Analysis

  • max time kernel
    156s
  • max time network
    181s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/03/2024, 20:30 UTC

General

  • Target

    lua/http/js/ui.js

  • Size

    3KB

  • MD5

    662f2ea91dd90c577ddbeb14074c4a0a

  • SHA1

    3783282d9ac213fc767dc43155d158af0a5f9085

  • SHA256

    b1a990a068123eb73baf4e7fd5f959dd96fc8fd2093f564da456745ea534f46c

  • SHA512

    31ec9ca76fe5b6ab01b77cda5c1da7208bf54d81359b757b91c83969b3c0f453273a357ac83cbe6a16cdaa2466d17e84e906218845fcb092d760399f6a391570

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\lua\http\js\ui.js
    1⤵
      PID:3712
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4352 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:2816

      Network

      • flag-us
        DNS
        138.32.126.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        138.32.126.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        240.221.184.93.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        240.221.184.93.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        241.154.82.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        241.154.82.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        69.31.126.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        69.31.126.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        g.bing.com
        Remote address:
        8.8.8.8:53
        Request
        g.bing.com
        IN A
        Response
        g.bing.com
        IN CNAME
        g-bing-com.a-0001.a-msedge.net
        g-bing-com.a-0001.a-msedge.net
        IN CNAME
        dual-a-0001.a-msedge.net
        dual-a-0001.a-msedge.net
        IN A
        204.79.197.200
        dual-a-0001.a-msedge.net
        IN A
        13.107.21.200
      • flag-us
        GET
        https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=
        Remote address:
        204.79.197.200:443
        Request
        GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid= HTTP/2.0
        host: g.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        Response
        HTTP/2.0 204
        cache-control: no-cache, must-revalidate
        pragma: no-cache
        expires: Fri, 01 Jan 1990 00:00:00 GMT
        set-cookie: MUID=180ADBEAD87A69B21A58CFAAD9C1680B; domain=.bing.com; expires=Sun, 06-Apr-2025 20:33:19 GMT; path=/; SameSite=None; Secure; Priority=High;
        strict-transport-security: max-age=31536000; includeSubDomains; preload
        access-control-allow-origin: *
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: A6161E7EA8B04E789FB45DA78910EDBB Ref B: LON04EDGE0906 Ref C: 2024-03-12T20:33:19Z
        date: Tue, 12 Mar 2024 20:33:19 GMT
      • flag-us
        GET
        https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=
        Remote address:
        204.79.197.200:443
        Request
        GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid= HTTP/2.0
        host: g.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        cookie: MUID=180ADBEAD87A69B21A58CFAAD9C1680B
        Response
        HTTP/2.0 204
        cache-control: no-cache, must-revalidate
        pragma: no-cache
        expires: Fri, 01 Jan 1990 00:00:00 GMT
        set-cookie: MSPTC=c3zcAPI934cVufsZSeTvp8dVpcLVnXXBtEX8kXBOA9o; domain=.bing.com; expires=Sun, 06-Apr-2025 20:33:19 GMT; path=/; Partitioned; secure; SameSite=None
        strict-transport-security: max-age=31536000; includeSubDomains; preload
        access-control-allow-origin: *
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 94720BF1612F4550A96BF8D6C8BF955C Ref B: LON04EDGE0906 Ref C: 2024-03-12T20:33:19Z
        date: Tue, 12 Mar 2024 20:33:19 GMT
      • flag-us
        GET
        https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=
        Remote address:
        204.79.197.200:443
        Request
        GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid= HTTP/2.0
        host: g.bing.com
        accept-encoding: gzip, deflate
        user-agent: WindowsShellClient/9.0.40929.0 (Windows)
        cookie: MUID=180ADBEAD87A69B21A58CFAAD9C1680B; MSPTC=c3zcAPI934cVufsZSeTvp8dVpcLVnXXBtEX8kXBOA9o
        Response
        HTTP/2.0 204
        cache-control: no-cache, must-revalidate
        pragma: no-cache
        expires: Fri, 01 Jan 1990 00:00:00 GMT
        strict-transport-security: max-age=31536000; includeSubDomains; preload
        access-control-allow-origin: *
        x-cache: CONFIG_NOCACHE
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 2107713DB55E4274A42CD0D5939EEE14 Ref B: LON04EDGE0906 Ref C: 2024-03-12T20:33:19Z
        date: Tue, 12 Mar 2024 20:33:19 GMT
      • flag-us
        DNS
        200.197.79.204.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        200.197.79.204.in-addr.arpa
        IN PTR
        Response
        200.197.79.204.in-addr.arpa
        IN PTR
        a-0001a-msedgenet
      • flag-us
        DNS
        25.63.96.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        25.63.96.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        26.35.223.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        26.35.223.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        41.110.16.96.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        41.110.16.96.in-addr.arpa
        IN PTR
        Response
        41.110.16.96.in-addr.arpa
        IN PTR
        a96-16-110-41deploystaticakamaitechnologiescom
      • flag-us
        DNS
        41.110.16.96.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        41.110.16.96.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        157.123.68.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        157.123.68.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        157.123.68.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        157.123.68.40.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        58.55.71.13.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        58.55.71.13.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        206.23.85.13.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        206.23.85.13.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        23.160.77.104.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        23.160.77.104.in-addr.arpa
        IN PTR
        Response
        23.160.77.104.in-addr.arpa
        IN PTR
        a104-77-160-23deploystaticakamaitechnologiescom
      • flag-us
        DNS
