Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/05/2024, 15:06 UTC

General

  • Target

    183d150d0c0fa29e4ead8b4f64a9d6a4_JaffaCakes118.html

  • Size

    18KB

  • MD5

    183d150d0c0fa29e4ead8b4f64a9d6a4

  • SHA1

    a018f42fa3c9a280f8f38fdcc037f060b961ad90

  • SHA256

    915edac7250b0005fbfea0c494531ff1ccf4b90aa4801b9d114743281b1ec727

  • SHA512

    cf3cfe817110913d92a58d7623252c6233825b2f90fac640a2d1de5e1d50d19567fea966860c09b43c9d5955961c5f10d790d25cb9b99584021dfe6f4397619d

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIW4MzUnjBhAK82qDB8:SIMd0I5nvHPsvAJxDB8

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\183d150d0c0fa29e4ead8b4f64a9d6a4_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1676
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff8ba346f8,0x7fff8ba34708,0x7fff8ba34718
      2⤵
        PID:2948
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8673440223833773008,14036032983799298593,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
        2⤵
          PID:3532
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,8673440223833773008,14036032983799298593,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4456
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,8673440223833773008,14036032983799298593,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
          2⤵
            PID:3988
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8673440223833773008,14036032983799298593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
            2⤵
              PID:1324
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8673440223833773008,14036032983799298593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
              2⤵
                PID:3500
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8673440223833773008,14036032983799298593,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3132 /prefetch:2
                2⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:2068
            • C:\Windows\System32\CompPkgSrv.exe
              C:\Windows\System32\CompPkgSrv.exe -Embedding
              1⤵
                PID:4136
              • C:\Windows\System32\CompPkgSrv.exe
                C:\Windows\System32\CompPkgSrv.exe -Embedding
                1⤵
                  PID:4120

