eeaa10ba2449119ce525a4186971ba78ed25e333db87c2b7fe0c1a50261df5d5

Analysis

max time kernel
143s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
12/03/2024, 09:09 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c2fd07a23db90f4af28c3af160f49541.html
Size

33KB
MD5

c2fd07a23db90f4af28c3af160f49541
SHA1

3382430c5a7c0c9770d9960487091d0882c242d5
SHA256

eeaa10ba2449119ce525a4186971ba78ed25e333db87c2b7fe0c1a50261df5d5
SHA512

c3acbdd3949442301ac66281282da91eeb7b9f51215477e88217381b9fd809722ed97f6917b3a88df60ca36309ff245375d298626571d2e2ef4463f24b9b11ef
SSDEEP

768:sIRIOITIwIgIiKZgNDfIwIGI5IVJ7SqIRIOITIwIgIiKZgNDfIwIGI5IVJ7SZ5SM:sIRIOITIwIgIiKZgNDfIwIGI5IVJ7SqE

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c2fd07a23db90f4af28c3af160f49541.html
1⤵
PID:4952

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4080 --field-trial-handle=2900,i,14549994492153927475,12895178890800740987,262144 --variations-seed-version /prefetch:1
1⤵
PID:1488

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4832 --field-trial-handle=2900,i,14549994492153927475,12895178890800740987,262144 --variations-seed-version /prefetch:1
1⤵
PID:1040

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5360 --field-trial-handle=2900,i,14549994492153927475,12895178890800740987,262144 --variations-seed-version /prefetch:8
1⤵
PID:3732

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5724 --field-trial-handle=2900,i,14549994492153927475,12895178890800740987,262144 --variations-seed-version /prefetch:1
1⤵
PID:3656

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5704 --field-trial-handle=2900,i,14549994492153927475,12895178890800740987,262144 --variations-seed-version /prefetch:8
1⤵
PID:1464

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5920 --field-trial-handle=2900,i,14549994492153927475,12895178890800740987,262144 --variations-seed-version /prefetch:1
1⤵
PID:3364

Network

DNS

71.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.31.126.40.in-addr.arpa

IN PTR

Response
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-1.uksouth.cloudapp.azure.com

prod-agic-us-1.uksouth.cloudapp.azure.com

IN A

13.87.96.169
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-1.uksouth.cloudapp.azure.com
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-dc-msedge.net
DNS

ajax.googleapis.com

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.179.170
DNS

ajax.googleapis.com

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN Unknown

Response
DNS

okhantil.com

Remote address:

8.8.8.8:53

Request

okhantil.com

IN A

Response
DNS

okhantil.com

Remote address:

8.8.8.8:53

Request

okhantil.com

IN Unknown

Response
DNS

i.ytimg.com

Remote address:

8.8.8.8:53

Request

i.ytimg.com

IN A

Response

i.ytimg.com

IN A

142.250.179.182

i.ytimg.com

IN A

142.250.179.214

i.ytimg.com

IN A

142.251.36.22

i.ytimg.com

IN A

142.251.39.118

i.ytimg.com

IN A

172.217.168.214

i.ytimg.com

IN A

172.217.23.214

i.ytimg.com

IN A

216.58.208.118

i.ytimg.com

IN A

142.250.179.150

i.ytimg.com

IN A

142.251.36.54

i.ytimg.com

IN A

172.217.168.246
DNS

i.ytimg.com

Remote address:

8.8.8.8:53

Request

i.ytimg.com

IN Unknown

Response
DNS

92.65.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

92.65.42.20.in-addr.arpa

IN PTR

Response
DNS

okhantil.com

Remote address:

8.8.8.8:53

Request

okhantil.com

IN A

Response
DNS

cdn2.editmysite.com

Remote address:

8.8.8.8:53

Request

cdn2.editmysite.com

IN A

Response

cdn2.editmysite.com

IN CNAME

weebly.map.fastly.net

weebly.map.fastly.net

IN A

151.101.1.46

weebly.map.fastly.net

IN A

151.101.65.46

weebly.map.fastly.net

IN A

151.101.129.46

weebly.map.fastly.net

IN A

151.101.193.46
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

88.221.135.81

a416.dscd.akamai.net

IN A

88.221.134.17
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

0.204.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.204.248.87.in-addr.arpa

IN PTR

Response

0.204.248.87.in-addr.arpa

IN PTR

https-87-248-204-0lhrllnwnet
DNS

182.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

182.179.250.142.in-addr.arpa

IN PTR

Response

182.179.250.142.in-addr.arpa

IN PTR

ams15s41-in-f221e100net
DNS

169.96.87.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

169.96.87.13.in-addr.arpa

IN PTR

Response
DNS

170.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

170.179.250.142.in-addr.arpa

IN PTR

Response

170.179.250.142.in-addr.arpa

IN PTR

ams15s41-in-f101e100net
DNS

cdn2.editmysite.com

Remote address:

8.8.8.8:53

Request

cdn2.editmysite.com

IN A

Response

cdn2.editmysite.com

IN CNAME

weebly.map.fastly.net

weebly.map.fastly.net

IN A

151.101.1.46

weebly.map.fastly.net

IN A

151.101.65.46

weebly.map.fastly.net

IN A

151.101.129.46

weebly.map.fastly.net

IN A

151.101.193.46
DNS

137.241.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.241.123.92.in-addr.arpa

IN PTR

Response

137.241.123.92.in-addr.arpa

IN PTR

a92-123-241-137deploystaticakamaitechnologiescom
DNS

217.106.137.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.106.137.52.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.a-0001.a-msedge.net

g-bing-com.a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

Remote address:

204.79.197.200:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=096CBE2145BC633932EFAA61445C62DC; domain=.bing.com; expires=Sun, 06-Apr-2025 09:10:05 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7D673EE4EF9840928ACA7B63E6A1B9A0 Ref B: LON04EDGE1210 Ref C: 2024-03-12T09:10:05Z
date: Tue, 12 Mar 2024 09:10:05 GMT
GET

https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

Remote address:

204.79.197.200:443

Request

GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=096CBE2145BC633932EFAA61445C62DC

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=Lkg8uQh4Q4_xmTNrsry7iopkk0a0nUoWFXsYJBcow54; domain=.bing.com; expires=Sun, 06-Apr-2025 09:10:05 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A7EADE39C9524C978AA1D259F10F2AD3 Ref B: LON04EDGE1210 Ref C: 2024-03-12T09:10:05Z
date: Tue, 12 Mar 2024 09:10:05 GMT
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

Remote address:

204.79.197.200:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=096CBE2145BC633932EFAA61445C62DC; MSPTC=Lkg8uQh4Q4_xmTNrsry7iopkk0a0nUoWFXsYJBcow54

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0905110005214C689C9726F339D32257 Ref B: LON04EDGE1210 Ref C: 2024-03-12T09:10:06Z
date: Tue, 12 Mar 2024 09:10:06 GMT
DNS

241.154.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.154.82.20.in-addr.arpa

IN PTR

Response
DNS

81.135.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.135.221.88.in-addr.arpa

IN PTR

Response

81.135.221.88.in-addr.arpa

IN PTR

a88-221-135-81deploystaticakamaitechnologiescom
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

104.80.229.162
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

205.47.74.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.47.74.20.in-addr.arpa

IN PTR

Response
DNS

41.110.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

41.110.16.96.in-addr.arpa

IN PTR

Response

41.110.16.96.in-addr.arpa

IN PTR

a96-16-110-41deploystaticakamaitechnologiescom
DNS

232.168.11.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.168.11.51.in-addr.arpa

IN PTR

Response
DNS

9.228.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.228.82.20.in-addr.arpa

IN PTR

Response
DNS

9.228.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.228.82.20.in-addr.arpa

IN PTR
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR
DNS

nw-umwatson.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

nw-umwatson.events.data.microsoft.com

IN A

Response

nw-umwatson.events.data.microsoft.com

IN CNAME

blobcollector.events.data.trafficmanager.net

blobcollector.events.data.trafficmanager.net

IN CNAME

onedsblobprdeus17.eastus.cloudapp.azure.com

onedsblobprdeus17.eastus.cloudapp.azure.com

IN A

20.42.65.92
POST

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

Remote address:

20.42.65.92:443

Request

POST /Telemetry.Request HTTP/1.1
Connection: Keep-Alive
Content-Type: application/xml
User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
MSA_DeviceTicket: t=EwCwAlN5BAAUu1V9OkIAK55tj6h8OjaXgvkszYkAAWhs6/1ev5+m20ClmiWr0q5wSXH9E7RZr7I3wpGP1P2IEd5SBahwHFoT1YZlNuxMRHsNsOKOr9wDko+4NTIuk3ax0Xt8ooOHRlWYrWjDQGhaxhDcuMqwL7E3TWhpZ+J9otxYuO5lt4DS2S+gGIqruGj68iMN/SCaOC3qIWXbGqzCH/cpJs5kgRlkqszFQNGATgP4+LkubMh2HKV+Xtpir/kEHLAI4LcyUEzFTitms8JeV4221vpLC5THvAaPi5TZa6zXi4qHpI4Ygxkm/rEPRzJQuULV8eM7rPHY2ivSKdwAztPo1HjzsAW4yMeisVFPtR8JktnEQNoudujP1T5p/QwDZgAACL6/zBpS0l5cgAFgwkIqoLuHfw4pFD/FmIPJDdxI/8Ot5DHuEkHXOVfazhBuybuSi0YoJ4Vh3iiGFnEG8oo199iMkXco9kfnVAYe5kPwruHuMgGkj1QK3fPwV4prjxUAI/eTSFQiA7fGpsdr6VoEXc7z+f6TbN1HM2szO6etI+VwyDNUt4jPLxlwpnpTraM/6uRvQcKrdlvr1V/n7H7ffIL6YO96yZXn5btWuNWOfdFeKIgOSMdgWN+FLCNTEsV29X5lZSO2frJGeHlS/WozwOhD5URfNT0aPaoAyvPoeQhTeEHc04X68+gdzmYQRPJFa8YBl2BxUV0TyBRzfZD6nbHR9hIIw35QhtwoFer/guC0YC6sEiyvK7Bu+LfzSkwY5zHJ9m+mtKRdHDhewYbfsd9IHKpr5rhGLD5cc39kyw6JRraJR0B+3hJquFHnukdnUcfgAd/RX3+rizptHk/ldi6fzEWsbxaOAwVCmbpwPzwtIV/zrQaYM294nzq/uDyuNRDXkGrONtFqRT62AQ==&p=
Content-Length: 3685
Host: nw-umwatson.events.data.microsoft.com