        23.160.77.104.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        23.160.77.104.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        23.160.77.104.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        23.160.77.104.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        28.118.140.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        28.118.140.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        158.240.127.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        158.240.127.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        133.211.185.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        133.211.185.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        133.211.185.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        133.211.185.52.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        chromewebstore.googleapis.com
        Remote address:
        8.8.8.8:53
        Request
        chromewebstore.googleapis.com
        IN A
      • flag-us
        DNS
        chromewebstore.googleapis.com
        Remote address:
        8.8.8.8:53
        Request
        chromewebstore.googleapis.com
        IN Unknown
      • flag-us
        DNS
        chromewebstore.googleapis.com
        Remote address:
        8.8.8.8:53
        Request
        chromewebstore.googleapis.com
        IN A
        Response
        chromewebstore.googleapis.com
        IN A
        142.251.39.106
        chromewebstore.googleapis.com
        IN A
        172.217.168.202
        chromewebstore.googleapis.com
        IN A
        172.217.23.202
        chromewebstore.googleapis.com
        IN A
        216.58.208.106
        chromewebstore.googleapis.com
        IN A
        142.250.179.138
        chromewebstore.googleapis.com
        IN A
        142.251.36.42
        chromewebstore.googleapis.com
        IN A
        142.250.179.170
        chromewebstore.googleapis.com
        IN A
        142.250.179.202
        chromewebstore.googleapis.com
        IN A
        142.251.36.10
      • flag-us
        DNS
        chromewebstore.googleapis.com
        Remote address:
        8.8.8.8:53
        Request
        chromewebstore.googleapis.com
        IN Unknown
        Response
      • flag-us
        DNS
        106.39.251.142.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        106.39.251.142.in-addr.arpa
        IN PTR
        Response
        106.39.251.142.in-addr.arpa
        IN PTR
        ams15s48-in-f101e100net
      • flag-us
        DNS
        30.243.111.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        30.243.111.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        43.58.199.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        43.58.199.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        tse1.mm.bing.net
        Remote address:
        8.8.8.8:53
        Request
        tse1.mm.bing.net
        IN A
        Response
        tse1.mm.bing.net
        IN CNAME
        mm-mm.bing.net.trafficmanager.net
        mm-mm.bing.net.trafficmanager.net
        IN CNAME
        dual-a-0001.a-msedge.net
        dual-a-0001.a-msedge.net
        IN A
        204.79.197.200
        dual-a-0001.a-msedge.net
        IN A
        13.107.21.200
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239317301061_198BRK9UD0M5A9F9K&pid=21.2&w=1920&h=1080&c=4
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239317301061_198BRK9UD0M5A9F9K&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 261200
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 677239DEF2064F14980DEAB959BAB4DA Ref B: LON04EDGE1120 Ref C: 2024-03-12T20:35:07Z
        date: Tue, 12 Mar 2024 20:35:06 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239317301494_1H867DXM62U58USJP&pid=21.2&w=1080&h=1920&c=4
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239317301494_1H867DXM62U58USJP&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 338214
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: ED7FF0B45EAB4F7FAD7D43E56AAEDB3C Ref B: LON04EDGE1120 Ref C: 2024-03-12T20:35:07Z
        date: Tue, 12 Mar 2024 20:35:06 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239317301324_1SLSYLL5I5UMQR5DX&pid=21.2&w=1920&h=1080&c=4
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239317301324_1SLSYLL5I5UMQR5DX&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 314274
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 023EED55890C4CA69B5E686DF56EE0D4 Ref B: LON04EDGE1120 Ref C: 2024-03-12T20:35:07Z
        date: Tue, 12 Mar 2024 20:35:06 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239339388226_1MEO3672GYCIY8OR6&pid=21.2&w=1920&h=1080&c=4
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239339388226_1MEO3672GYCIY8OR6&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 435309
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: C91921D2F6824085842439DEAC1619C5 Ref B: LON04EDGE1120 Ref C: 2024-03-12T20:35:07Z
        date: Tue, 12 Mar 2024 20:35:06 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239339388227_12445L34APGOUOAUP&pid=21.2&w=1080&h=1920&c=4
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239339388227_12445L34APGOUOAUP&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 451990
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: 758D0AD725AE4EC99DDB39CAB5E08792 Ref B: LON04EDGE1120 Ref C: 2024-03-12T20:35:07Z
        date: Tue, 12 Mar 2024 20:35:07 GMT
      • flag-us
        GET
        https://tse1.mm.bing.net/th?id=OADD2.10239317301733_19PD903XZK3PU2L7I&pid=21.2&w=1080&h=1920&c=4
        Remote address:
        204.79.197.200:443
        Request
        GET /th?id=OADD2.10239317301733_19PD903XZK3PU2L7I&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
        host: tse1.mm.bing.net
        accept: */*
        accept-encoding: gzip, deflate, br
        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
        Response
        HTTP/2.0 200
        cache-control: public, max-age=2592000
        content-length: 322267
        content-type: image/jpeg
        x-cache: TCP_HIT
        access-control-allow-origin: *
        access-control-allow-headers: *
        access-control-allow-methods: GET, POST, OPTIONS
        timing-allow-origin: *
        report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
        nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
        accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
        x-msedge-ref: Ref A: C6D174D6EE74422681C5815AAEBD09FE Ref B: LON04EDGE1120 Ref C: 2024-03-12T20:35:10Z
        date: Tue, 12 Mar 2024 20:35:09 GMT
      • flag-us
        DNS
        18.173.189.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        18.173.189.20.in-addr.arpa
        IN PTR
        Response
      • 20.231.121.79:80
        46 B
        1
      • 204.79.197.200:443
        https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=
        tls, http2
        2.1kB
        10.6kB
        23
        20