                Network

                • flag-us
                  DNS
                  t.cn
                  msedge.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  t.cn
                  IN A
                  Response
                  t.cn
                  IN A
                  39.105.18.168
                • flag-us
                  DNS
                  img1.jiehun.cn
                  msedge.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  img1.jiehun.cn
                  IN A
                  Response
                  img1.jiehun.cn
                  IN CNAME
                  img1.jiehun.cn.a.bdydns.com
                  img1.jiehun.cn.a.bdydns.com
                  IN CNAME
                  opencdnspy.jomodns.com
                  opencdnspy.jomodns.com
                  IN A
                  1.71.157.35
                  opencdnspy.jomodns.com
                  IN A
                  182.140.225.35
                  opencdnspy.jomodns.com
                  IN A
                  183.61.177.35
                  opencdnspy.jomodns.com
                  IN A
                  220.169.152.35
                  opencdnspy.jomodns.com
                  IN A
                  222.216.122.35
                  opencdnspy.jomodns.com
                  IN A
                  182.106.158.35
                  opencdnspy.jomodns.com
                  IN A
                  1.193.146.35
                  opencdnspy.jomodns.com
                  IN A
                  1.194.253.35
                  opencdnspy.jomodns.com
                  IN A
                  27.221.77.35
                  opencdnspy.jomodns.com
                  IN A
                  58.42.14.35
                • flag-us
                  DNS
                  www.googleadsl.com
                  msedge.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  www.googleadsl.com
                  IN A
                  Response
                  www.googleadsl.com
                  IN A
                  170.178.222.41
                • flag-us
                  DNS
                  183.142.211.20.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  183.142.211.20.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  68.32.126.40.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  68.32.126.40.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  79.190.18.2.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  79.190.18.2.in-addr.arpa
                  IN PTR
                  Response
                  79.190.18.2.in-addr.arpa
                  IN PTR
                  a2-18-190-79deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  g.bing.com
                  Remote address:
                  8.8.8.8:53
                  Request
                  g.bing.com
                  IN A
                  Response
                  g.bing.com
                  IN CNAME
                  g-bing-com.dual-a-0034.a-msedge.net
                  g-bing-com.dual-a-0034.a-msedge.net
                  IN CNAME
                  dual-a-0034.a-msedge.net
                  dual-a-0034.a-msedge.net
                  IN A
                  204.79.197.237
                  dual-a-0034.a-msedge.net
                  IN A
                  13.107.21.237
                • flag-us
                  GET
                  https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8eNJHdQhqZfHWBRQoTTaWzDVUCUwGjdlw1msc8FekEBnw-kCXq8F4--JBNp9WHxKIrtXnlZSBe3AOD1z_MinaWOZUyKHDMcfcuPgMPv-qAB2ZZ5uw6h3_5_pQgk_1nHomV1D2JsWgJ3SXymTolDGTZTyDaexknxkHuvBDuDeN6_WaH3T3%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOTTlWNkZRWFBEWCUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Db6af3340e6b21c3539dd5562cfd54102&TIME=20240419T082158Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&muid=9686F94716CC59E27F90076D2B78DA93
                  Remote address:
                  204.79.197.237:443
                  Request
                  GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8eNJHdQhqZfHWBRQoTTaWzDVUCUwGjdlw1msc8FekEBnw-kCXq8F4--JBNp9WHxKIrtXnlZSBe3AOD1z_MinaWOZUyKHDMcfcuPgMPv-qAB2ZZ5uw6h3_5_pQgk_1nHomV1D2JsWgJ3SXymTolDGTZTyDaexknxkHuvBDuDeN6_WaH3T3%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOTTlWNkZRWFBEWCUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Db6af3340e6b21c3539dd5562cfd54102&TIME=20240419T082158Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&muid=9686F94716CC59E27F90076D2B78DA93 HTTP/2.0
                  host: g.bing.com
                  accept-encoding: gzip, deflate
                  user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                  Response
                  HTTP/2.0 204
                  cache-control: no-cache, must-revalidate
                  pragma: no-cache
                  expires: Fri, 01 Jan 1990 00:00:00 GMT
                  set-cookie: MUID=2E0C4D064D6D66AE0F9659704C4A6767; domain=.bing.com; expires=Fri, 30-May-2025 15:06:09 GMT; path=/; SameSite=None; Secure; Priority=High;
                  strict-transport-security: max-age=31536000; includeSubDomains; preload
                  access-control-allow-origin: *
                  x-cache: CONFIG_NOCACHE
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 09367FDE0A324D25A1F156394008E2CC Ref B: LON04EDGE0618 Ref C: 2024-05-05T15:06:09Z
                  date: Sun, 05 May 2024 15:06:09 GMT
                • flag-us
                  GET
