Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

8b5b3b451a...cs.pdf

windows7-x64

1

8b5b3b451a...cs.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/05/2024, 05:44 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b5b3b451a92c889844d28d5ca19ebb0_NeikiAnalytics.pdf

  • Size

    34KB

  • MD5

    8b5b3b451a92c889844d28d5ca19ebb0

  • SHA1

    94cfa2cd3b021de335572ed508546a9cb9ad37f0

  • SHA256

    68cf9f900eb9453e7c2efdfdaeca8242e0b074346a27bee2f98853938537589b

  • SHA512

    e03fb9738ce24eee5fa18846ed7c8492d73159b7111343218f728d41d3de6e2f4977e1405e4bdcb3f1da9a0aa1868b8e583ceffca066f1b502bffe12fe1e1986

  • SSDEEP

    768:87JRrroJdFHS6Js7EwfGxlXLjEbs9ovWas6ymLry:4kJrxJsQwexl3Hq+aBry

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8b5b3b451a92c889844d28d5ca19ebb0_NeikiAnalytics.pdf"
    1⤵
    • Checks processor information in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4564
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4900
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=43022ACD8BAA98EE9E65DF835B4AED11 --mojo-platform-channel-handle=1740 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
          PID:2484
        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=96E909702677C2AE7E968C23052F5E1A --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=96E909702677C2AE7E968C23052F5E1A --renderer-client-id=2 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job /prefetch:1
          3⤵
            PID:4748
          • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
            "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=8D0EB3AAF5B3911D5A0F26321BA6E914 --mojo-platform-channel-handle=2308 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
            3⤵
              PID:3956
            • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
              "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=6F0FDFE3F894E71DCF7AB91FD5321560 --mojo-platform-channel-handle=1816 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
              3⤵
                PID:4860
              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=21377ACBD2BB8AA988EB0E3CF72E5474 --mojo-platform-channel-handle=2328 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                3⤵
                  PID:2604
                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=1A112C866742E982742FFA35305A36F2 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=1A112C866742E982742FFA35305A36F2 --renderer-client-id=7 --mojo-platform-channel-handle=2540 --allow-no-sandbox-job /prefetch:1
                  3⤵
                    PID:5048

