96.in-addr.arpaIN PTRa96-17-178-204deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request43.229.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request43.229.111.52.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request43.229.111.52.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN AResponsetse1.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN AResponsetse1.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301444_1ADW5UG9KMTHYULQ8&pid=21.2&w=1080&h=1920&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301444_1ADW5UG9KMTHYULQ8&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 447383
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3AECE4BC6CB74D60AA45C286D6D766F5 Ref B: LON04EDGE0719 Ref C: 2024-03-09T22:46:05Z
date: Sat, 09 Mar 2024 22:46:04 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301512_1AX3RCN5D9AJKN0AW&pid=21.2&w=1080&h=1920&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301512_1AX3RCN5D9AJKN0AW&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 366461
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A02C5E9511C48139CC0EF9F023C7C74 Ref B: LON04EDGE0719 Ref C: 2024-03-09T22:46:05Z
date: Sat, 09 Mar 2024 22:46:04 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301079_1C0V2OISTJJIJUHWS&pid=21.2&w=1920&h=1080&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301079_1C0V2OISTJJIJUHWS&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 180287
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F0E774969DC4394B1358C522EBEB9E1 Ref B: LON04EDGE0719 Ref C: 2024-03-09T22:46:05Z
date: Sat, 09 Mar 2024 22:46:04 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340418537_1WA44EQA64JN0VKE0&pid=21.2&w=1080&h=1920&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239340418537_1WA44EQA64JN0VKE0&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 440440
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7DE5CE1DBCF34761A01405C88C43B206 Ref B: LON04EDGE0719 Ref C: 2024-03-09T22:46:05Z
date: Sat, 09 Mar 2024 22:46:04 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301011_1Q64Y8U9UJ0Y7FTOQ&pid=21.2&w=1920&h=1080&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301011_1Q64Y8U9UJ0Y7FTOQ&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 171891
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F7AF4997A2F4DB5BF538372E0D0335B Ref B: LON04EDGE0719 Ref C: 2024-03-09T22:46:05Z
date: Sat, 09 Mar 2024 22:46:04 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340418538_115TEFRTVWJF1SFIA&pid=21.2&w=1920&h=1080&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239340418538_115TEFRTVWJF1SFIA&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 435260
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B1A4D433F2DD44299E1BFA531ED4F76D Ref B: LON04EDGE0719 Ref C: 2024-03-09T22:46:06Z
date: Sat, 09 Mar 2024 22:46:05 GMT
-
Remote address:8.8.8.8:53Request18.134.221.88.in-addr.arpaIN PTRResponse18.134.221.88.in-addr.arpaIN PTRa88-221-134-18deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request18.134.221.88.in-addr.arpaIN PTRResponse18.134.221.88.in-addr.arpaIN PTRa88-221-134-18deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request33.134.221.88.in-addr.arpaIN PTRResponse33.134.221.88.in-addr.arpaIN PTRa88-221-134-33deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request33.134.221.88.in-addr.arpaIN PTRResponse33.134.221.88.in-addr.arpaIN PTRa88-221-134-33deploystaticakamaitechnologiescom
-
204.79.197.200:443https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=tls, http22.7kB 9.2kB 23 18
HTTP Request
GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=785f9f18e97f4acdab59273b66681c08&localId=w:B10FE29E-1693-3A9A-DEA4-AA0A4C8C3099&deviceId=6825825924576770&anid=HTTP Response
204 -
46 B 1
-
1.2kB 8.1kB 15 13
-
1.2kB 8.0kB 16 12
-
1.2kB 8.1kB 16 14
-
204.79.197.200:443https://tse1.mm.bing.net/th?id=OADD2.10239340418538_115TEFRTVWJF1SFIA&pid=21.2&w=1920&h=1080&c=4tls, http274.6kB 2.1MB 1566 1562
HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301444_1ADW5UG9KMTHYULQ8&pid=21.2&w=1080&h=1920&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301512_1AX3RCN5D9AJKN0AW&pid=21.2&w=1080&h=1920&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301079_1C0V2OISTJJIJUHWS&pid=21.2&w=1920&h=1080&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340418537_1WA44EQA64JN0VKE0&pid=21.2&w=1080&h=1920&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301011_1Q64Y8U9UJ0Y7FTOQ&pid=21.2&w=1920&h=1080&c=4HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340418538_115TEFRTVWJF1SFIA&pid=21.2&w=1920&h=1080&c=4HTTP Response
200HTTP Response
200HTTP Response
200 -
1.2kB 8.1kB 16 13
-
56 B 158 B 1 1
DNS Request
g.bing.com
DNS Response
204.79.197.20013.107.21.200
-
71 B 157 B 1 1
DNS Request
13.86.106.20.in-addr.arpa
-
73 B 106 B 1 1
DNS Request
200.197.79.204.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
177.178.17.96.in-addr.arpa
-
144 B 158 B 2 1
DNS Request
71.159.190.20.in-addr.arpa
DNS Request
71.159.190.20.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
9.228.82.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
26.35.223.20.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
41.110.16.96.in-addr.arpa
-
146 B 147 B 2 1
DNS Request
103.169.127.40.in-addr.arpa
DNS Request
103.169.127.40.in-addr.arpa
-
70 B 144 B 1 1
DNS Request
18.31.95.13.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
154.239.44.20.in-addr.arpa
-
69 B 131 B 1 1
DNS Request
100.5.17.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
119.110.54.20.in-addr.arpa
-
146 B 159 B 2 1
DNS Request
228.249.119.40.in-addr.arpa
DNS Request
228.249.119.40.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
210.178.17.96.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
217.135.221.88.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
50.134.221.88.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
204.178.17.96.in-addr.arpa
-
216 B 158 B 3 1
DNS Request
43.229.111.52.in-addr.arpa
DNS Request
43.229.111.52.in-addr.arpa
DNS Request
43.229.111.52.in-addr.arpa
-
124 B 346 B 2 2
DNS Request
tse1.mm.bing.net
DNS Request
tse1.mm.bing.net
DNS Response
204.79.197.20013.107.21.200
DNS Response
204.79.197.20013.107.21.200
-
144 B 274 B 2 2
DNS Request
18.134.221.88.in-addr.arpa
DNS Request
18.134.221.88.in-addr.arpa
-
144 B 274 B 2 2
DNS Request
33.134.221.88.in-addr.arpa
DNS Request
33.134.221.88.in-addr.arpa