                  https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8eNJHdQhqZfHWBRQoTTaWzDVUCUwGjdlw1msc8FekEBnw-kCXq8F4--JBNp9WHxKIrtXnlZSBe3AOD1z_MinaWOZUyKHDMcfcuPgMPv-qAB2ZZ5uw6h3_5_pQgk_1nHomV1D2JsWgJ3SXymTolDGTZTyDaexknxkHuvBDuDeN6_WaH3T3%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOTTlWNkZRWFBEWCUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Db6af3340e6b21c3539dd5562cfd54102&TIME=20240419T082158Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&muid=9686F94716CC59E27F90076D2B78DA93
                  Remote address:
                  204.79.197.237:443
                  Request
                  GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8eNJHdQhqZfHWBRQoTTaWzDVUCUwGjdlw1msc8FekEBnw-kCXq8F4--JBNp9WHxKIrtXnlZSBe3AOD1z_MinaWOZUyKHDMcfcuPgMPv-qAB2ZZ5uw6h3_5_pQgk_1nHomV1D2JsWgJ3SXymTolDGTZTyDaexknxkHuvBDuDeN6_WaH3T3%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOTTlWNkZRWFBEWCUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Db6af3340e6b21c3539dd5562cfd54102&TIME=20240419T082158Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&muid=9686F94716CC59E27F90076D2B78DA93 HTTP/2.0
                  host: g.bing.com
                  accept-encoding: gzip, deflate
                  user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                  cookie: MUID=2E0C4D064D6D66AE0F9659704C4A6767; _EDGE_S=SID=3EE7229EF670695A211736E8F7DA6809
                  Response
                  HTTP/2.0 204
                  cache-control: no-cache, must-revalidate
                  pragma: no-cache
                  expires: Fri, 01 Jan 1990 00:00:00 GMT
                  set-cookie: MSPTC=uWNTdFG2KqDN7Y1ID1rDP_WfXNPsHG6RKJ9azpAnYbM; domain=.bing.com; expires=Fri, 30-May-2025 15:06:09 GMT; path=/; Partitioned; secure; SameSite=None
                  strict-transport-security: max-age=31536000; includeSubDomains; preload
                  access-control-allow-origin: *
                  x-cache: CONFIG_NOCACHE
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: D2C20A99A7824FE4AC727996A9235386 Ref B: LON04EDGE0618 Ref C: 2024-05-05T15:06:09Z
                  date: Sun, 05 May 2024 15:06:09 GMT
                • flag-nl
                  GET
                  https://www.bing.com/aes/c.gif?RG=a18305e92ece47c78b829258a562221c&med=10&PubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240419T082158Z&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710
                  Remote address:
                  23.62.61.194:443
                  Request
                  GET /aes/c.gif?RG=a18305e92ece47c78b829258a562221c&med=10&PubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240419T082158Z&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710 HTTP/2.0
                  host: www.bing.com
                  accept-encoding: gzip, deflate
                  user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                  cookie: MUID=2E0C4D064D6D66AE0F9659704C4A6767
                  Response
                  HTTP/2.0 200
                  cache-control: private,no-store
                  pragma: no-cache
                  vary: Origin
                  p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: ABA48A0A2B2A4EC1B156CAC135DD4DC8 Ref B: DUS30EDGE0716 Ref C: 2024-05-05T15:06:09Z
                  content-length: 0
                  date: Sun, 05 May 2024 15:06:09 GMT
                  set-cookie: _EDGE_S=SID=3EE7229EF670695A211736E8F7DA6809; path=/; httponly; domain=bing.com
                  set-cookie: MUIDB=2E0C4D064D6D66AE0F9659704C4A6767; path=/; httponly; expires=Fri, 30-May-2025 15:06:09 GMT
                  alt-svc: h3=":443"; ma=93600
                  x-cdn-traceid: 0.be3d3e17.1714921569.5d7ffd
                • flag-us
                  DNS
                  237.197.79.204.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  237.197.79.204.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  194.61.62.23.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  194.61.62.23.in-addr.arpa
                  IN PTR
                  Response
                  194.61.62.23.in-addr.arpa
                  IN PTR
                  a23-62-61-194deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  43.58.199.20.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  43.58.199.20.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  228.249.119.40.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  228.249.119.40.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  hm.baidu.com
                  msedge.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  hm.baidu.com
                  IN A
                  Response
                  hm.baidu.com
                  IN CNAME
                  hm.e.shifen.com
                  hm.e.shifen.com
                  IN A
                  183.240.98.228
                  hm.e.shifen.com
                  IN A
                  14.215.182.140
                  hm.e.shifen.com
                  IN A
                  14.215.183.79
                  hm.e.shifen.com
                  IN A
                  111.45.3.198
                  hm.e.shifen.com
                  IN A
                  111.45.11.83
                • flag-us
                  DNS
                  www.jiehun.cn
                  msedge.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  www.jiehun.cn
                  IN A
                  Response
                  www.jiehun.cn
                  IN A
                  61.160.251.208
                • flag-us
