Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/05/2024, 13:59 UTC

General

  • Target

    10b0e2f80d58539e145d71234b5a9143_JaffaCakes118.html

  • Size

    23KB

  • MD5

    10b0e2f80d58539e145d71234b5a9143

  • SHA1

    5079e86899657e087324e883da45c2d1269b8707

  • SHA256

    64ca43567604aecc16ecec20d0e7311292394587f230445ed3b73fd08c6d1833

  • SHA512

    ed5edfadc99cba5d9c9c141935df71a33b5d8c21450fca4e0d7f35f47a816a114e40be33b83758d8a79b7611b4e6ff3395e8d588b2774272de79f916ab5ac255

  • SSDEEP

    192:uwz5b5n3KnQjxn5Q/enQie9Nn2HInQOkEntqPEnQTbn1nQgGLnLnQtNqMBdqnYnr:TQ/UHXGiLb

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\10b0e2f80d58539e145d71234b5a9143_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:116
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa26c646f8,0x7ffa26c64708,0x7ffa26c64718
      2⤵
        PID:4832
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
        2⤵
          PID:3752
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2964
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
          2⤵
            PID:376
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2120 /prefetch:1
            2⤵
              PID:5116
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
              2⤵
                PID:2084
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4104 /prefetch:8
                2⤵
                  PID:4448
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4104 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:440
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
                  2⤵
                    PID:4844
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
                    2⤵
                      PID:2816
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
                      2⤵
                        PID:2500
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
                        2⤵
                          PID:3964
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,5776254521776591812,17262219320314107771,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1984 /prefetch:2
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:3136
                      • C:\Windows\System32\CompPkgSrv.exe
                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                        1⤵
                          PID:4836
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:696

