Overview
overview
7Static
static
3EOSSDK-Win...ng.dll
windows10-2004-x64
3OpenAL32.dll
windows10-2004-x64
1discord_game_sdk.dll
windows10-2004-x64
1nvmp/CrashRpt1403.dll
windows10-2004-x64
1nvmp/Crash...03.exe
windows10-2004-x64
1nvmp/client.dll
windows10-2004-x64
1nvmp/res/r...86.exe
windows10-2004-x64
7nvmp/steam_api.dll
windows10-2004-x64
1nvmp_launcher.exe
windows10-2004-x64
3nvmp_start.exe
windows10-2004-x64
1nvmp_storyserver.exe
windows10-2004-x64
1Analysis
-
max time kernel
232s -
max time network
203s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
20/04/2024, 10:07 UTC
Static task
static1
Behavioral task
behavioral1
Sample
EOSSDK-Win32-Shipping.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
OpenAL32.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
discord_game_sdk.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral4
Sample
nvmp/CrashRpt1403.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
nvmp/CrashSender1403.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral6
Sample
nvmp/client.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
nvmp/res/redist/vc_redist.x86.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral8
Sample
nvmp/steam_api.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
nvmp_launcher.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral10
Sample
nvmp_start.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral11
Sample
nvmp_storyserver.exe
Resource
win10v2004-20240412-en
General
-
Target
nvmp/CrashRpt1403.dll
-
Size
103KB
-
MD5
e1649511f335186d0cd89a382c44a0be
-
SHA1
882e28f6da65b97e85e28e4f2bce6f1fd4cb8f41
-
SHA256
a68d654461ee949442452872a0a750a01e9e13b3fc9201d3eb70c30cc027ab9e
-
SHA512
a01f4bc05f46e3e4310cdf1df526ba819a371dbcd2ba9bb2e7cbed6f2c0321634e24e8c84aab70c9267f5a26948accacbe10e3d62d3b7e8752fe90a76d6e7d6f
-
SSDEEP
3072:vx0HGSmCWR4j6XseOcF3VYSyP0OiESdr64i/Go:mmSmBwfeOQ3VYSc/G
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3624 wrote to memory of 4820 3624 rundll32.exe 86 PID 3624 wrote to memory of 4820 3624 rundll32.exe 86 PID 3624 wrote to memory of 4820 3624 rundll32.exe 86
Processes
Network
-
Remote address:8.8.8.8:53Requestg.bing.comIN AResponseg.bing.comIN CNAMEg-bing-com.dual-a-0034.a-msedge.netg-bing-com.dual-a-0034.a-msedge.netIN CNAMEdual-a-0034.a-msedge.netdual-a-0034.a-msedge.netIN A204.79.197.237dual-a-0034.a-msedge.netIN A13.107.21.237
-
GEThttps://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid=Remote address:204.79.197.237:443RequestGET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=23F5E560F13B64AC3657F107F0DB6501; domain=.bing.com; expires=Thu, 15-May-2025 10:08:37 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56C5127E85314C15BB3A2A4E3ECF5760 Ref B: LON04EDGE1006 Ref C: 2024-04-20T10:08:37Z
date: Sat, 20 Apr 2024 10:08:37 GMT
-
GEThttps://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid=Remote address:204.79.197.237:443RequestGET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=23F5E560F13B64AC3657F107F0DB6501
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=lPCyRlGiKA9WurIN3asVsZgljIDn-ub0bAN-KJgX6RE; domain=.bing.com; expires=Thu, 15-May-2025 10:08:38 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5AD8520DA9C645A88F2FE3A2EAB3B710 Ref B: LON04EDGE1006 Ref C: 2024-04-20T10:08:38Z
date: Sat, 20 Apr 2024 10:08:37 GMT
-
GEThttps://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid=Remote address:204.79.197.237:443RequestGET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=23F5E560F13B64AC3657F107F0DB6501; MSPTC=lPCyRlGiKA9WurIN3asVsZgljIDn-ub0bAN-KJgX6RE
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7CC8C10023DE40708D4EC20722399B10 Ref B: LON04EDGE1006 Ref C: 2024-04-20T10:08:38Z
date: Sat, 20 Apr 2024 10:08:37 GMT
-
Remote address:8.8.8.8:53Request237.197.79.204.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request13.86.106.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request68.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request82.90.14.23.in-addr.arpaIN PTRResponse82.90.14.23.in-addr.arpaIN PTRa23-14-90-82deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request241.154.82.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request55.36.223.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request198.32.209.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request21.114.53.23.in-addr.arpaIN PTRResponse21.114.53.23.in-addr.arpaIN PTRa23-53-114-21deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request217.106.137.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request133.211.185.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request133.211.185.52.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request157.123.68.