        HTTP Request

        GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

        HTTP Response

        204

        HTTP Request

        GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

        HTTP Response

        204

        HTTP Request

        GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

        HTTP Response

        204
      • 142.251.39.106:443
        chromewebstore.googleapis.com
        tls
        3.0kB
        8.0kB
        21
        17
      • 204.79.197.200:443
        tse1.mm.bing.net
        tls, http2
        1.6kB
        10.9kB
        20
        15
      • 204.79.197.200:443
        https://tse1.mm.bing.net/th?id=OADD2.10239317301733_19PD903XZK3PU2L7I&pid=21.2&w=1080&h=1920&c=4
        tls, http2
        83.3kB
        2.2MB
        1621
        1612

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239317301061_198BRK9UD0M5A9F9K&pid=21.2&w=1920&h=1080&c=4

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239317301494_1H867DXM62U58USJP&pid=21.2&w=1080&h=1920&c=4

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239317301324_1SLSYLL5I5UMQR5DX&pid=21.2&w=1920&h=1080&c=4

        HTTP Response

        200

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239339388226_1MEO3672GYCIY8OR6&pid=21.2&w=1920&h=1080&c=4

        HTTP Response

        200

        HTTP Response

        200

        HTTP Response

        200

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239339388227_12445L34APGOUOAUP&pid=21.2&w=1080&h=1920&c=4

        HTTP Response

        200

        HTTP Request

        GET https://tse1.mm.bing.net/th?id=OADD2.10239317301733_19PD903XZK3PU2L7I&pid=21.2&w=1080&h=1920&c=4

        HTTP Response

        200
      • 204.79.197.200:443
        tse1.mm.bing.net
        tls, http2
        1.2kB
        8.1kB
        16
        14
      • 204.79.197.200:443
        tse1.mm.bing.net
        tls, http2
        1.5kB
        8.2kB
        18
        15
      • 204.79.197.200:443
        tse1.mm.bing.net
        tls, http2
        2.0kB
        9.5kB
        20
        14
      • 8.8.8.8:53
        138.32.126.40.in-addr.arpa
        dns
        72 B
        158 B
        1
        1

        DNS Request

        138.32.126.40.in-addr.arpa

      • 8.8.8.8:53
        240.221.184.93.in-addr.arpa
        dns
        73 B
        144 B
        1
        1

        DNS Request

        240.221.184.93.in-addr.arpa

      • 8.8.8.8:53
        95.221.229.192.in-addr.arpa
        dns
        73 B
        144 B
        1
        1

        DNS Request

        95.221.229.192.in-addr.arpa

      • 8.8.8.8:53
        241.154.82.20.in-addr.arpa
        dns
        72 B
        158 B
        1
        1