                          Network

                          • flag-us
                            DNS
                            cdd.net.ua
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            cdd.net.ua
                            IN A
                            Response
                            cdd.net.ua
                            IN A
                            89.184.88.6
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/store_logo.png
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/store_logo.png HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/header_cart.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/header_cart.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/header_checkout.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/header_checkout.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/stylesheet.css
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/stylesheet.css HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/header_account.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/header_account.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/back.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/back.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/infobox/corner_right_left.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/infobox/corner_left.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/infobox/corner_left.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/rev.jpg
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/rev.jpg HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/infobox/arrow_right.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/pixel_trans.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/pixel_trans.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/includes/languages/russian/images/buttons/button_quick_find.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_continue.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/includes/languages/russian/images/buttons/button_continue.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:09 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/includes/languages/russian/images/icon.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/infobox/corner_right.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/infobox/corner_right.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:09 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/images/table_background_cart.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/images/table_background_cart.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:09 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-pl
                            GET
                            http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif
                            msedge.exe
                            Remote address:
                            89.184.88.6:80
                            Request
                            GET /apothecary/includes/languages/english/images/icon.gif HTTP/1.1
                            Host: cdd.net.ua
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 404 Not Found
                            Server: nginx
                            Date: Fri, 03 May 2024 13:59:08 GMT
                            Content-Type: text/html; charset=iso-8859-1
                            Content-Length: 196
                            Connection: keep-alive
                          • flag-us
                            DNS
                            232.168.11.51.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            232.168.11.51.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            240.221.184.93.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            240.221.184.93.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            75.159.190.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            75.159.190.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            6.88.184.89.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            6.88.184.89.in-addr.arpa
                            IN PTR
                            Response
                            6.88.184.89.in-addr.arpa
                            IN PTR
                            svh16mirohostnet
                          • flag-us
                            DNS
                            6.88.184.89.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            6.88.184.89.in-addr.arpa
                            IN PTR
                            Response
                            6.88.184.89.in-addr.arpa
                            IN PTR
                            svh16mirohostnet
                          • flag-us
                            DNS
                            g.bing.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            g.bing.com
                            IN A
                            Response
                            g.bing.com
                            IN CNAME
                            g-bing-com.dual-a-0034.a-msedge.net
                            g-bing-com.dual-a-0034.a-msedge.net
                            IN CNAME
                            dual-a-0034.a-msedge.net
                            dual-a-0034.a-msedge.net
                            IN A
                            204.79.197.237
                            dual-a-0034.a-msedge.net
                            IN A
                            13.107.21.237
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MUID=34031F5FCE096A1718770B2BCFB26BE5; domain=.bing.com; expires=Wed, 28-May-2025 13:59:09 GMT; path=/; SameSite=None; Secure; Priority=High;
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: F342565C591E473E9A770BBF69913DAC Ref B: LON04EDGE0916 Ref C: 2024-05-03T13:59:09Z
                            date: Fri, 03 May 2024 13:59:09 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=34031F5FCE096A1718770B2BCFB26BE5
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MSPTC=lp2QHBeE_mmtK_3vEBmQeUZhSSy2DVTiK26dLpoqCl0; domain=.bing.com; expires=Wed, 28-May-2025 13:59:10 GMT; path=/; Partitioned; secure; SameSite=None
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: FF2C4AD0DA084F43A41AED7DD7FD046A Ref B: LON04EDGE0916 Ref C: 2024-05-03T13:59:10Z
                            date: Fri, 03 May 2024 13:59:09 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=34031F5FCE096A1718770B2BCFB26BE5; MSPTC=lp2QHBeE_mmtK_3vEBmQeUZhSSy2DVTiK26dLpoqCl0
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 17EA70F5750641FD91EE7A798FC6FB7D Ref B: LON04EDGE0916 Ref C: 2024-05-03T13:59:10Z
                            date: Fri, 03 May 2024 13:59:09 GMT
                          • flag-nl
                            GET
                            https://www.bing.com/th?id=OADD2.10239355179391_1LFCMSFC5TYGHD1FP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                            Remote address:
                            23.62.61.97:443
                            Request
                            GET /th?id=OADD2.10239355179391_1LFCMSFC5TYGHD1FP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
                            host: www.bing.com
                            accept: */*
                            cookie: MUID=34031F5FCE096A1718770B2BCFB26BE5; MSPTC=lp2QHBeE_mmtK_3vEBmQeUZhSSy2DVTiK26dLpoqCl0
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-type: image/png
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            content-length: 1463
                            date: Fri, 03 May 2024 13:59:11 GMT
                            alt-svc: h3=":443"; ma=93600
                            x-cdn-traceid: 0.5d3d3e17.1714744751.4d15263
                          • flag-us
                            DNS
                            237.197.79.204.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            237.197.79.204.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            97.61.62.23.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            97.61.62.23.in-addr.arpa
                            IN PTR
                            Response
                            97.61.62.23.in-addr.arpa
                            IN PTR
                            a23-62-61-97deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            154.239.44.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            154.239.44.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            79.121.231.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            79.121.231.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            183.59.114.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            183.59.114.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            15.164.165.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            15.164.165.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            24.139.73.23.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            24.139.73.23.in-addr.arpa
                            IN PTR
                            Response
                            24.139.73.23.in-addr.arpa
                            IN PTR
                            a23-73-139-24deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            77.190.18.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            77.190.18.2.in-addr.arpa
                            IN PTR
                            Response
                            77.190.18.2.in-addr.arpa
                            IN PTR
                            a2-18-190-77deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            43.58.199.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            43.58.199.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            211.138.73.23.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            211.138.73.23.in-addr.arpa
                            IN PTR
                            Response
                            211.138.73.23.in-addr.arpa
                            IN PTR
                            a23-73-138-211deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            43.229.111.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            43.229.111.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            tse1.mm.bing.net
                            Remote address:
                            8.8.8.8:53
                            Request
                            tse1.mm.bing.net
                            IN A
                            Response
                            tse1.mm.bing.net
                            IN CNAME
                            mm-mm.bing.net.trafficmanager.net
                            mm-mm.bing.net.trafficmanager.net
                            IN CNAME
                            dual-a-0001.a-msedge.net
                            dual-a-0001.a-msedge.net
                            IN A
                            204.79.197.200
                            dual-a-0001.a-msedge.net
                            IN A
                            13.107.21.200
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 394521
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 2B24A11EDB5747D4B9F65719E99CEAD6 Ref B: LON04EDGE0808 Ref C: 2024-05-03T14:00:45Z
                            date: Fri, 03 May 2024 14:00:44 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 682798
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 19AB938046A64DACAFC7EEAB202424D5 Ref B: LON04EDGE0808 Ref C: 2024-05-03T14:00:45Z
                            date: Fri, 03 May 2024 14:00:44 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239370255188_1EKPMYV01DV13G64K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239370255188_1EKPMYV01DV13G64K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 442324
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: A9F39AB612104CF5BF830DA7D311B2A7 Ref B: LON04EDGE0808 Ref C: 2024-05-03T14:00:45Z
                            date: Fri, 03 May 2024 14:00:44 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 664406
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: C545E5720D714EEDA9723AFC04F16009 Ref B: LON04EDGE0808 Ref C: 2024-05-03T14:00:45Z
                            date: Fri, 03 May 2024 14:00:44 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239351691769_17S178H4I11J3APXJ&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239351691769_17S178H4I11J3APXJ&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 496166
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 4AF3D0A59D744E83BB22B2FF10ADAA77 Ref B: LON04EDGE0808 Ref C: 2024-05-03T14:00:45Z
                            date: Fri, 03 May 2024 14:00:44 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239351691770_1IUJHOACLFVRNOEKH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239351691770_1IUJHOACLFVRNOEKH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 496229
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 4D4A8969D8494FDB93B4DD629ACC993F Ref B: LON04EDGE0808 Ref C: 2024-05-03T14:00:45Z
                            date: Fri, 03 May 2024 14:00:44 GMT
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/store_logo.png
                            http
                            msedge.exe
                            603 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/store_logo.png