                  DNS
                  157.123.68.40.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  157.123.68.40.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  18.31.95.13.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  18.31.95.13.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  142.126.19.2.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  142.126.19.2.in-addr.arpa
                  IN PTR
                  Response
                  142.126.19.2.in-addr.arpa
                  IN PTR
                  a2-19-126-142deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  77.190.18.2.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  77.190.18.2.in-addr.arpa
                  IN PTR
                  Response
                  77.190.18.2.in-addr.arpa
                  IN PTR
                  a2-18-190-77deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  165.191.110.104.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  165.191.110.104.in-addr.arpa
                  IN PTR
                  Response
                  165.191.110.104.in-addr.arpa
                  IN PTR
                  a104-110-191-165deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  43.229.111.52.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  43.229.111.52.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  tse1.mm.bing.net
                  Remote address:
                  8.8.8.8:53
                  Request
                  tse1.mm.bing.net
                  IN A
                  Response
                  tse1.mm.bing.net
                  IN CNAME
                  mm-mm.bing.net.trafficmanager.net
                  mm-mm.bing.net.trafficmanager.net
                  IN CNAME
                  dual-a-0001.a-msedge.net
                  dual-a-0001.a-msedge.net
                  IN A
                  204.79.197.200
                  dual-a-0001.a-msedge.net
                  IN A
                  13.107.21.200
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239370255188_1EKPMYV01DV13G64K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239370255188_1EKPMYV01DV13G64K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 415458
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 5C54D2421116447FA3454ED4643144B3 Ref B: LON04EDGE0809 Ref C: 2024-05-05T15:07:48Z
                  date: Sun, 05 May 2024 15:07:47 GMT
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 682798
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: F1422FE89AF44CA68DA9788A45672952 Ref B: LON04EDGE0809 Ref C: 2024-05-05T15:07:48Z
                  date: Sun, 05 May 2024 15:07:47 GMT
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 664406
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 46659C5F13A64CD792CF3DAA68AAE7E8 Ref B: LON04EDGE0809 Ref C: 2024-05-05T15:07:48Z
                  date: Sun, 05 May 2024 15:07:47 GMT
                • flag-us
                  GET
                  https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                  Remote address:
                  204.79.197.200:443
                  Request
                  GET /th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                  host: tse1.mm.bing.net
                  accept: */*
                  accept-encoding: gzip, deflate, br
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                  Response
                  HTTP/2.0 200
                  cache-control: public, max-age=2592000
                  content-length: 430689
                  content-type: image/jpeg
                  x-cache: TCP_HIT
                  access-control-allow-origin: *
                  access-control-allow-headers: *
                  access-control-allow-methods: GET, POST, OPTIONS
                  timing-allow-origin: *
                  report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                  nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                  x-msedge-ref: Ref A: 31E0F793671C4A1786B828564D8CB341 Ref B: LON04EDGE0809 Ref C: 2024-05-05T15:07:48Z
                  date: Sun, 05 May 2024 15:07:47 GMT
                • 170.178.222.41:80
                  www.googleadsl.com
                  msedge.exe
                  260 B
                  5
                • 39.105.18.168:80
                  t.cn
                  msedge.exe
                  260 B
                  5
                • 39.105.18.168:80
                  t.cn
                  msedge.exe
                  260 B
                  5
                • 170.178.222.41:80
                  www.googleadsl.com
                  msedge.exe
                  260 B
                  5
                • 1.71.157.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 1.71.157.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 204.79.197.237:443
                  https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8eNJHdQhqZfHWBRQoTTaWzDVUCUwGjdlw1msc8FekEBnw-kCXq8F4--JBNp9WHxKIrtXnlZSBe3AOD1z_MinaWOZUyKHDMcfcuPgMPv-qAB2ZZ5uw6h3_5_pQgk_1nHomV1D2JsWgJ3SXymTolDGTZTyDaexknxkHuvBDuDeN6_WaH3T3%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOTTlWNkZRWFBEWCUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Db6af3340e6b21c3539dd5562cfd54102&TIME=20240419T082158Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&muid=9686F94716CC59E27F90076D2B78DA93
                  tls, http2
                  2.5kB
                  9.0kB
                  20
                  17