              Network

              • flag-us
                DNS
                g.bing.com
                Remote address:
                8.8.8.8:53
                Request
                g.bing.com
                IN A
                Response
                g.bing.com
                IN CNAME
                g-bing-com.dual-a-0034.a-msedge.net
                g-bing-com.dual-a-0034.a-msedge.net
                IN CNAME
                dual-a-0034.a-msedge.net
                dual-a-0034.a-msedge.net
                IN A
                204.79.197.237
                dual-a-0034.a-msedge.net
                IN A
                13.107.21.237
              • flag-us
                DNS
                13.86.106.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                13.86.106.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                172.210.232.199.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                172.210.232.199.in-addr.arpa
                IN PTR
                Response
              • flag-us
                GET
                https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82GMRru-kh4J5hrJYRSlN8DVUCUxqsR21sEpTKYpOgdFXcirkXPxWzGtujdOMSzp2FfL1qAqy0WMFINWXBKACYPN11P_OpVcnyM6jW6saRnWsvKwCKXMkisNSM-VGoLYwciNwOWkpb71AmUwXZgAYhMTPDfZpnqXn5jD7Ho00Z_ou04eB%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D963c0f6abf891a7a008b69410d755a89&TIME=20240426T135850Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038&muid=416143B6C3858B3296EFB62827C91949
                Remote address:
                204.79.197.237:443
                Request
                GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82GMRru-kh4J5hrJYRSlN8DVUCUxqsR21sEpTKYpOgdFXcirkXPxWzGtujdOMSzp2FfL1qAqy0WMFINWXBKACYPN11P_OpVcnyM6jW6saRnWsvKwCKXMkisNSM-VGoLYwciNwOWkpb71AmUwXZgAYhMTPDfZpnqXn5jD7Ho00Z_ou04eB%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D963c0f6abf891a7a008b69410d755a89&TIME=20240426T135850Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038&muid=416143B6C3858B3296EFB62827C91949 HTTP/2.0
                host: g.bing.com
                accept-encoding: gzip, deflate
                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                Response
                HTTP/2.0 204
                cache-control: no-cache, must-revalidate
                pragma: no-cache
                expires: Fri, 01 Jan 1990 00:00:00 GMT
                set-cookie: MUID=13C0E6AAA03F6AAD06B5F2D6A1DF6BF8; domain=.bing.com; expires=Thu, 05-Jun-2025 05:44:33 GMT; path=/; SameSite=None; Secure; Priority=High;
                strict-transport-security: max-age=31536000; includeSubDomains; preload
                access-control-allow-origin: *
                x-cache: CONFIG_NOCACHE
                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                x-msedge-ref: Ref A: D1CBA59E56B94299AC4ACBCB8B5EFC37 Ref B: LON04EDGE1014 Ref C: 2024-05-11T05:44:33Z
                date: Sat, 11 May 2024 05:44:33 GMT
              • flag-us
                GET
                https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82GMRru-kh4J5hrJYRSlN8DVUCUxqsR21sEpTKYpOgdFXcirkXPxWzGtujdOMSzp2FfL1qAqy0WMFINWXBKACYPN11P_OpVcnyM6jW6saRnWsvKwCKXMkisNSM-VGoLYwciNwOWkpb71AmUwXZgAYhMTPDfZpnqXn5jD7Ho00Z_ou04eB%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D963c0f6abf891a7a008b69410d755a89&TIME=20240426T135850Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038&muid=416143B6C3858B3296EFB62827C91949
                Remote address:
                204.79.197.237:443
                Request
                GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82GMRru-kh4J5hrJYRSlN8DVUCUxqsR21sEpTKYpOgdFXcirkXPxWzGtujdOMSzp2FfL1qAqy0WMFINWXBKACYPN11P_OpVcnyM6jW6saRnWsvKwCKXMkisNSM-VGoLYwciNwOWkpb71AmUwXZgAYhMTPDfZpnqXn5jD7Ho00Z_ou04eB%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D963c0f6abf891a7a008b69410d755a89&TIME=20240426T135850Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038&muid=416143B6C3858B3296EFB62827C91949 HTTP/2.0
                host: g.bing.com
                accept-encoding: gzip, deflate
                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                cookie: MUID=13C0E6AAA03F6AAD06B5F2D6A1DF6BF8; _EDGE_S=SID=2B45C0D05CFE6FCA27DBD4AC5DB66EDD
                Response
                HTTP/2.0 204
                cache-control: no-cache, must-revalidate
                pragma: no-cache
                expires: Fri, 01 Jan 1990 00:00:00 GMT
                set-cookie: MSPTC=j7MQYGjmx8U5OBaApz-Tu5yRkk_f0QOOzGuhWFeyM8E; domain=.bing.com; expires=Thu, 05-Jun-2025 05:44:34 GMT; path=/; Partitioned; secure; SameSite=None
                strict-transport-security: max-age=31536000; includeSubDomains; preload
                access-control-allow-origin: *
                x-cache: CONFIG_NOCACHE
                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                x-msedge-ref: Ref A: 858A3941B3D14FC3AC9F86003445687A Ref B: LON04EDGE1014 Ref C: 2024-05-11T05:44:34Z
                date: Sat, 11 May 2024 05:44:33 GMT
              • flag-be
                GET
                https://www.bing.com/aes/c.gif?RG=c5e9915a2dc14af882208b7515ab22d6&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T135850Z&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038
                Remote address:
                88.221.83.202:443
                Request
                GET /aes/c.gif?RG=c5e9915a2dc14af882208b7515ab22d6&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T135850Z&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038 HTTP/2.0
                host: www.bing.com
                accept-encoding: gzip, deflate
                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                cookie: MUID=13C0E6AAA03F6AAD06B5F2D6A1DF6BF8