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/header_cart.gif
                            http
                            msedge.exe
                            604 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/header_cart.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/header_checkout.gif
                            http
                            msedge.exe
                            608 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/header_checkout.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/stylesheet.css
                            http
                            msedge.exe
                            561 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/stylesheet.css

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/header_account.gif
                            http
                            msedge.exe
                            607 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/header_account.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/back.gif
                            http
                            msedge.exe
                            597 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/back.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif
                            http
                            msedge.exe
                            618 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/infobox/corner_left.gif
                            http
                            msedge.exe
                            612 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/infobox/corner_left.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/rev.jpg
                            http
                            msedge.exe
                            596 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/rev.jpg

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif
                            http
                            msedge.exe
                            612 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/pixel_trans.gif
                            http
                            msedge.exe
                            604 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/pixel_trans.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif
                            http
                            msedge.exe
                            645 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_continue.gif
                            http
                            msedge.exe
                            643 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_continue.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif
                            http
                            msedge.exe
                            624 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/infobox/corner_right.gif
                            http
                            msedge.exe
                            613 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/infobox/corner_right.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/images/table_background_cart.gif
                            http
                            msedge.exe
                            614 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/images/table_background_cart.gif

                            HTTP Response

                            404
                          • 89.184.88.6:80
                            http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif
                            http
                            msedge.exe
                            624 B
                            536 B
                            5
                            4

                            HTTP Request

                            GET http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif

                            HTTP Response

                            404
                          • 204.79.197.237:443
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid=
                            tls, http2
                            2.0kB
                            9.2kB
                            22
                            19

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid=

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid=

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2beb0e8664a746e5bc9130dcac406c28&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&anid=

                            HTTP Response

                            204
                          • 23.62.61.97:443
                            https://www.bing.com/th?id=OADD2.10239355179391_1LFCMSFC5TYGHD1FP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                            tls, http2
                            1.5kB
                            6.7kB
                            17
                            13

                            HTTP Request

                            GET https://www.bing.com/th?id=OADD2.10239355179391_1LFCMSFC5TYGHD1FP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

                            HTTP Response

                            200
                          • 138.91.171.81:80
                            52 B
                            1
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                            8.1kB
                            16
                            14
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                            8.1kB
                            16
                            14
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                            8.1kB
                            16
                            14
                          • 204.79.197.200:443
                            https://tse1.mm.bing.net/th?id=OADD2.10239351691770_1IUJHOACLFVRNOEKH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            tls, http2
                            113.9kB
                            3.3MB
                            2398
                            2394

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239370255188_1EKPMYV01DV13G64K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239351691769_17S178H4I11J3APXJ&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239351691770_1IUJHOACLFVRNOEKH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Response

                            200
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                            8.1kB
                            16
                            14
                          • 8.8.8.8:53
                            cdd.net.ua
                            dns
                            msedge.exe
                            56 B
                            72 B
                            1
                            1

                            DNS Request

                            cdd.net.ua

                            DNS Response

                            89.184.88.6

                          • 8.8.8.8:53
                            232.168.11.51.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            232.168.11.51.in-addr.arpa

                          • 8.8.8.8:53
                            240.221.184.93.in-addr.arpa
                            dns
                            73 B
                            144 B
                            1
                            1

                            DNS Request

                            240.221.184.93.in-addr.arpa

                          • 8.8.8.8:53
                            75.159.190.20.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            75.159.190.20.in-addr.arpa

                          • 8.8.8.8:53
                            6.88.184.89.in-addr.arpa
                            dns
                            140 B
                            204 B
                            2
                            2

                            DNS Request

                            6.88.184.89.in-addr.arpa

                            DNS Request

                            6.88.184.89.in-addr.arpa

                          • 8.8.8.8:53
                            g.bing.com
                            dns
                            56 B
                            151 B
                            1
                            1

