Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

10aac44329...8.html

windows7-x64

1

10aac44329...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/05/2024, 13:45 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    10aac44329971e17eab50a05187d2601_JaffaCakes118.html

  • Size

    26KB

  • MD5

    10aac44329971e17eab50a05187d2601

  • SHA1

    25fa933ac06e87d56d85e77f802ff7de29300045

  • SHA256

    adb096b6cdaeb33675ab0634f7a3d18b3c3b025591d01c6fc949365f6f7885c8

  • SHA512

    c5c02b5cb171fddba27066fe2f795255f8d8dfacd2b48387cff12eadeb8663ad5f57d99bb078d259c1d32ec5f5c3f07ce3f76ea06ff554aaf01903ea8bf6ac10

  • SSDEEP

    768:CjBKkZE3wn7cZTCRFILSF0C2/zZC/xvCLHbR:Cj/LcZWRFMc0C2/zZC/xvCLHbR

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\10aac44329971e17eab50a05187d2601_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1764
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff371246f8,0x7fff37124708,0x7fff37124718
      2⤵
        PID:400
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1996,5877953995756162692,3683761653093768304,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
        2⤵
          PID:3040
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1996,5877953995756162692,3683761653093768304,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4028
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1996,5877953995756162692,3683761653093768304,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2628 /prefetch:8
          2⤵
            PID:3060
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5877953995756162692,3683761653093768304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
            2⤵
              PID:632
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5877953995756162692,3683761653093768304,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
              2⤵
                PID:4428
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1996,5877953995756162692,3683761653093768304,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3472 /prefetch:2
                2⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:4896
            • C:\Windows\System32\CompPkgSrv.exe
              C:\Windows\System32\CompPkgSrv.exe -Embedding
              1⤵
                PID:1096
              • C:\Windows\System32\CompPkgSrv.exe
                C:\Windows\System32\CompPkgSrv.exe -Embedding
                1⤵
                  PID:528