Response

HTTP/1.1 200 200 OK

Content-Length: 634
Content-Type: text/xml
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Date: Tue, 12 Mar 2024 09:10:23 GMT
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

33.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

33.134.221.88.in-addr.arpa

IN PTR

Response

33.134.221.88.in-addr.arpa

IN PTR

a88-221-134-33deploystaticakamaitechnologiescom
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

216.58.208.110

youtube-ui.l.google.com

IN A

142.250.179.142

youtube-ui.l.google.com

IN A

142.251.36.46

youtube-ui.l.google.com

IN A

172.217.168.238

youtube-ui.l.google.com

IN A

142.250.179.174

youtube-ui.l.google.com

IN A

142.250.179.206

youtube-ui.l.google.com

IN A

142.251.36.14

youtube-ui.l.google.com

IN A

142.251.39.110

youtube-ui.l.google.com

IN A

172.217.23.206
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN Unknown

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN Unknown
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

216.58.208.110

youtube-ui.l.google.com

IN A

142.250.179.142

youtube-ui.l.google.com

IN A

142.251.36.46

youtube-ui.l.google.com

IN A

172.217.168.238

youtube-ui.l.google.com

IN A

142.250.179.174

youtube-ui.l.google.com

IN A

142.250.179.206

youtube-ui.l.google.com

IN A

142.251.36.14

youtube-ui.l.google.com

IN A

142.251.39.110

youtube-ui.l.google.com

IN A

172.217.23.206
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

216.58.208.110

youtube-ui.l.google.com

IN A

142.250.179.142

youtube-ui.l.google.com

IN A

142.251.36.46

youtube-ui.l.google.com

IN A

172.217.168.238

youtube-ui.l.google.com

IN A

142.250.179.174

youtube-ui.l.google.com

IN A

142.250.179.206

youtube-ui.l.google.com

IN A

142.251.36.14

youtube-ui.l.google.com

IN A

142.251.39.110

youtube-ui.l.google.com

IN A

172.217.23.206
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A
DNS

www.weebly.com

Remote address:

8.8.8.8:53

Request

www.weebly.com

IN A

Response

www.weebly.com

IN CNAME

weebly.com

weebly.com

IN A

74.115.50.110

weebly.com

IN A

74.115.50.109
DNS

www.weebly.com

Remote address:

8.8.8.8:53

Request

www.weebly.com

IN A
DNS

platform.twitter.com

Remote address:

8.8.8.8:53

Request

platform.twitter.com

IN A

Response

platform.twitter.com

IN CNAME

cs472.wac.edgecastcdn.net

cs472.wac.edgecastcdn.net

IN CNAME

cs1-apr-8315.wac.edgecastcdn.net

cs1-apr-8315.wac.edgecastcdn.net

IN CNAME

wac.apr-8315.edgecastdns.net

wac.apr-8315.edgecastdns.net

IN CNAME

cs1-lb-eu.8315.ecdns.net

cs1-lb-eu.8315.ecdns.net

IN CNAME

cs491.wac.edgecastcdn.net

cs491.wac.edgecastcdn.net

IN A

192.229.233.25
DNS

platform.twitter.com

Remote address:

8.8.8.8:53

Request

platform.twitter.com

IN A
DNS

i.ytimg.com

Remote address:

8.8.8.8:53

Request

i.ytimg.com

IN A

Response

i.ytimg.com

IN A

142.250.179.182

i.ytimg.com

IN A

142.250.179.214

i.ytimg.com

IN A

142.251.36.22

i.ytimg.com

IN A

142.251.39.118

i.ytimg.com

IN A

172.217.168.214

i.ytimg.com

IN A

172.217.23.214

i.ytimg.com

IN A

216.58.208.118

i.ytimg.com

IN A

142.250.179.150

i.ytimg.com

IN A

142.251.36.54

i.ytimg.com

IN A

172.217.168.246
DNS

i.ytimg.com

Remote address:

8.8.8.8:53

Request

i.ytimg.com

IN Unknown

Response
DNS

35.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.36.251.142.in-addr.arpa

IN PTR

Response

35.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f31e100net
DNS

35.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.36.251.142.in-addr.arpa

IN PTR
DNS

14.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.36.251.142.in-addr.arpa

IN PTR

Response

14.36.251.142.in-addr.arpa

IN PTR

ams15s44-in-f141e100net
DNS

14.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.36.251.142.in-addr.arpa

IN PTR
DNS

110.208.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.208.58.216.in-addr.arpa

IN PTR

Response

110.208.58.216.in-addr.arpa

IN PTR

sof01s11-in-f1101e100net

110.208.58.216.in-addr.arpa

IN PTR

ams17s08-in-f14�J
DNS

110.208.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.208.58.216.in-addr.arpa

IN PTR

Response

www.weebly.com

IN CNAME

weebly.com

weebly.com

IN A

74.115.50.109

weebly.com

IN A

74.115.50.110
DNS

www.weebly.com

Remote address:

8.8.8.8:53

Request

www.weebly.com

IN A
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

216.58.208.110

youtube-ui.l.google.com

IN A

142.250.179.142

youtube-ui.l.google.com

IN A

142.251.36.46

youtube-ui.l.google.com

IN A

172.217.168.238

youtube-ui.l.google.com

IN A

142.250.179.174

youtube-ui.l.google.com

IN A

142.250.179.206

youtube-ui.l.google.com

IN A

142.251.36.14

youtube-ui.l.google.com

IN A

142.251.39.110

youtube-ui.l.google.com

IN A

172.217.23.206
DNS

googleads.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.251.39.98
DNS

googleads.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN Unknown

Response

googleads.g.doubleclick.net

IN Unknown

h2h3
DNS

static.doubleclick.net

Remote address:

8.8.8.8:53

Request

static.doubleclick.net

IN A

Response

static.doubleclick.net

IN A

142.250.179.198
DNS

static.doubleclick.net

Remote address:

8.8.8.8:53

Request

static.doubleclick.net

IN Unknown

Response
DNS

jnn-pa.googleapis.com

Remote address:

8.8.8.8:53

Request

jnn-pa.googleapis.com

IN A

Response

jnn-pa.googleapis.com

IN A

172.217.23.202

jnn-pa.googleapis.com

IN A

216.58.208.106

jnn-pa.googleapis.com

IN A

142.250.179.138

jnn-pa.googleapis.com

IN A

142.251.36.42

jnn-pa.googleapis.com

IN A

172.217.168.234

jnn-pa.googleapis.com

IN A

142.250.179.170

jnn-pa.googleapis.com

IN A

142.250.179.202

jnn-pa.googleapis.com

IN A

142.251.36.10

jnn-pa.googleapis.com

IN A

142.251.39.106
DNS

jnn-pa.googleapis.com

Remote address:

8.8.8.8:53

Request

jnn-pa.googleapis.com

IN Unknown

Response
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.179.196
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN Unknown

Response

www.google.com

IN Unknown

h2h3
DNS

yt3.ggpht.com

Remote address:

8.8.8.8:53

Request

yt3.ggpht.com

IN A

Response

yt3.ggpht.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.193
DNS

yt3.ggpht.com

Remote address:

8.8.8.8:53

Request

yt3.ggpht.com

IN Unknown

Response

yt3.ggpht.com

IN CNAME

photos-ugc.l.googleusercontent.com
DNS

platform.twitter.com

Remote address:

8.8.8.8:53

Request

platform.twitter.com

IN A

Response

platform.twitter.com

IN CNAME

cs472.wac.edgecastcdn.net

cs472.wac.edgecastcdn.net

IN CNAME

cs1-apr-8315.wac.edgecastcdn.net

cs1-apr-8315.wac.edgecastcdn.net

IN CNAME

wac.apr-8315.edgecastdns.net

wac.apr-8315.edgecastdns.net

IN CNAME

cs1-lb-eu.8315.ecdns.net

cs1-lb-eu.8315.ecdns.net

IN CNAME

cs491.wac.edgecastcdn.net

cs491.wac.edgecastcdn.net

IN A

192.229.233.25
DNS

98.39.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.39.251.142.in-addr.arpa

IN PTR

Response

98.39.251.142.in-addr.arpa

IN PTR

ams15s48-in-f21e100net
DNS

198.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.179.250.142.in-addr.arpa

IN PTR

Response

198.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f61e100net
DNS

196.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.179.250.142.in-addr.arpa

IN PTR

Response

196.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f41e100net
DNS

202.23.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.23.217.172.in-addr.arpa

IN PTR

Response

202.23.217.172.in-addr.arpa

IN PTR

ams16s37-in-f101e100net

202.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f202�I

202.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f10�I
DNS

193.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.179.250.142.in-addr.arpa

IN PTR

Response

193.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f11e100net
DNS

3.214.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.214.58.216.in-addr.arpa