                            DNS Request

                            g.bing.com

                            DNS Response

                            204.79.197.237
                            13.107.21.237

                          • 224.0.0.251:5353
                            586 B
                            9
                          • 8.8.8.8:53
                            237.197.79.204.in-addr.arpa
                            dns
                            73 B
                            143 B
                            1
                            1

                            DNS Request

                            237.197.79.204.in-addr.arpa

                          • 8.8.8.8:53
                            97.61.62.23.in-addr.arpa
                            dns
                            70 B
                            133 B
                            1
                            1

                            DNS Request

                            97.61.62.23.in-addr.arpa

                          • 8.8.8.8:53
                            154.239.44.20.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            154.239.44.20.in-addr.arpa

                          • 8.8.8.8:53
                            79.121.231.20.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            79.121.231.20.in-addr.arpa

                          • 8.8.8.8:53
                            183.59.114.20.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            183.59.114.20.in-addr.arpa

                          • 8.8.8.8:53
                            15.164.165.52.in-addr.arpa
                            dns
                            72 B
                            146 B
                            1
                            1

                            DNS Request

                            15.164.165.52.in-addr.arpa

                          • 8.8.8.8:53
                            24.139.73.23.in-addr.arpa
                            dns
                            71 B
                            135 B
                            1
                            1

                            DNS Request

                            24.139.73.23.in-addr.arpa

                          • 8.8.8.8:53
                            77.190.18.2.in-addr.arpa
                            dns
                            70 B
                            133 B
                            1
                            1

                            DNS Request

                            77.190.18.2.in-addr.arpa

                          • 8.8.8.8:53
                            43.58.199.20.in-addr.arpa
                            dns
                            71 B
                            157 B
                            1
                            1

                            DNS Request

                            43.58.199.20.in-addr.arpa

                          • 8.8.8.8:53
                            211.138.73.23.in-addr.arpa
                            dns
                            72 B
                            137 B
                            1
                            1

                            DNS Request

                            211.138.73.23.in-addr.arpa

                          • 8.8.8.8:53
                            43.229.111.52.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            43.229.111.52.in-addr.arpa

                          • 8.8.8.8:53
                            tse1.mm.bing.net
                            dns
                            62 B
                            173 B
                            1
                            1

                            DNS Request

                            tse1.mm.bing.net

                            DNS Response

                            204.79.197.200
                            13.107.21.200

                          • 8.8.8.8:53

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                            Filesize

                            152B

                            MD5

                            8b2290ca03b4ca5fe52d82550c7e7d69

                            SHA1

                            20583a7851a906444204ce8ba4fa51153e6cd494

                            SHA256

                            f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2

                            SHA512

                            704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                            Filesize

                            152B

                            MD5

                            919c29d42fb6034fee2f5de14d573c63

                            SHA1

                            24a2e1042347b3853344157239bde3ed699047a8

                            SHA256

                            17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141

                            SHA512

                            bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                            Filesize

                            6KB

                            MD5

                            f0156f285722609a5183e6fe47210630

                            SHA1

                            eca4d9ecef777d992675e0179d1a640c58fdb0bd

                            SHA256

                            58a31c342b82bdfc05c0ba2555b4f4d6b95bc06e72dad81deebce263e2209af5

                            SHA512

                            1d940ee43b47aab3b6672b9b59cd267f6b2b6e39a6d8d825ea4aa7b2e2a0356099c0ac444b55fb849fd7287b266772c9e271a745c5d116fb6d814e8f43b7f48e

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                            Filesize

                            5KB

                            MD5

                            ef45b31e101ced5993f3cc1aae7dd77d

                            SHA1

                            492f8d8dbb271678483443dc87def50814315208

                            SHA256

                            4b2be329209dc68b6402a89bbe021527489c7ce8c28878b5fa734dd8c00375c6

                            SHA512

                            5f6d003c4aaa490fda271ae88df3f42811c31b759172e6823cbca4b69287918af04bdc555ec0634ed9858d2fa2a21488ac3843f5b1405272ef349984f8157b2e

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                            Filesize

                            16B

                            MD5

                            6752a1d65b201c13b62ea44016eb221f

                            SHA1

                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                            SHA256

                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                            SHA512

                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                            Filesize

                            11KB

                            MD5

                            b920410cedbffd23cf920bf86fc793ae

                            SHA1

                            1c597b4675c287e4e60842ea2bed21bdb54d6324

                            SHA256

                            6346e1e8d7f662a7c587038972afe7f05061db29ded839569d7868a3fc891a2f

                            SHA512

                            395ff3a53473d273f4f77b32343c0427838c50770da162ee931662ecc80caa4e7fedc92399d66e33fc7d277750117799897466e0aa361a182f2980852d9710df

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.