                Network

                • flag-us
                  DNS
                  s.w.org
                  msedge.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  s.w.org
                  IN A
                  Response
                  s.w.org
                  IN A
                  192.0.77.48
                • flag-us
                  DNS
                  www.bal-do.com
                  msedge.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  www.bal-do.com
                  IN A
                  Response
                  www.bal-do.com
                  IN A
                  217.160.0.152
                • flag-us
                  DNS
                  www.bal-do.com
                  msedge.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  www.bal-do.com
                  IN A
                • flag-us
                  DNS
                  8.8.8.8.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  8.8.8.8.in-addr.arpa
                  IN PTR
                  Response
                  8.8.8.8.in-addr.arpa
                  IN PTR
                  dnsgoogle
                • flag-us
                  DNS
                  14.160.190.20.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  14.160.190.20.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  79.190.18.2.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  79.190.18.2.in-addr.arpa
                  IN PTR
                  Response
                  79.190.18.2.in-addr.arpa
                  IN PTR
                  a2-18-190-79deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  g.bing.com
                  Remote address:
                  8.8.8.8:53
                  Request
                  g.bing.com
                  IN A
                  Response
                  g.bing.com
                  IN CNAME
                  g-bing-com.dual-a-0034.a-msedge.net
                  g-bing-com.dual-a-0034.a-msedge.net
                  IN CNAME
                  dual-a-0034.a-msedge.net
                  dual-a-0034.a-msedge.net
                  IN A
                  204.79.197.237
                  dual-a-0034.a-msedge.net
                  IN A
                  13.107.21.237
                • flag-us
                  DNS
                  g.bing.com
                  Remote address:
                  8.8.8.8:53
                  Request
                  g.bing.com
                  IN A
                • flag-de
                  GET
                  https://www.bal-do.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.5.1
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.5.1 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 200
                  content-type: text/css
                  content-length: 1101
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  last-modified: Thu, 21 Mar 2024 08:56:42 GMT
                  etag: "b4e-61427e2dd9609-gzip"
                  accept-ranges: bytes
                  cache-control: max-age=2419200
                  expires: Fri, 31 May 2024 13:45:56 GMT
                  vary: Accept-Encoding
                  content-encoding: gzip
                • flag-de
                  GET
                  https://www.bal-do.com/wp-content/themes/foodeez-lite/style.css?ver=4.6.19
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/style.css?ver=4.6.19 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 200
                  content-type: text/javascript
                  content-length: 5348
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  last-modified: Tue, 08 Aug 2023 20:57:03 GMT
                  etag: "3509-6026f9ade5fd1-gzip"
                  accept-ranges: bytes
                  cache-control: max-age=2419200
                  expires: Fri, 31 May 2024 13:45:56 GMT
                  vary: Accept-Encoding
                  content-encoding: gzip
                • flag-de
                  GET
                  https://www.bal-do.com/wp-content/themes/foodeez-lite/css/skt-animation.css?ver=1.0.5
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/css/skt-animation.css?ver=1.0.5 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 200
                  content-type: text/javascript
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  last-modified: Tue, 07 Nov 2023 21:03:24 GMT
                  etag: "45a96-609964d2565df-gzip"
                  accept-ranges: bytes
                  cache-control: max-age=2419200
                  expires: Fri, 31 May 2024 13:45:56 GMT
                  vary: Accept-Encoding
                  content-encoding: gzip
                • flag-de
                  GET
                  https://www.bal-do.com/wp-content/themes/foodeez-lite/css/font-awesome.css?ver=1.0.5
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/css/font-awesome.css?ver=1.0.5 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 301
                  content-type: text/html; charset=UTF-8
                  location: https://bal-do.com/wp-content/themes/foodeez-lite/style.css?ver=4.6.19
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  x-powered-by: PHP/8.1.28
                  expires: Fri, 03 May 2024 14:45:56 GMT
                  cache-control: max-age=3600
                  x-redirect-by: WordPress
                • flag-de
                  GET
                  https://www.bal-do.com/wp-content/themes/foodeez-lite/css/superfish.css?ver=1.0.5
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/css/superfish.css?ver=1.0.5 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 301
                  content-type: text/html; charset=UTF-8
                  location: https://bal-do.com/wp-content/themes/foodeez-lite/css/superfish.css?ver=1.0.5
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  x-powered-by: PHP/8.1.28
                  expires: Fri, 03 May 2024 14:45:56 GMT
                  cache-control: max-age=3600
                  x-redirect-by: WordPress
                • flag-de
                  GET
                  https://www.bal-do.com/wp-content/themes/foodeez-lite/css/bootstrap-responsive.css?ver=1.0.5