                Response
                HTTP/2.0 200
                cache-control: private,no-store
                pragma: no-cache
                vary: Origin
                p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                x-msedge-ref: Ref A: 015BB7D4BE334BA6AD44623F418817A3 Ref B: BRU30EDGE0920 Ref C: 2024-05-11T05:44:34Z
                content-length: 0
                date: Sat, 11 May 2024 05:44:34 GMT
                set-cookie: _EDGE_S=SID=2B45C0D05CFE6FCA27DBD4AC5DB66EDD; path=/; httponly; domain=bing.com
                set-cookie: MUIDB=13C0E6AAA03F6AAD06B5F2D6A1DF6BF8; path=/; httponly; expires=Thu, 05-Jun-2025 05:44:34 GMT
                alt-svc: h3=":443"; ma=93600
                x-cdn-traceid: 0.c653dd58.1715406274.1e561272
              • flag-us
                DNS
                237.197.79.204.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                237.197.79.204.in-addr.arpa
                IN PTR
                Response
              • flag-be
                GET
                https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                Remote address:
                88.221.83.192:443
                Request
                GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
                host: www.bing.com
                accept: */*
                cookie: MUID=13C0E6AAA03F6AAD06B5F2D6A1DF6BF8; _EDGE_S=SID=2B45C0D05CFE6FCA27DBD4AC5DB66EDD; MSPTC=j7MQYGjmx8U5OBaApz-Tu5yRkk_f0QOOzGuhWFeyM8E; MUIDB=13C0E6AAA03F6AAD06B5F2D6A1DF6BF8
                accept-encoding: gzip, deflate, br
                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                Response
                HTTP/2.0 200
                cache-control: public, max-age=2592000
                content-type: image/png
                access-control-allow-origin: *
                access-control-allow-headers: *
                access-control-allow-methods: GET, POST, OPTIONS
                timing-allow-origin: *
                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                content-length: 1107
                date: Sat, 11 May 2024 05:44:35 GMT
                alt-svc: h3=":443"; ma=93600
                x-cdn-traceid: 0.bc53dd58.1715406275.cb2cbfe
              • flag-us
                DNS
                95.221.229.192.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                95.221.229.192.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                138.32.126.40.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                138.32.126.40.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                202.83.221.88.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                202.83.221.88.in-addr.arpa
                IN PTR
                Response
                202.83.221.88.in-addr.arpa
                IN PTR
                a88-221-83-202deploystaticakamaitechnologiescom
              • flag-us
                DNS
                192.83.221.88.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                192.83.221.88.in-addr.arpa
                IN PTR
                Response
                192.83.221.88.in-addr.arpa
                IN PTR
                a88-221-83-192deploystaticakamaitechnologiescom
              • flag-us
                DNS
                144.96.55.23.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                144.96.55.23.in-addr.arpa
                IN PTR
                Response
                144.96.55.23.in-addr.arpa
                IN PTR
                a23-55-96-144deploystaticakamaitechnologiescom
              • flag-us
                DNS
                130.15.31.184.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                130.15.31.184.in-addr.arpa
                IN PTR
                Response
                130.15.31.184.in-addr.arpa
                IN PTR
                a184-31-15-130deploystaticakamaitechnologiescom
              • flag-us
                DNS
                26.165.165.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                26.165.165.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                171.39.242.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                171.39.242.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                57.15.31.184.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                57.15.31.184.in-addr.arpa
                IN PTR
                Response
                57.15.31.184.in-addr.arpa
                IN PTR
                a184-31-15-57deploystaticakamaitechnologiescom
              • flag-us
                DNS
                58.99.105.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                58.99.105.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                11.227.111.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                11.227.111.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                57.169.31.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                57.169.31.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                57.169.31.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                57.169.31.20.in-addr.arpa
                IN PTR
              • flag-us
                DNS
                tse1.mm.bing.net
                Remote address:
                8.8.8.8:53
                Request
                tse1.mm.bing.net
                IN A
                Response
                tse1.mm.bing.net
                IN CNAME
                mm-mm.bing.net.trafficmanager.net
                mm-mm.bing.net.trafficmanager.net
                IN CNAME
                dual-a-0001.a-msedge.net
                dual-a-0001.a-msedge.net
                IN A
                204.79.197.200