        DNS Request

        241.154.82.20.in-addr.arpa

      • 8.8.8.8:53
        69.31.126.40.in-addr.arpa
        dns
        71 B
        157 B
        1
        1

        DNS Request

        69.31.126.40.in-addr.arpa

      • 8.8.8.8:53
        g.bing.com
        dns
        56 B
        158 B
        1
        1

        DNS Request

        g.bing.com

        DNS Response

        204.79.197.200
        13.107.21.200

      • 8.8.8.8:53
        200.197.79.204.in-addr.arpa
        dns
        73 B
        106 B
        1
        1

        DNS Request

        200.197.79.204.in-addr.arpa

      • 8.8.8.8:53
        25.63.96.20.in-addr.arpa
        dns
        70 B
        156 B
        1
        1

        DNS Request

        25.63.96.20.in-addr.arpa

      • 8.8.8.8:53
        26.35.223.20.in-addr.arpa
        dns
        71 B
        157 B
        1
        1

        DNS Request

        26.35.223.20.in-addr.arpa

      • 8.8.8.8:53
        157.123.68.40.in-addr.arpa
        dns
        144 B
        146 B
        2
        1

        DNS Request

        157.123.68.40.in-addr.arpa

        DNS Request

        157.123.68.40.in-addr.arpa

      • 8.8.8.8:53
        41.110.16.96.in-addr.arpa
        dns
        142 B
        135 B
        2
        1

        DNS Request

        41.110.16.96.in-addr.arpa

        DNS Request

        41.110.16.96.in-addr.arpa

      • 8.8.8.8:53
        58.55.71.13.in-addr.arpa
        dns
        70 B
        144 B
        1
        1

        DNS Request

        58.55.71.13.in-addr.arpa

      • 8.8.8.8:53
        206.23.85.13.in-addr.arpa
        dns
        71 B
        145 B
        1
        1

        DNS Request

        206.23.85.13.in-addr.arpa

      • 8.8.8.8:53
        23.160.77.104.in-addr.arpa
        dns
        216 B
        137 B
        3
        1

        DNS Request

        23.160.77.104.in-addr.arpa

        DNS Request

        23.160.77.104.in-addr.arpa

        DNS Request

        23.160.77.104.in-addr.arpa

      • 8.8.8.8:53
        28.118.140.52.in-addr.arpa
        dns
        72 B
        158 B
        1
        1

        DNS Request

        28.118.140.52.in-addr.arpa

      • 8.8.8.8:53
        158.240.127.40.in-addr.arpa
        dns
        73 B
        147 B
        1
        1

        DNS Request

        158.240.127.40.in-addr.arpa

      • 8.8.8.8:53
        133.211.185.52.in-addr.arpa
        dns
        146 B
        147 B
        2
        1

        DNS Request

        133.211.185.52.in-addr.arpa

        DNS Request

        133.211.185.52.in-addr.arpa

      • 8.8.8.8:53
        chromewebstore.googleapis.com
        dns
        75 B
        1

        DNS Request

        chromewebstore.googleapis.com

      • 8.8.8.8:53
        chromewebstore.googleapis.com
        dns
        75 B
        1

        DNS Request

        chromewebstore.googleapis.com

      • 8.8.8.8:53
        chromewebstore.googleapis.com
        dns
        75 B
        219 B
        1
        1

        DNS Request

        chromewebstore.googleapis.com

        DNS Response

        142.251.39.106
        172.217.168.202
        172.217.23.202
        216.58.208.106
        142.250.179.138
        142.251.36.42
        142.250.179.170
        142.250.179.202
        142.251.36.10

      • 8.8.8.8:53
        chromewebstore.googleapis.com
        dns
        75 B
        132 B
        1
        1

        DNS Request

        chromewebstore.googleapis.com

      • 8.8.8.8:53
        106.39.251.142.in-addr.arpa
        dns
        73 B
        112 B
        1
        1

        DNS Request

        106.39.251.142.in-addr.arpa

      • 8.8.8.8:53
        30.243.111.52.in-addr.arpa
        dns
        72 B
        158 B
        1
        1

        DNS Request

        30.243.111.52.in-addr.arpa

      • 8.8.8.8:53
        43.58.199.20.in-addr.arpa
        dns
        71 B
        157 B
        1
        1

        DNS Request

        43.58.199.20.in-addr.arpa

      • 8.8.8.8:53
        tse1.mm.bing.net
        dns
        62 B
        173 B
        1
        1

        DNS Request

        tse1.mm.bing.net

        DNS Response

        204.79.197.200
        13.107.21.200

      • 8.8.8.8:53
        18.173.189.20.in-addr.arpa
        dns
        72 B
        158 B
        1
        1

        DNS Request

        18.173.189.20.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.