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/css/bootstrap-responsive.css?ver=1.0.5 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 301
                  content-type: text/html; charset=UTF-8
                  location: https://bal-do.com/wp-content/themes/foodeez-lite/css/font-awesome.css?ver=1.0.5
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  x-powered-by: PHP/8.1.28
                  expires: Fri, 03 May 2024 14:45:56 GMT
                  cache-control: max-age=3600
                  x-redirect-by: WordPress
                • flag-de
                  GET
                  https://www.bal-do.com/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.7.min.css?ver=1.5.7
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.7.min.css?ver=1.5.7 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 301
                  content-type: text/html; charset=UTF-8
                  location: https://bal-do.com/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.7.min.css?ver=1.5.7
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  x-powered-by: PHP/8.1.28
                  expires: Fri, 03 May 2024 14:45:56 GMT
                  cache-control: max-age=3600
                  x-redirect-by: WordPress
                • flag-de
                  GET
                  https://www.bal-do.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: */*
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: script
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 301
                  content-type: text/html; charset=UTF-8
                  location: https://bal-do.com/wp-content/themes/foodeez-lite/css/skt-animation.css?ver=1.0.5
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  x-powered-by: PHP/8.1.28
                  expires: Fri, 03 May 2024 14:45:56 GMT
                  cache-control: max-age=3600
                  x-redirect-by: WordPress
                • flag-de
                  GET
                  https://www.bal-do.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: */*
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: script
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 301
                  content-type: text/html; charset=UTF-8
                  location: https://bal-do.com/wp-content/themes/foodeez-lite/css/bootstrap-responsive.css?ver=1.0.5
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  x-powered-by: PHP/8.1.28
                  expires: Fri, 03 May 2024 14:45:56 GMT
                  cache-control: max-age=3600
                  x-redirect-by: WordPress
                • flag-de
                  GET
                  https://www.bal-do.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/2.0
                  host: www.bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: */*
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: script
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                  Response
                  HTTP/2.0 404
                  content-type: text/html; charset=UTF-8
                  date: Fri, 03 May 2024 13:45:56 GMT
                  server: Apache
                  x-powered-by: PHP/8.1.28
                  expires: Wed, 11 Jan 1984 05:00:00 GMT
                  cache-control: no-cache, must-revalidate, max-age=0
                  link: <https://bal-do.com/wp-json/>; rel="https://api.w.org/"
                  content-encoding: gzip
                • flag-de
                  GET
                  https://bal-do.com/wp-content/themes/foodeez-lite/css/skt-animation.css?ver=1.0.5
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/css/skt-animation.css?ver=1.0.5 HTTP/2.0
                  host: bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                • flag-de
                  GET
                  https://bal-do.com/wp-content/themes/foodeez-lite/css/bootstrap-responsive.css?ver=1.0.5
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/css/bootstrap-responsive.css?ver=1.0.5 HTTP/2.0
                  host: bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                • flag-de
                  GET
                  https://bal-do.com/wp-content/themes/foodeez-lite/css/superfish.css?ver=1.0.5
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/css/superfish.css?ver=1.0.5 HTTP/2.0
                  host: bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                • flag-de
                  GET
                  https://bal-do.com/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.7.min.css?ver=1.5.7
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.7.min.css?ver=1.5.7 HTTP/2.0
                  host: bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                • flag-de
                  GET
                  https://bal-do.com/wp-content/themes/foodeez-lite/css/font-awesome.css?ver=1.0.5
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/css/font-awesome.css?ver=1.0.5 HTTP/2.0
                  host: bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                • flag-de
                  GET
                  https://bal-do.com/wp-content/themes/foodeez-lite/style.css?ver=4.6.19
                  msedge.exe
                  Remote address:
                  217.160.0.152:443
                  Request
                  GET /wp-content/themes/foodeez-lite/style.css?ver=4.6.19 HTTP/2.0
                  host: bal-do.com
                  sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                  dnt: 1
                  sec-ch-ua-mobile: ?0
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                  accept: text/css,*/*;q=0.1
                  sec-fetch-site: cross-site
                  sec-fetch-mode: no-cors
                  sec-fetch-dest: style
                  accept-encoding: gzip, deflate, br
                  accept-language: en-US,en;q=0.9
                • flag-us
                  DNS
                  95.221.229.192.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  95.221.229.192.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  bal-do.com
                  msedge.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  bal-do.com
                  IN A
                  Response