                  HTTP Request

                  GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8eNJHdQhqZfHWBRQoTTaWzDVUCUwGjdlw1msc8FekEBnw-kCXq8F4--JBNp9WHxKIrtXnlZSBe3AOD1z_MinaWOZUyKHDMcfcuPgMPv-qAB2ZZ5uw6h3_5_pQgk_1nHomV1D2JsWgJ3SXymTolDGTZTyDaexknxkHuvBDuDeN6_WaH3T3%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOTTlWNkZRWFBEWCUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Db6af3340e6b21c3539dd5562cfd54102&TIME=20240419T082158Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&muid=9686F94716CC59E27F90076D2B78DA93

                  HTTP Response

                  204

                  HTTP Request

                  GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8eNJHdQhqZfHWBRQoTTaWzDVUCUwGjdlw1msc8FekEBnw-kCXq8F4--JBNp9WHxKIrtXnlZSBe3AOD1z_MinaWOZUyKHDMcfcuPgMPv-qAB2ZZ5uw6h3_5_pQgk_1nHomV1D2JsWgJ3SXymTolDGTZTyDaexknxkHuvBDuDeN6_WaH3T3%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOTTlWNkZRWFBEWCUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Db6af3340e6b21c3539dd5562cfd54102&TIME=20240419T082158Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710&muid=9686F94716CC59E27F90076D2B78DA93

                  HTTP Response

                  204
                • 23.62.61.194:443
                  https://www.bing.com/aes/c.gif?RG=a18305e92ece47c78b829258a562221c&med=10&PubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240419T082158Z&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710
                  tls, http2
                  1.4kB
                  5.3kB
                  16
                  10

                  HTTP Request

                  GET https://www.bing.com/aes/c.gif?RG=a18305e92ece47c78b829258a562221c&med=10&PubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240419T082158Z&adUnitId=11730597&localId=w:9686F947-16CC-59E2-7F90-076D2B78DA93&deviceId=6825828473710710

                  HTTP Response

                  200
                • 20.231.121.79:80
                  46 B
                  1
                • 1.71.157.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 1.71.157.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 1.71.157.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 1.71.157.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 61.160.251.208:80
                  www.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 61.160.251.208:80
                  www.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 183.240.98.228:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 183.240.98.228:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 182.140.225.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.140.225.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.140.225.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.140.225.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.140.225.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.140.225.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 14.215.182.140:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 14.215.182.140:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 183.61.177.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 183.61.177.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 183.61.177.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 183.61.177.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 183.61.177.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 183.61.177.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 14.215.183.79:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 14.215.183.79:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 220.169.152.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 220.169.152.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 220.169.152.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 220.169.152.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 220.169.152.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 220.169.152.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 111.45.3.198:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 111.45.3.198:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 222.216.122.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 222.216.122.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 204.79.197.200:443
                  https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                  tls, http2
                  81.1kB
                  2.3MB
                  1669
                  1666

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239370255188_1EKPMYV01DV13G64K&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239370255189_1E7XE0SO5A57SENIS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                  HTTP Request

                  GET https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                  HTTP Response

                  200

                  HTTP Response

                  200

                  HTTP Response

                  200

                  HTTP Response

                  200
                • 204.79.197.200:443
                  tse1.mm.bing.net
                  tls, http2
                  1.2kB
                  8.1kB
                  16
                  14
                • 204.79.197.200:443
                  tse1.mm.bing.net
                  tls, http2
                  1.2kB
                  8.1kB
                  16
                  14
                • 204.79.197.200:443
                  tse1.mm.bing.net
                  tls, http2
                  1.2kB
                  8.1kB
                  16
                  14
                • 222.216.122.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 222.216.122.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 222.216.122.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 222.216.122.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 111.45.11.83:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 111.45.11.83:80
                  hm.baidu.com
                  msedge.exe
                  260 B
                  5
                • 182.106.158.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.106.158.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.106.158.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.106.158.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.106.158.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 182.106.158.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 1.193.146.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 1.193.146.35:80
                  img1.jiehun.cn
                  msedge.exe
                  260 B
                  5
                • 1.193.146.35:80
                  img1.jiehun.cn
                  msedge.exe
                  104 B
                  2
                • 1.193.146.35:80
                  img1.jiehun.cn
                  msedge.exe
                  104 B
                  2
                • 1.193.146.35:80
                  img1.jiehun.cn
                  msedge.exe
                  104 B
                  2
                • 1.193.146.35:80
                  img1.jiehun.cn
                  msedge.exe
                  104 B
                  2
                • 1.194.253.35:80
                  img1.jiehun.cn
                  msedge.exe
                  52 B
                  1
                • 1.194.253.35:80
                  img1.jiehun.cn
                  msedge.exe
                  52 B
                  1
                • 8.8.8.8:53
                  t.cn
                  dns
                  msedge.exe
                  50 B
                  66 B
                  1
                  1