IN PTR

Response

3.214.58.216.in-addr.arpa

IN PTR

ams17s09-in-f31e100net

3.214.58.216.in-addr.arpa

IN PTR

lhr26s05-in-f3�F

3.214.58.216.in-addr.arpa

IN PTR

�]
DNS

195.35.21.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.35.21.2.in-addr.arpa

IN PTR

Response

195.35.21.2.in-addr.arpa

IN PTR

a2-21-35-195deploystaticakamaitechnologiescom
DNS

209.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.178.17.96.in-addr.arpa

IN PTR

Response

209.178.17.96.in-addr.arpa

IN PTR

a96-17-178-209deploystaticakamaitechnologiescom
DNS

88.156.103.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.156.103.20.in-addr.arpa

IN PTR

Response
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN A
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN Unknown
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.251.39.110
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN Unknown

Response
DNS

110.39.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.39.251.142.in-addr.arpa

IN PTR

Response

110.39.251.142.in-addr.arpa

IN PTR

ams15s48-in-f141e100net
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317300976_175WPYH13KO5QTHY0&pid=21.2&w=1920&h=1080&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317300976_175WPYH13KO5QTHY0&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 313621
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A63411EA5DA04A8CB7F4D6013112F097 Ref B: LON04EDGE0918 Ref C: 2024-03-12T09:11:57Z
date: Tue, 12 Mar 2024 09:11:56 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301409_1O8VP6TH939POQOPO&pid=21.2&w=1080&h=1920&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301409_1O8VP6TH939POQOPO&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 416984
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BFD18A73B5A545CAAE533F3A3EC0D4CF Ref B: LON04EDGE0918 Ref C: 2024-03-12T09:11:57Z
date: Tue, 12 Mar 2024 09:11:56 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301458_1O5GXDV85M53L16NQ&pid=21.2&w=1080&h=1920&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301458_1O5GXDV85M53L16NQ&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 342941
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DFACCA303844487FA5F5E8F9C9B0D013 Ref B: LON04EDGE0918 Ref C: 2024-03-12T09:11:57Z
date: Tue, 12 Mar 2024 09:11:56 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360284620_1TF9ZP2GQ6Z0HCCJW&pid=21.2&w=1080&h=1920&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360284620_1TF9ZP2GQ6Z0HCCJW&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 415680
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07E586B5D1204D52A2B2149633A12253 Ref B: LON04EDGE0918 Ref C: 2024-03-12T09:11:57Z
date: Tue, 12 Mar 2024 09:11:57 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301025_159EZPKLFPK71SUGC&pid=21.2&w=1920&h=1080&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301025_159EZPKLFPK71SUGC&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 408529
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1DD1AC29845C48FBB9C2FEAF2E21931B Ref B: LON04EDGE0918 Ref C: 2024-03-12T09:11:57Z
date: Tue, 12 Mar 2024 09:11:57 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360284621_15T7M3RM45GPX2VDW&pid=21.2&w=1920&h=1080&c=4

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360284621_15T7M3RM45GPX2VDW&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 472240
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 98C2962B20CE4118B1646554D041F9EA Ref B: LON04EDGE0918 Ref C: 2024-03-12T09:11:59Z
date: Tue, 12 Mar 2024 09:11:59 GMT
DNS

9.73.50.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.73.50.20.in-addr.arpa

IN PTR

Response
DNS

9.73.50.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.73.50.20.in-addr.arpa