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request24.139.73.23.in-addr.arpaIN PTRResponse24.139.73.23.in-addr.arpaIN PTRa23-73-139-24deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request91.90.14.23.in-addr.arpaIN PTRResponse91.90.14.23.in-addr.arpaIN PTRa23-14-90-91deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request91.90.14.23.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request48.251.17.2.in-addr.arpaIN PTRResponse48.251.17.2.in-addr.arpaIN PTRa2-17-251-48deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request48.251.17.2.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request22.236.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request22.236.111.52.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request22.236.111.52.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN AResponsetse1.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 394521
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0EE6F47D35634F74AE76EE8811A55912 Ref B: LON04EDGE0914 Ref C: 2024-04-20T10:10:25Z
date: Sat, 20 Apr 2024 10:10:25 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 442324
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 55C8BF90E1D1404082C9D8C74A1CA920 Ref B: LON04EDGE0914 Ref C: 2024-04-20T10:10:25Z
date: Sat, 20 Apr 2024 10:10:25 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239378442835_1ZLRYPXP1GNDT72JI&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239378442835_1ZLRYPXP1GNDT72JI&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 507046
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D67BA343D446404D97A1992091E88B00 Ref B: LON04EDGE0914 Ref C: 2024-04-20T10:10:25Z
date: Sat, 20 Apr 2024 10:10:25 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239378442834_1L4ATKO11ZEHKLIV9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239378442834_1L4ATKO11ZEHKLIV9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 606417
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4F98C44C1454FB8A3753E11973F36AB Ref B: LON04EDGE0914 Ref C: 2024-04-20T10:10:31Z
date: Sat, 20 Apr 2024 10:10:31 GMT
-
Remote address:8.8.8.8:53Request88.156.103.20.in-addr.arpaIN PTRResponse
-
204.79.197.237:443https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid=tls, http22.3kB 9.3kB 23 19
HTTP Request
GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid=HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid=HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=ace15a9e8a294a01b6f70718b74cf443&localId=w:FEA8F19F-01BE-DA76-49B1-72C0C15A5E1B&deviceId=6825832441142904&anid=HTTP Response
204 -
204.79.197.200:443https://tse1.mm.bing.net/th?id=OADD2.10239378442834_1L4ATKO11ZEHKLIV9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90tls, http272.4kB 2.1MB 1513 1509
HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Response
200HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239378442835_1ZLRYPXP1GNDT72JI&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Response
200HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239378442834_1L4ATKO11ZEHKLIV9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Response
200HTTP Response
200 -
1.4kB 8.1kB 17 14
-
1.4kB 8.1kB 17 14
-
803 B 140 B 6 3
-
56 B 151 B 1 1
DNS Request
g.bing.com
DNS Response
204.79.197.23713.107.21.237
-
73 B 143 B 1 1
DNS Request
237.197.79.204.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
13.86.106.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
68.32.126.40.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
82.90.14.23.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
241.154.82.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
55.36.223.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
198.32.209.4.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
21.114.53.23.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
217.106.137.52.in-addr.arpa
-
146 B 147 B 2 1
DNS Request
133.211.185.52.in-addr.arpa
DNS Request
133.211.185.52.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
157.123.68.40.in-addr.arpa
-
140 B 144 B 2 1
DNS Request
18.31.95.13.in-addr.arpa
DNS Request
18.31.95.13.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
24.139.73.23.in-addr.arpa
-
140 B 133 B 2 1
DNS Request
91.90.14.23.in-addr.arpa
DNS Request
91.90.14.23.in-addr.arpa
-
140 B 133 B 2 1
DNS Request
48.251.17.2.in-addr.arpa
DNS Request
48.251.17.2.in-addr.arpa
-
216 B 158 B 3 1
DNS Request
22.236.111.52.in-addr.arpa
DNS Request
22.236.111.52.in-addr.arpa
DNS Request
22.236.111.52.in-addr.arpa
-
62 B 173 B 1 1
DNS Request
tse1.mm.bing.net
DNS Response
204.79.197.20013.107.21.200
-
72 B 158 B 1 1
DNS Request
88.156.103.20.in-addr.arpa