                  DNS Request

                  t.cn

                  DNS Response

                  39.105.18.168

                • 8.8.8.8:53
                  img1.jiehun.cn
                  dns
                  msedge.exe
                  60 B
                  294 B
                  1
                  1

                  DNS Request

                  img1.jiehun.cn

                  DNS Response

                  1.71.157.35
                  182.140.225.35
                  183.61.177.35
                  220.169.152.35
                  222.216.122.35
                  182.106.158.35
                  1.193.146.35
                  1.194.253.35
                  27.221.77.35
                  58.42.14.35

                • 8.8.8.8:53
                  www.googleadsl.com
                  dns
                  msedge.exe
                  64 B
                  80 B
                  1
                  1

                  DNS Request

                  www.googleadsl.com

                  DNS Response

                  170.178.222.41

                • 8.8.8.8:53
                  183.142.211.20.in-addr.arpa
                  dns
                  73 B
                  159 B
                  1
                  1

                  DNS Request

                  183.142.211.20.in-addr.arpa

                • 8.8.8.8:53
                  68.32.126.40.in-addr.arpa
                  dns
                  71 B
                  157 B
                  1
                  1

                  DNS Request

                  68.32.126.40.in-addr.arpa

                • 8.8.8.8:53
                  79.190.18.2.in-addr.arpa
                  dns
                  70 B
                  133 B
                  1
                  1

                  DNS Request

                  79.190.18.2.in-addr.arpa

                • 8.8.8.8:53
                  g.bing.com
                  dns
                  56 B
                  151 B
                  1
                  1

                  DNS Request

                  g.bing.com

                  DNS Response

                  204.79.197.237
                  13.107.21.237

                • 8.8.8.8:53
                  237.197.79.204.in-addr.arpa
                  dns
                  73 B
                  143 B
                  1
                  1

                  DNS Request

                  237.197.79.204.in-addr.arpa

                • 8.8.8.8:53
                  194.61.62.23.in-addr.arpa
                  dns
                  71 B
                  135 B
                  1
                  1

                  DNS Request

                  194.61.62.23.in-addr.arpa

                • 8.8.8.8:53
                  43.58.199.20.in-addr.arpa
                  dns
                  71 B
                  157 B
                  1
                  1

                  DNS Request

                  43.58.199.20.in-addr.arpa

                • 224.0.0.251:5353
                  315 B
                  5
                • 8.8.8.8:53
                  228.249.119.40.in-addr.arpa
                  dns
                  73 B
                  159 B
                  1
                  1

                  DNS Request

                  228.249.119.40.in-addr.arpa

                • 8.8.8.8:53
                  hm.baidu.com
                  dns
                  msedge.exe
                  58 B
                  164 B
                  1
                  1

                  DNS Request

                  hm.baidu.com

                  DNS Response

                  183.240.98.228
                  14.215.182.140
                  14.215.183.79
                  111.45.3.198
                  111.45.11.83

                • 8.8.8.8:53
                  www.jiehun.cn
                  dns
                  msedge.exe
                  59 B
                  75 B
                  1
                  1

                  DNS Request

                  www.jiehun.cn

                  DNS Response

                  61.160.251.208

                • 8.8.8.8:53
                  157.123.68.40.in-addr.arpa
                  dns
                  72 B
                  146 B
                  1
                  1

                  DNS Request

                  157.123.68.40.in-addr.arpa

                • 8.8.8.8:53
                  18.31.95.13.in-addr.arpa
                  dns
                  70 B
                  144 B
                  1
                  1