IN PTR

142.250.179.182:443

i.ytimg.com

tls

2.5kB
44.5kB
28
41
142.250.179.170:443

ajax.googleapis.com

tls

3.8kB
74.1kB
56
62
142.250.179.170:443

ajax.googleapis.com

tls

1.1kB
6.1kB
9
8
13.107.6.158:443

business.bing.com

tls

2.6kB
10.2kB
18
24
13.87.96.169:443

nav-edge.smartscreen.microsoft.com

tls

20.2kB
19.8kB
49
43
151.101.1.46:445

cdn2.editmysite.com

260 B
5
88.221.135.81:443

bzib.nelreports.net

tls

2.7kB
6.7kB
15
17
92.123.241.137:443

www.microsoft.com

tls

2.8kB
22.4kB
26
37
88.221.135.81:443

bzib.nelreports.net

tls

1.1kB
4.9kB
10
11
151.101.65.46:445

cdn2.editmysite.com

260 B
5
151.101.129.46:445

cdn2.editmysite.com

260 B
5
151.101.193.46:445

cdn2.editmysite.com

260 B
5
151.101.1.46:139

cdn2.editmysite.com

260 B
5
204.79.197.200:443

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

tls, http2

2.0kB
9.2kB
22
19

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

HTTP Response

204
13.107.246.64:443

edgestatic.azureedge.net

tls

1.8kB
7.5kB
11
10
13.107.246.64:443

edgestatic.azureedge.net

tls

98.7kB
3.9MB
1902
2896
13.107.246.64:443

edgestatic.azureedge.net

tls

884 B
311 B
6
5
13.107.246.64:443

edgestatic.azureedge.net

tls

1.5kB
7.6kB
10
11
13.107.246.64:443

wcpstatic.microsoft.com

tls

1.8kB
6.6kB
12
14
13.107.246.64:443

edgestatic.azureedge.net

tls

1.5kB
7.6kB
10
11
13.107.246.64:443

edgestatic.azureedge.net

tls

2.8kB
7.8kB
12
13
13.107.246.64:443

edgestatic.azureedge.net

tls

1.5kB
7.6kB
9
12
13.107.246.64:443

edgestatic.azureedge.net

tls

1.7kB
7.6kB
10
11
13.107.246.64:443

edgestatic.azureedge.net

tls

8.3kB
270.7kB
131
215
20.42.65.92:443

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

tls, http

6.1kB
9.0kB
17
12

HTTP Request

POST https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

HTTP Response

200
142.251.36.42:445

fonts.googleapis.com

260 B
5
142.251.36.42:139

fonts.googleapis.com

260 B
5
20.231.121.79:80

46 B
1
216.58.208.110:443

www.youtube.com

tls

1.2kB
8.4kB
12
11
216.58.208.110:443

www.youtube.com

tls

1.1kB
8.4kB
11
11
216.58.208.110:443

www.youtube.com

tls

50.6kB
1.1MB
711
835
216.58.208.110:443

www.youtube.com

tls

1.1kB
8.4kB
11
11
142.250.179.182:443

i.ytimg.com

tls

4.4kB
85.0kB
62
73
142.250.179.198:443

static.doubleclick.net

tls

2.4kB
7.4kB
16
12
172.217.23.202:443

jnn-pa.googleapis.com

tls

1.0kB
6.2kB
9
8
172.217.23.202:443

jnn-pa.googleapis.com

tls

6.4kB
138.4kB
97
116
142.250.179.193:443

yt3.ggpht.com

tls

2.7kB
22.6kB
26
26
172.217.23.202:443

jnn-pa.googleapis.com

tls

955 B
5.1kB
9
7
142.250.179.193:443

yt3.ggpht.com

tls

1.1kB
9.7kB
12
10
142.250.179.193:443

yt3.ggpht.com

tls

1.1kB
9.7kB
12
10
74.115.50.110:445

www.weebly.com

260 B
5
192.229.233.25:445

platform.twitter.com

260 B
5
74.115.50.109:445

www.weebly.com

260 B
5
192.229.233.25:139

platform.twitter.com

260 B
5
2.21.35.195:443

www.bing.com

tls

1.1kB
5.5kB
10
13
142.251.39.110:443

play.google.com

tls

3.6kB
9.3kB
24
25
142.251.39.110:443

play.google.com

tls

1.1kB
7.8kB
10
10
142.251.39.110:443

play.google.com

tls

1.2kB
7.8kB
11
10
142.251.39.110:443

play.google.com

tls

1.2kB
7.8kB
11
10
142.251.39.110:443

play.google.com

tls

1.1kB
7.8kB
10
10
142.251.39.110:443

play.google.com

tls

1.1kB
7.8kB
10
10
142.251.39.110:443

play.google.com

tls

2.2kB
7.9kB
12
11
2.21.35.195:443

www.bing.com

tls

1.4kB
906 B
8
7
204.79.197.200:443

https://tse1.mm.bing.net/th?id=OADD2.10239360284621_15T7M3RM45GPX2VDW&pid=21.2&w=1920&h=1080&c=4

tls, http2

87.8kB
2.5MB
1812
1804

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317300976_175WPYH13KO5QTHY0&pid=21.2&w=1920&h=1080&c=4

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301409_1O8VP6TH939POQOPO&pid=21.2&w=1080&h=1920&c=4

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301458_1O5GXDV85M53L16NQ&pid=21.2&w=1080&h=1920&c=4

HTTP Response

200

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360284620_1TF9ZP2GQ6Z0HCCJW&pid=21.2&w=1080&h=1920&c=4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301025_159EZPKLFPK71SUGC&pid=21.2&w=1920&h=1080&c=4

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360284621_15T7M3RM45GPX2VDW&pid=21.2&w=1920&h=1080&c=4

HTTP Response

200

HTTP Response

200

HTTP Response

200
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.4kB
8.1kB
17
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.5kB
8.1kB
17
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.5kB
8.5kB
18
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.5kB
8.1kB
18
13

8.8.8.8:53

71.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

71.31.126.40.in-addr.arpa
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
200 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