                  bal-do.com
                  IN A
                  217.160.0.152
                • flag-us
                  GET
                  https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8dC7FF0SBiDovPFPJkfSUfTVUCUzdvs-IoynTk1IaafvLZChWN9snYPs0I3r8-9ti7AyNKSHhWIGMDxY9uiSwa8h2ad_4DmedjMF-uHCemq-l8a9EOak0ORqk3n1DbFDzq8TGJHzB8ywF1eprsI4kvOBkVyHn8jy7evHswSsbfstVVH6E%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D99aeec4315351d0e05a08a68b967418e&TIME=20240426T133054Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4
                  Remote address:
                  204.79.197.237:443
                  Request
                  GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8dC7FF0SBiDovPFPJkfSUfTVUCUzdvs-IoynTk1IaafvLZChWN9snYPs0I3r8-9ti7AyNKSHhWIGMDxY9uiSwa8h2ad_4DmedjMF-uHCemq-l8a9EOak0ORqk3n1DbFDzq8TGJHzB8ywF1eprsI4kvOBkVyHn8jy7evHswSsbfstVVH6E%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D99aeec4315351d0e05a08a68b967418e&TIME=20240426T133054Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4 HTTP/2.0
                  host: g.bing.com
                  accept-encoding: gzip, deflate
                  user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                  Response
                  HTTP/2.0 204
                  cache-control: no-cache, must-revalidate
                  pragma: no-cache
                  expires: Fri, 01 Jan 1990 00:00:00 GMT
                  set-cookie: MUID=369F20AE2AA46C9333A634DA2B446D8B; domain=.bing.com; expires=Wed, 28-May-2025 13:45:56 GMT; path=/; SameSite=None; Secure; Priority=High;
                  strict-transport-security: max-age=31536000; includeSubDomains; preload
                  access-control-allow-origin: *
                  x-cache: CONFIG_NOCACHE
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 1311805EC627444DACF8EB50D8F2B8D3 Ref B: LON04EDGE1106 Ref C: 2024-05-03T13:45:56Z
                  date: Fri, 03 May 2024 13:45:55 GMT
                • flag-us
                  GET
                  https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8dC7FF0SBiDovPFPJkfSUfTVUCUzdvs-IoynTk1IaafvLZChWN9snYPs0I3r8-9ti7AyNKSHhWIGMDxY9uiSwa8h2ad_4DmedjMF-uHCemq-l8a9EOak0ORqk3n1DbFDzq8TGJHzB8ywF1eprsI4kvOBkVyHn8jy7evHswSsbfstVVH6E%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D99aeec4315351d0e05a08a68b967418e&TIME=20240426T133054Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4
                  Remote address:
                  204.79.197.237:443
                  Request
                  GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8dC7FF0SBiDovPFPJkfSUfTVUCUzdvs-IoynTk1IaafvLZChWN9snYPs0I3r8-9ti7AyNKSHhWIGMDxY9uiSwa8h2ad_4DmedjMF-uHCemq-l8a9EOak0ORqk3n1DbFDzq8TGJHzB8ywF1eprsI4kvOBkVyHn8jy7evHswSsbfstVVH6E%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D99aeec4315351d0e05a08a68b967418e&TIME=20240426T133054Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4 HTTP/2.0
                  host: g.bing.com
                  accept-encoding: gzip, deflate
                  user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                  cookie: MUID=369F20AE2AA46C9333A634DA2B446D8B; _EDGE_S=SID=121DFC64B3DA6AFE0805E810B2A36B47
                  Response
                  HTTP/2.0 204
                  cache-control: no-cache, must-revalidate
                  pragma: no-cache
                  expires: Fri, 01 Jan 1990 00:00:00 GMT
                  set-cookie: MSPTC=xpgSJpIV6mQwMyhYLVHXL4k39fxHB6scHundJs2vrfU; domain=.bing.com; expires=Wed, 28-May-2025 13:45:57 GMT; path=/; Partitioned; secure; SameSite=None
                  strict-transport-security: max-age=31536000; includeSubDomains; preload
                  access-control-allow-origin: *
                  x-cache: CONFIG_NOCACHE
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 720EAC436C37413F8B090500F10DC66F Ref B: LON04EDGE1106 Ref C: 2024-05-03T13:45:57Z
                  date: Fri, 03 May 2024 13:45:56 GMT
                • flag-nl
                  GET
                  https://www.bing.com/aes/c.gif?RG=98286c894c3248b89c500606d9064ea9&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T133054Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644
                  Remote address:
                  23.62.61.194:443
                  Request
                  GET /aes/c.gif?RG=98286c894c3248b89c500606d9064ea9&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T133054Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644 HTTP/2.0
                  host: www.bing.com
                  accept-encoding: gzip, deflate
                  user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                  cookie: MUID=369F20AE2AA46C9333A634DA2B446D8B
                  Response
                  HTTP/2.0 200
                  cache-control: private,no-store
                  pragma: no-cache
                  vary: Origin
                  p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 60EA64B08FEC4D06B3D71FC168E5E28B Ref B: LON212050704039 Ref C: 2024-05-03T13:45:57Z
                  content-length: 0
                  date: Fri, 03 May 2024 13:45:57 GMT
                  set-cookie: _EDGE_S=SID=121DFC64B3DA6AFE0805E810B2A36B47; path=/; httponly; domain=bing.com
                  set-cookie: MUIDB=369F20AE2AA46C9333A634DA2B446D8B; path=/; httponly; expires=Wed, 28-May-2025 13:45:57 GMT
                  alt-svc: h3=":443"; ma=93600
                  x-cdn-traceid: 0.be3d3e17.1714743957.14360be0
                • flag-us
                  DNS
                  152.0.160.217.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  152.0.160.217.in-addr.arpa
                  IN PTR
                  Response
                  152.0.160.217.in-addr.arpa
                  IN PTR
                  217-160-0-152 elastic-sslui-rcom
                • flag-us
                  DNS
                  237.197.79.204.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  237.197.79.204.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  194.61.62.23.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  194.61.62.23.in-addr.arpa