                dual-a-0001.a-msedge.net
                IN A
                13.107.21.200
              • flag-us
                GET
                https://tse1.mm.bing.net/th?id=OADD2.10239381702592_1OT5ET7HCG1M9EIRY&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                Remote address:
                204.79.197.200:443
                Request
                GET /th?id=OADD2.10239381702592_1OT5ET7HCG1M9EIRY&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                host: tse1.mm.bing.net
                accept: */*
                accept-encoding: gzip, deflate, br
                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                Response
                HTTP/2.0 200
                cache-control: public, max-age=2592000
                content-length: 499516
                content-type: image/jpeg
                x-cache: TCP_HIT
                access-control-allow-origin: *
                access-control-allow-headers: *
                access-control-allow-methods: GET, POST, OPTIONS
                timing-allow-origin: *
                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                x-msedge-ref: Ref A: 43211D5CD28B4256872C085D70D3729D Ref B: LON04EDGE1017 Ref C: 2024-05-11T05:46:08Z
                date: Sat, 11 May 2024 05:46:08 GMT
              • flag-us
                GET
                https://tse1.mm.bing.net/th?id=OADD2.10239381705588_1WA9C34P2B6OXP331&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                Remote address:
                204.79.197.200:443
                Request
                GET /th?id=OADD2.10239381705588_1WA9C34P2B6OXP331&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                host: tse1.mm.bing.net
                accept: */*
                accept-encoding: gzip, deflate, br
                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                Response
                HTTP/2.0 200
                cache-control: public, max-age=2592000
                content-length: 476246
                content-type: image/jpeg
                x-cache: TCP_HIT
                access-control-allow-origin: *
                access-control-allow-headers: *
                access-control-allow-methods: GET, POST, OPTIONS
                timing-allow-origin: *
                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                x-msedge-ref: Ref A: 5E3D5F3726E74D368F808CE3360DD599 Ref B: LON04EDGE1017 Ref C: 2024-05-11T05:46:08Z
                date: Sat, 11 May 2024 05:46:08 GMT
              • flag-us
                GET
                https://tse1.mm.bing.net/th?id=OADD2.10239381705589_1UZ6HI7DU1RQLXLFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                Remote address:
                204.79.197.200:443
                Request
                GET /th?id=OADD2.10239381705589_1UZ6HI7DU1RQLXLFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                host: tse1.mm.bing.net
                accept: */*
                accept-encoding: gzip, deflate, br
                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                Response
                HTTP/2.0 200
                cache-control: public, max-age=2592000
                content-length: 382817
                content-type: image/jpeg
                x-cache: TCP_HIT
                access-control-allow-origin: *
                access-control-allow-headers: *
                access-control-allow-methods: GET, POST, OPTIONS
                timing-allow-origin: *
                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                x-msedge-ref: Ref A: 3822A351BC624ED78401E675CB1EDE72 Ref B: LON04EDGE1017 Ref C: 2024-05-11T05:46:08Z
                date: Sat, 11 May 2024 05:46:08 GMT
              • flag-us
                GET
                https://tse1.mm.bing.net/th?id=OADD2.10239381702593_1BLW9LYE0FMIB48EX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                Remote address:
                204.79.197.200:443
                Request
                GET /th?id=OADD2.10239381702593_1BLW9LYE0FMIB48EX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                host: tse1.mm.bing.net
                accept: */*
                accept-encoding: gzip, deflate, br
                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                Response
                HTTP/2.0 200
                cache-control: public, max-age=2592000
                content-length: 464243
                content-type: image/jpeg
                x-cache: TCP_HIT
                access-control-allow-origin: *
                access-control-allow-headers: *
                access-control-allow-methods: GET, POST, OPTIONS
                timing-allow-origin: *
                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                x-msedge-ref: Ref A: 334FEF95D99C4F5195999C2CF029E12F Ref B: LON04EDGE1017 Ref C: 2024-05-11T05:46:08Z
                date: Sat, 11 May 2024 05:46:08 GMT
              • flag-us
                DNS
                84.65.42.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                84.65.42.20.in-addr.arpa
                IN PTR
                Response
              • 204.79.197.237:443
                https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82GMRru-kh4J5hrJYRSlN8DVUCUxqsR21sEpTKYpOgdFXcirkXPxWzGtujdOMSzp2FfL1qAqy0WMFINWXBKACYPN11P_OpVcnyM6jW6saRnWsvKwCKXMkisNSM-VGoLYwciNwOWkpb71AmUwXZgAYhMTPDfZpnqXn5jD7Ho00Z_ou04eB%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D963c0f6abf891a7a008b69410d755a89&TIME=20240426T135850Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038&muid=416143B6C3858B3296EFB62827C91949
                tls, http2
                2.5kB
                 9.0kB
                 19
                17