                  DNS Request

                  18.31.95.13.in-addr.arpa

                • 8.8.8.8:53
                  142.126.19.2.in-addr.arpa
                  dns
                  71 B
                  135 B
                  1
                  1

                  DNS Request

                  142.126.19.2.in-addr.arpa

                • 8.8.8.8:53
                  77.190.18.2.in-addr.arpa
                  dns
                  70 B
                  133 B
                  1
                  1

                  DNS Request

                  77.190.18.2.in-addr.arpa

                • 8.8.8.8:53
                  165.191.110.104.in-addr.arpa
                  dns
                  74 B
                  141 B
                  1
                  1

                  DNS Request

                  165.191.110.104.in-addr.arpa

                • 8.8.8.8:53
                  43.229.111.52.in-addr.arpa
                  dns
                  72 B
                  158 B
                  1
                  1

                  DNS Request

                  43.229.111.52.in-addr.arpa

                • 8.8.8.8:53
                  tse1.mm.bing.net
                  dns
                  62 B
                  173 B
                  1
                  1

                  DNS Request

                  tse1.mm.bing.net

                  DNS Response

                  204.79.197.200
                  13.107.21.200

                MITRE ATT&CK Enterprise v15

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                  Filesize

                  152B

                  MD5

                  8b2290ca03b4ca5fe52d82550c7e7d69

                  SHA1

                  20583a7851a906444204ce8ba4fa51153e6cd494

                  SHA256

                  f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2

                  SHA512

                  704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                  Filesize

                  152B

                  MD5

                  919c29d42fb6034fee2f5de14d573c63

                  SHA1

                  24a2e1042347b3853344157239bde3ed699047a8

                  SHA256

                  17cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141

                  SHA512

                  bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                  Filesize

                  5KB

                  MD5

                  02c4274f4f5f7409aea42e76fac4d622

                  SHA1

                  81337f422b2ac4ab8de3aa0c97eb7d6627573bf2

                  SHA256

                  83ce3c63e41d25778863153a49ace03c65848d010f7282debf5ff40477c20b16

                  SHA512

                  6c9b2a23302c788a8f95a94f24daff213cb2e7aa91a097d31fbc1315d7841ce7ed411fa99edd9c12e048b0dd9dbd280f33dd6d73b360f82fbfd2c2a2fcbbdee6

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                  Filesize

                  6KB

                  MD5

                  f495f26fd03ed50b0450c14cae5a6a6c

                  SHA1

                  b10deda279379db89aeecdfeccc1a7210cf8fd3c

                  SHA256

                  d67b5e0ae09cea4d1e22239a6f3383c35117b6b6ca9e486478830cb7312b0329

                  SHA512

                  2156b2af5b037cb12131e3142ae8fb6232179ae76810f5e5ed08504763f6919e02a2103a02977e22c62ad76813eece3b350da8a0e7e1486b837e9f885b9cd69c

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                  Filesize

                  6KB

                  MD5

                  67fbe711a5408f33056eea730de99958

                  SHA1

                  b116148b913f93cbf2975c96b2880dce866aeb96

                  SHA256

                  042f66bba3f441269fa2667a068989a8abcf45d3b53e4b7ecc1afa1bb9780c37

                  SHA512

                  cb217708188e6e6b0edc02b5a8738d21c9cf01cb005a70f0ff36ae0b35684a84b17b18b7df3ec2395c10e493493c6d69b94c21fba6f54788da74977cad4fce42

                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                  Filesize

                  11KB

                  MD5

                  27db1907eaf1c1c38800c56d23472c94

                  SHA1

                  e6c1a1b8b22d422d821613d64cd6f4584a26d8fc

                  SHA256

                  e473bf588718bdbeca7f1dd7c405f1df7f7e0ed9ed798acac2d6f0404607b57a

                  SHA512

                  681ba89be66694859a9b4c66e990c7ff28d86137d6b1fc65c362a3b57b8feae5783d66628c2d03a2a8999a838d0db56a17276f01f5cfc846f212444244074b6f

                We care about your privacy.

                This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.