                  IN PTR
                  Response
                  194.61.62.23.in-addr.arpa
                  IN PTR
                  a23-62-61-194deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  26.35.223.20.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  26.35.223.20.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  50.23.12.20.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  50.23.12.20.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  206.23.85.13.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  206.23.85.13.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  24.139.73.23.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  24.139.73.23.in-addr.arpa
                  IN PTR
                  Response
                  24.139.73.23.in-addr.arpa
                  IN PTR
                  a23-73-139-24deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  77.190.18.2.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  77.190.18.2.in-addr.arpa
                  IN PTR
                  Response
                  77.190.18.2.in-addr.arpa
                  IN PTR
                  a2-18-190-77deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  88.156.103.20.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  88.156.103.20.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  21.236.111.52.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  21.236.111.52.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  73.143.109.104.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  73.143.109.104.in-addr.arpa
                  IN PTR
                  Response
                  73.143.109.104.in-addr.arpa
                  IN PTR
                  a104-109-143-73deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  tse1.mm.bing.net
                  Remote address:
                  8.8.8.8:53
                  Request
                  tse1.mm.bing.net
                  IN A
                  Response
                  tse1.mm.bing.net
                  IN CNAME
                  mm-mm.bing.net.trafficmanager.net
                  mm-mm.bing.net.trafficmanager.net
                  IN CNAME
                  dual-a-0001.a-msedge.net
                  dual-a-0001.a-msedge.net
                  IN A
                  204.79.197.200
                  dual-a-0001.a-msedge.net
                  IN A
                  13.107.21.200
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239339388120_11G57HW9RPFMLC262&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239339388120_11G57HW9RPFMLC262&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 654136
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 17F477467BEF46579F2F9F951340C37C Ref B: LON04EDGE0718 Ref C: 2024-05-03T13:47:36Z
                  date: Fri, 03 May 2024 13:47:36 GMT
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239339388218_1O3WHZ2CB2LK678IN&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239339388218_1O3WHZ2CB2LK678IN&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 585322
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: CE6669ADF8124E28B256567AB55FE3F8 Ref B: LON04EDGE0718 Ref C: 2024-05-03T13:47:36Z
                  date: Fri, 03 May 2024 13:47:36 GMT
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239339388219_1FDWCXC4JZ4Y4X0E5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239339388219_1FDWCXC4JZ4Y4X0E5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 652772
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 1B18402DB3574242BE5702EBDFF7E22A Ref B: LON04EDGE0718 Ref C: 2024-05-03T13:47:36Z
                  date: Fri, 03 May 2024 13:47:36 GMT
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239340418539_1KFG8UNZE5MUR2Y24&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239340418539_1KFG8UNZE5MUR2Y24&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 577346
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 452E533AC4AA4CF9A7B7DFFD78654FBB Ref B: LON04EDGE0718 Ref C: 2024-05-03T13:47:36Z
                  date: Fri, 03 May 2024 13:47:36 GMT
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239339388119_10QYQ7X0D3WF71UDP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239339388119_10QYQ7X0D3WF71UDP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 616456
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 75EAD3ED8D3C435597CF3690B40F8DB1 Ref B: LON04EDGE0718 Ref C: 2024-05-03T13:47:36Z
                  date: Fri, 03 May 2024 13:47:36 GMT
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239340418540_1UQTKN6JO04LNXB5Q&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239340418540_1UQTKN6JO04LNXB5Q&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 676162
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 876D446756724D28A304ADD6ED4E9D85 Ref B: LON04EDGE0718 Ref C: 2024-05-03T13:47:37Z
                  date: Fri, 03 May 2024 13:47:37 GMT
                • flag-us
                  DNS
                  57.169.31.20.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  57.169.31.20.in-addr.arpa
                  IN PTR
                  Response
                • 216.58.204.74:445
                  fonts.googleapis.com
                  260 B
                   5
                • 217.160.0.152:443
                  www.bal-do.com
                  tls
                  msedge.exe
                  972 B
                   4.2kB
                   8
                  8
                • 217.160.0.152:443
                  www.bal-do.com
                  tls
                  msedge.exe
                  972 B
                   4.2kB
                   8
                  8
                • 217.160.0.152:443
                  www.bal-do.com
                  tls
                  msedge.exe
                  1.0kB
                   4.3kB
                   9
                  9
                • 217.160.0.152:443
                  https://bal-do.com/wp-content/themes/foodeez-lite/style.css?ver=4.6.19
                  tls, http2
                  msedge.exe
                  6.6kB
                   128.2kB
                   84
                  124