13.87.96.169
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
244 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
204 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

ajax.googleapis.com

dns

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.179.170
8.8.8.8:53

ajax.googleapis.com

dns

65 B
122 B
1
1

DNS Request

ajax.googleapis.com
8.8.8.8:53

okhantil.com

dns

58 B
131 B
1
1

DNS Request

okhantil.com
8.8.8.8:53

okhantil.com

dns

58 B
131 B
1
1

DNS Request

okhantil.com
8.8.8.8:53

i.ytimg.com

dns

57 B
217 B
1
1

DNS Request

i.ytimg.com

DNS Response

142.250.179.182

142.250.179.214

142.251.36.22

142.251.39.118

172.217.168.214

172.217.23.214

216.58.208.118

142.250.179.150

142.251.36.54

172.217.168.246
8.8.8.8:53

i.ytimg.com

dns

127 B
270 B
2
2

DNS Request

i.ytimg.com

DNS Request

92.65.42.20.in-addr.arpa
8.8.8.8:53

okhantil.com

dns

58 B
131 B
1
1

DNS Request

okhantil.com
8.8.8.8:53

cdn2.editmysite.com

dns

65 B
164 B
1
1

DNS Request

cdn2.editmysite.com

DNS Response

151.101.1.46

151.101.65.46

151.101.129.46

151.101.193.46
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

88.221.135.81

88.221.134.17
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

0.204.248.87.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

0.204.248.87.in-addr.arpa
8.8.8.8:53

182.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

182.179.250.142.in-addr.arpa
8.8.8.8:53

169.96.87.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

169.96.87.13.in-addr.arpa
8.8.8.8:53

170.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

170.179.250.142.in-addr.arpa
8.8.8.8:53

cdn2.editmysite.com

dns

65 B
164 B
1
1

DNS Request

cdn2.editmysite.com

DNS Response

151.101.1.46

151.101.65.46

151.101.129.46

151.101.193.46
8.8.8.8:53

137.241.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

137.241.123.92.in-addr.arpa
8.8.8.8:53

217.106.137.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

217.106.137.52.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

g.bing.com

dns

56 B
158 B
1
1

DNS Request

g.bing.com

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

81.135.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

81.135.221.88.in-addr.arpa
8.8.8.8:53

241.154.82.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

241.154.82.20.in-addr.arpa
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
245 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
273 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

104.80.229.162
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
265 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
280 B
1
1