                  HTTP Request

                  GET https://www.bal-do.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.5.1

                  HTTP Request

                  GET https://www.bal-do.com/wp-content/themes/foodeez-lite/style.css?ver=4.6.19

                  HTTP Request

                  GET https://www.bal-do.com/wp-content/themes/foodeez-lite/css/skt-animation.css?ver=1.0.5

                  HTTP Request

                  GET https://www.bal-do.com/wp-content/themes/foodeez-lite/css/font-awesome.css?ver=1.0.5

                  HTTP Request

                  GET https://www.bal-do.com/wp-content/themes/foodeez-lite/css/superfish.css?ver=1.0.5

                  HTTP Request

                  GET https://www.bal-do.com/wp-content/themes/foodeez-lite/css/bootstrap-responsive.css?ver=1.0.5

                  HTTP Request

                  GET https://www.bal-do.com/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.7.min.css?ver=1.5.7

                  HTTP Request

                  GET https://www.bal-do.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

                  HTTP Request

                  GET https://www.bal-do.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

                  HTTP Response

                  200

                  HTTP Request

                  GET https://www.bal-do.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

                  HTTP Response

                  200

                  HTTP Response

                  200

                  HTTP Response

                  301

                  HTTP Response

                  301

                  HTTP Response

                  301

                  HTTP Response

                  301

                  HTTP Response

                  301

                  HTTP Response

                  301

                  HTTP Request

                  GET https://bal-do.com/wp-content/themes/foodeez-lite/css/skt-animation.css?ver=1.0.5

                  HTTP Request

                  GET https://bal-do.com/wp-content/themes/foodeez-lite/css/bootstrap-responsive.css?ver=1.0.5

                  HTTP Request

                  GET https://bal-do.com/wp-content/themes/foodeez-lite/css/superfish.css?ver=1.0.5

                  HTTP Request

                  GET https://bal-do.com/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.7.min.css?ver=1.5.7

                  HTTP Request

                  GET https://bal-do.com/wp-content/themes/foodeez-lite/css/font-awesome.css?ver=1.0.5

                  HTTP Request

                  GET https://bal-do.com/wp-content/themes/foodeez-lite/style.css?ver=4.6.19

                  HTTP Response

                  404
                • 217.160.0.152:443
                  www.bal-do.com
                  tls
                  msedge.exe
                  972 B
                   4.2kB
                   8
                  8
                • 217.160.0.152:443
                  www.bal-do.com
                  tls
                  msedge.exe
                  972 B
                   4.2kB
                   8
                  8
                • 204.79.197.237:443
                  https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8dC7FF0SBiDovPFPJkfSUfTVUCUzdvs-IoynTk1IaafvLZChWN9snYPs0I3r8-9ti7AyNKSHhWIGMDxY9uiSwa8h2ad_4DmedjMF-uHCemq-l8a9EOak0ORqk3n1DbFDzq8TGJHzB8ywF1eprsI4kvOBkVyHn8jy7evHswSsbfstVVH6E%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D99aeec4315351d0e05a08a68b967418e&TIME=20240426T133054Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4
                  tls, http2
                  2.5kB
                   9.5kB
                   20
                  16

                  HTTP Request

                  GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8dC7FF0SBiDovPFPJkfSUfTVUCUzdvs-IoynTk1IaafvLZChWN9snYPs0I3r8-9ti7AyNKSHhWIGMDxY9uiSwa8h2ad_4DmedjMF-uHCemq-l8a9EOak0ORqk3n1DbFDzq8TGJHzB8ywF1eprsI4kvOBkVyHn8jy7evHswSsbfstVVH6E%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D99aeec4315351d0e05a08a68b967418e&TIME=20240426T133054Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4

                  HTTP Response

                  204

                  HTTP Request

                  GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8dC7FF0SBiDovPFPJkfSUfTVUCUzdvs-IoynTk1IaafvLZChWN9snYPs0I3r8-9ti7AyNKSHhWIGMDxY9uiSwa8h2ad_4DmedjMF-uHCemq-l8a9EOak0ORqk3n1DbFDzq8TGJHzB8ywF1eprsI4kvOBkVyHn8jy7evHswSsbfstVVH6E%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D99aeec4315351d0e05a08a68b967418e&TIME=20240426T133054Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4

                  HTTP Response

                  204
                • 23.62.61.194:443
                  https://www.bing.com/aes/c.gif?RG=98286c894c3248b89c500606d9064ea9&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T133054Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644
                  tls, http2
                  1.4kB
                   5.3kB
                   16
                  11

                  HTTP Request

                  GET https://www.bing.com/aes/c.gif?RG=98286c894c3248b89c500606d9064ea9&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T133054Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644

                  HTTP Response

                  200
                • 216.58.204.74:139
                  fonts.googleapis.com
                  260 B
                   5
                • 204.79.197.200:443
                  tse1.mm.bing.net
                  tls, http2
                  1.2kB
                   8.1kB
                   16
                  14
                • 204.79.197.200:443
                  tse1.mm.bing.net
                  tls, http2
                  1.2kB
                   8.1kB
                   16
                  14
                • 204.79.197.200:443
                  tse1.mm.bing.net
                  tls, http2
                  1.2kB
                   8.1kB
                   16
                  14
                • 204.79.197.200:443
                  https://tse1.mm.bing.net/th?id=OADD2.10239340418540_1UQTKN6JO04LNXB5Q&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                  tls, http2
                  139.0kB
                   3.9MB
                   2822
                  2814

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239339388120_11G57HW9RPFMLC262&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239339388218_1O3WHZ2CB2LK678IN&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239339388219_1FDWCXC4JZ4Y4X0E5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239340418539_1KFG8UNZE5MUR2Y24&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239339388119_10QYQ7X0D3WF71UDP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                  HTTP Response

                  200

                  HTTP Response

                  200

                  HTTP Response

                  200

                  HTTP Response

                  200

                  HTTP Response

                  200

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239340418540_1UQTKN6JO04LNXB5Q&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                  HTTP Response

                  200
                • 204.79.197.200:443
                  tse1.mm.bing.net
                  tls, http2
                  1.2kB
                   8.1kB
                   16
                  14
                • 8.8.8.8:53
                  s.w.org
                  dns
                  msedge.exe
                  53 B
                   69 B
                   1
                  1

                  DNS Request

                  s.w.org

                  DNS Response

                  192.0.77.48

                • 8.8.8.8:53
                  www.bal-do.com
                  dns
                  msedge.exe
                  120 B
                   76 B
                   2
                  1

                  DNS Request

                  www.bal-do.com

                  DNS Request

                  www.bal-do.com

                  DNS Response

                  217.160.0.152

                • 8.8.8.8:53
                  8.8.8.8.in-addr.arpa
                  dns
                  66 B
                   90 B
                   1
                  1

                  DNS Request

                  8.8.8.8.in-addr.arpa

                • 8.8.8.8:53
                  14.160.190.20.in-addr.arpa
                  dns
                  72 B
                   158 B
                   1
                  1

                  DNS Request

                  14.160.190.20.in-addr.arpa

                • 8.8.8.8:53
                  79.190.18.2.in-addr.arpa
                  dns
                  70 B
                   133 B
                   1
                  1

                  DNS Request

                  79.190.18.2.in-addr.arpa

                • 8.8.8.8:53
                  g.bing.com
                  dns
                  112 B
                   151 B
                   2
                  1

                  DNS Request

                  g.bing.com

                  DNS Request

                  g.bing.com

                  DNS Response

                  204.79.197.237
                  13.107.21.237

                • 8.8.8.8:53
                  95.221.229.192.in-addr.arpa
                  dns
                  73 B
                   144 B
                   1
                  1

                  DNS Request

                  95.221.229.192.in-addr.arpa

                • 8.8.8.8:53
                  bal-do.com
                  dns
                  msedge.exe
                  56 B
                   72 B
                   1
                  1

                  DNS Request

                  bal-do.com

                  DNS Response

                  217.160.0.152

                • 8.8.8.8:53
                  152.0.160.217.in-addr.arpa
                  dns
                  72 B
                   120 B
                   1
                  1

                  DNS Request

                  152.0.160.217.in-addr.arpa

                • 8.8.8.8:53
                  237.197.79.204.in-addr.arpa
                  dns
                  73 B
                   143 B
                   1
                  1

                  DNS Request

                  237.197.79.204.in-addr.arpa

                • 8.8.8.8:53
                  194.61.62.23.in-addr.arpa
                  dns
                  71 B
                   135 B
                   1
                  1

                  DNS Request

                  194.61.62.23.in-addr.arpa

                • 8.8.8.8:53
                  26.35.223.20.in-addr.arpa
                  dns
                  71 B
                   157 B
                   1
                  1

                  DNS Request

                  26.35.223.20.in-addr.arpa

                • 224.0.0.251:5353
                  316 B
                   5
                • 8.8.8.8:53
                  50.23.12.20.in-addr.arpa
                  dns
                  70 B
                   156 B
                   1
                  1

                  DNS Request

                  50.23.12.20.in-addr.arpa

                • 8.8.8.8:53
                  206.23.85.13.in-addr.arpa
                  dns
                  71 B
                   145 B
                   1
                  1