DNS Request

wcpstatic.microsoft.com
8.8.8.8:53

205.47.74.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

205.47.74.20.in-addr.arpa
8.8.8.8:53

41.110.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

41.110.16.96.in-addr.arpa
8.8.8.8:53

232.168.11.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

232.168.11.51.in-addr.arpa
8.8.8.8:53

9.228.82.20.in-addr.arpa

dns

140 B
156 B
2
1

DNS Request

9.228.82.20.in-addr.arpa

DNS Request

9.228.82.20.in-addr.arpa
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

146 B
147 B
2
1

DNS Request

149.220.183.52.in-addr.arpa

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

nw-umwatson.events.data.microsoft.com

dns

83 B
211 B
1
1

DNS Request

nw-umwatson.events.data.microsoft.com

DNS Response

20.42.65.92
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

33.134.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

33.134.221.88.in-addr.arpa
8.8.8.8:53

www.youtube.com

dns

61 B
239 B
1
1

DNS Request

www.youtube.com

DNS Response

216.58.208.110

142.250.179.142

142.251.36.46

172.217.168.238

142.250.179.174

142.250.179.206

142.251.36.14

142.251.39.110

172.217.23.206
8.8.8.8:53

www.youtube.com

dns

61 B
110 B
1
1

DNS Request

www.youtube.com
8.8.8.8:53

www.youtube.com

dns

61 B
239 B
1
1

DNS Request

www.youtube.com

DNS Response

216.58.208.110

142.250.179.142

142.251.36.46

172.217.168.238

142.250.179.174

142.250.179.206

142.251.36.14

142.251.39.110

172.217.23.206
8.8.8.8:53

www.youtube.com

dns

61 B
239 B
1
1

DNS Request

www.youtube.com

DNS Response

216.58.208.110

142.250.179.142

142.251.36.46

172.217.168.238

142.250.179.174

142.250.179.206

142.251.36.14

142.251.39.110

172.217.23.206
8.8.8.8:53

www.youtube.com

dns

61 B
1

DNS Request

www.youtube.com
8.8.8.8:53

www.weebly.com

dns

120 B
106 B
2
1

DNS Request

www.weebly.com

DNS Request

www.weebly.com

DNS Response

74.115.50.110

74.115.50.109
8.8.8.8:53

platform.twitter.com

dns

132 B
242 B
2
1

DNS Request

platform.twitter.com

DNS Request

platform.twitter.com

DNS Response

192.229.233.25
216.58.208.110:443

www.youtube.com

https

16.2kB
44.7kB
43
58
8.8.8.8:53

i.ytimg.com

dns

57 B
217 B
1
1

DNS Request

i.ytimg.com

DNS Response

142.250.179.182

142.250.179.214

142.251.36.22

142.251.39.118

172.217.168.214

172.217.23.214

216.58.208.118

142.250.179.150

142.251.36.54

172.217.168.246
8.8.8.8:53

i.ytimg.com

dns

57 B
114 B
1
1

DNS Request

i.ytimg.com
8.8.8.8:53

35.36.251.142.in-addr.arpa

dns

144 B
110 B
2
1

DNS Request

35.36.251.142.in-addr.arpa

DNS Request

35.36.251.142.in-addr.arpa
8.8.8.8:53

14.36.251.142.in-addr.arpa

dns

144 B
111 B
2
1

DNS Request

14.36.251.142.in-addr.arpa

DNS Request

14.36.251.142.in-addr.arpa
8.8.8.8:53

110.208.58.216.in-addr.arpa

dns

206 B
249 B
3
2

DNS Request

110.208.58.216.in-addr.arpa

DNS Request

110.208.58.216.in-addr.arpa

DNS Request

www.weebly.com

DNS Response

74.115.50.109

74.115.50.110
8.8.8.8:53

www.youtube.com

dns

61 B
239 B
1
1

DNS Request

www.youtube.com

DNS Response

216.58.208.110

142.250.179.142

142.251.36.46

172.217.168.238

142.250.179.174

142.250.179.206

142.251.36.14

142.251.39.110

172.217.23.206
8.8.8.8:53

googleads.g.doubleclick.net

dns

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.251.39.98
8.8.8.8:53

googleads.g.doubleclick.net

dns

73 B
98 B
1
1

DNS Request

googleads.g.doubleclick.net
142.251.39.98:443

googleads.g.doubleclick.net

https

4.6kB
9.0kB
25
30
8.8.8.8:53

static.doubleclick.net

dns

68 B
84 B
1
1

DNS Request

static.doubleclick.net

DNS Response

142.250.179.198
8.8.8.8:53

static.doubleclick.net

dns

68 B
128 B
1
1

DNS Request

static.doubleclick.net
8.8.8.8:53

jnn-pa.googleapis.com

dns

67 B
211 B
1
1

DNS Request

jnn-pa.googleapis.com

DNS Response

172.217.23.202

216.58.208.106

142.250.179.138

142.251.36.42

172.217.168.234

142.250.179.170

142.250.179.202

142.251.36.10

142.251.39.106
8.8.8.8:53

jnn-pa.googleapis.com

dns

67 B
124 B
1
1

DNS Request

jnn-pa.googleapis.com
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.179.196
8.8.8.8:53

www.google.com

dns

60 B
85 B
1
1

DNS Request

www.google.com
8.8.8.8:53

yt3.ggpht.com

dns

59 B
120 B
1
1

DNS Request

yt3.ggpht.com

DNS Response

142.250.179.193
8.8.8.8:53

yt3.ggpht.com

dns

59 B
161 B
1
1

DNS Request

yt3.ggpht.com
8.8.8.8:53

platform.twitter.com

dns

66 B
242 B
1
1

DNS Request

platform.twitter.com

DNS Response

192.229.233.25
142.250.179.196:443

www.google.com

https

3.9kB
28.5kB
17
26
142.250.179.182:443

i.ytimg.com

https

2.9kB
5.6kB
5
7
172.217.23.202:443

jnn-pa.googleapis.com

https

7.1kB
8.2kB
15
22
8.8.8.8:53

98.39.251.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

98.39.251.142.in-addr.arpa
8.8.8.8:53

198.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

198.179.250.142.in-addr.arpa
8.8.8.8:53

196.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.179.250.142.in-addr.arpa
8.8.8.8:53

202.23.217.172.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

202.23.217.172.in-addr.arpa
8.8.8.8:53

193.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

193.179.250.142.in-addr.arpa
8.8.8.8:53

3.214.58.216.in-addr.arpa

dns

71 B
152 B
1
1

DNS Request

3.214.58.216.in-addr.arpa
216.58.208.110:443

www.youtube.com

https

14.3kB
3.2kB
18
13
8.8.8.8:53

195.35.21.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

195.35.21.2.in-addr.arpa
224.0.0.251:5353

204 B
3
8.8.8.8:53

209.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

209.178.17.96.in-addr.arpa
8.8.8.8:53

88.156.103.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

88.156.103.20.in-addr.arpa
8.8.8.8:53

play.google.com

dns

61 B
1

DNS Request

play.google.com
8.8.8.8:53

play.google.com

dns

61 B
1

DNS Request

play.google.com
8.8.8.8:53

play.google.com

dns

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.251.39.110
8.8.8.8:53

play.google.com

dns

61 B
111 B
1
1

DNS Request

play.google.com
142.251.39.110:443

play.google.com

https

14.4kB
10.8kB
37
34
8.8.8.8:53

110.39.251.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

110.39.251.142.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

124 B
173 B
2
1

DNS Request

tse1.mm.bing.net

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

9.73.50.20.in-addr.arpa

dns

138 B
155 B
2
1

DNS Request

9.73.50.20.in-addr.arpa

DNS Request

9.73.50.20.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request