                  DNS Request

                  206.23.85.13.in-addr.arpa

                • 8.8.8.8:53
                  24.139.73.23.in-addr.arpa
                  dns
                  71 B
                   135 B
                   1
                  1

                  DNS Request

                  24.139.73.23.in-addr.arpa

                • 8.8.8.8:53
                  77.190.18.2.in-addr.arpa
                  dns
                  70 B
                   133 B
                   1
                  1

                  DNS Request

                  77.190.18.2.in-addr.arpa

                • 8.8.8.8:53
                  88.156.103.20.in-addr.arpa
                  dns
                  72 B
                   158 B
                   1
                  1

                  DNS Request

                  88.156.103.20.in-addr.arpa

                • 8.8.8.8:53
                  21.236.111.52.in-addr.arpa
                  dns
                  72 B
                   158 B
                   1
                  1

                  DNS Request

                  21.236.111.52.in-addr.arpa

                • 8.8.8.8:53
                  73.143.109.104.in-addr.arpa
                  dns
                  73 B
                   139 B
                   1
                  1

                  DNS Request

                  73.143.109.104.in-addr.arpa

                • 8.8.8.8:53
                  tse1.mm.bing.net
                  dns
                  62 B
                   173 B
                   1
                  1

                  DNS Request

                  tse1.mm.bing.net

                  DNS Response

                  204.79.197.200
                  13.107.21.200

                • 8.8.8.8:53
                  57.169.31.20.in-addr.arpa
                  dns
                  71 B
                   157 B
                   1
                  1

                  DNS Request

                  57.169.31.20.in-addr.arpa

                MITRE ATT&CK Enterprise v15

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                  Filesize

                  152B

                  MD5

                  c9c4c494f8fba32d95ba2125f00586a3

                  SHA1

                  8a600205528aef7953144f1cf6f7a5115e3611de

                  SHA256

                  a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

                  SHA512

                  9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                  Filesize

                  152B

                  MD5

                  4dc6fc5e708279a3310fe55d9c44743d

                  SHA1

                  a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

                  SHA256

                  a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

                  SHA512

                  5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                  Filesize

                  182B

                  MD5

                  62f9e6d6be594109ce8837fa15248e16

                  SHA1

                  435c6a487bb8ae7e89898290e20d5e654b4f4e25

                  SHA256

                  905ca55692d0b3b8bb0ea1bfd05522764843fa8d26d7a0f9a8db117fd2555547

                  SHA512

                  a23bd53f173209a8c1227ec5677ff6624006362c6a73c904653720dae00b79d356e7256a822b9950a2100dd89314e3ed44dcc24a4696c5bbfd8779a30a1198dd

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                  Filesize

                  6KB

                  MD5

                  64d3c71a91044feae119d3aa9ae89a74

                  SHA1

                  4f3852b26b622bcf30de4c06212d82104e3a38d8

                  SHA256

                  076d7e5e602e3605bb159a9a93418a9c9751ca7a6efab67fca67fd70357bf475

                  SHA512

                  75e873a14aacd3a2a3da41f1c74fd7158b180209110352b646c2e73fd78225047dc8cf5bf62d7e8699478c3cb9ea1512115e422540683c3737e9ef7da7b0ec2f

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                  Filesize

                  6KB

                  MD5

                  f28901ed3b7f8295b1f055d9e938ebe7

                  SHA1

                  da62ebd1868a866aa424c36c30898a2e96eab2d6

                  SHA256

                  23aa9c45b1e95a683ef1c2cb78d89e8f4eb9c65fd52ae426242f8adee4a32ce1

                  SHA512

                  678db3aae63f4082c3074daad4832551af8e555cd4fadad633f1324e413ed52677f5120c9e20e5548a593f36777612885478327788074d7bf2d42211fac9e44a

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                  Filesize

                  11KB

                  MD5

                  bc3ed2e1a5cdd5bd76adb24e617ebc93

                  SHA1

                  f239b89eaef9580cd1d8ddb12dc7048c46c9d8bf

                  SHA256

                  4afb7490898b87570f9d90e980a67d79c12ec8466e2048294ddf311f24e554ee

                  SHA512

                  6b1ee417a1eadf77e097b8c9444bc7cf93ab6b858983da5b5722661dc2fbb576f0bfaacab92f3458253c7b893c56f2496e70a49c8fa84d7afa29e12c2938fccf

                  Download Submit

                We care about your privacy.

                This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.