                HTTP Request

                GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82GMRru-kh4J5hrJYRSlN8DVUCUxqsR21sEpTKYpOgdFXcirkXPxWzGtujdOMSzp2FfL1qAqy0WMFINWXBKACYPN11P_OpVcnyM6jW6saRnWsvKwCKXMkisNSM-VGoLYwciNwOWkpb71AmUwXZgAYhMTPDfZpnqXn5jD7Ho00Z_ou04eB%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D963c0f6abf891a7a008b69410d755a89&TIME=20240426T135850Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038&muid=416143B6C3858B3296EFB62827C91949

                HTTP Response

                204

                HTTP Request

                GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De82GMRru-kh4J5hrJYRSlN8DVUCUxqsR21sEpTKYpOgdFXcirkXPxWzGtujdOMSzp2FfL1qAqy0WMFINWXBKACYPN11P_OpVcnyM6jW6saRnWsvKwCKXMkisNSM-VGoLYwciNwOWkpb71AmUwXZgAYhMTPDfZpnqXn5jD7Ho00Z_ou04eB%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D963c0f6abf891a7a008b69410d755a89&TIME=20240426T135850Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038&muid=416143B6C3858B3296EFB62827C91949

                HTTP Response

                204
              • 88.221.83.202:443
                https://www.bing.com/aes/c.gif?RG=c5e9915a2dc14af882208b7515ab22d6&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T135850Z&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038
                tls, http2
                1.5kB
                 5.4kB
                 17
                12

                HTTP Request

                GET https://www.bing.com/aes/c.gif?RG=c5e9915a2dc14af882208b7515ab22d6&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T135850Z&adUnitId=11730597&localId=w:416143B6-C385-8B32-96EF-B62827C91949&deviceId=6825828828137038

                HTTP Response

                200
              • 88.221.83.192:443
                https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                tls, http2
                1.6kB
                 6.4kB
                 17
                12

                HTTP Request

                GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

                HTTP Response

                200
              • 204.79.197.200:443
                https://tse1.mm.bing.net/th?id=OADD2.10239381702593_1BLW9LYE0FMIB48EX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                tls, http2
                65.3kB
                 1.9MB
                 1393
                1390

                HTTP Request

                GET https://tse1.mm.bing.net/th?id=OADD2.10239381702592_1OT5ET7HCG1M9EIRY&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                HTTP Request

                GET https://tse1.mm.bing.net/th?id=OADD2.10239381705588_1WA9C34P2B6OXP331&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                HTTP Request

                GET https://tse1.mm.bing.net/th?id=OADD2.10239381705589_1UZ6HI7DU1RQLXLFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                HTTP Request

                GET https://tse1.mm.bing.net/th?id=OADD2.10239381702593_1BLW9LYE0FMIB48EX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                HTTP Response

                200

                HTTP Response

                200

                HTTP Response

                200

                HTTP Response

                200
              • 204.79.197.200:443
                tse1.mm.bing.net
                tls, http2
                1.1kB
                 8.0kB
                 14
                11
              • 204.79.197.200:443
                tse1.mm.bing.net
                tls, http2
                1.1kB
                 8.0kB
                 14
                12
              • 204.79.197.200:443
                tse1.mm.bing.net
                tls, http2
                1.1kB
                 8.0kB
                 14
                12
              • 8.8.8.8:53
                g.bing.com
                dns
                56 B
                 151 B
                 1
                1

                DNS Request

                g.bing.com

                DNS Response

                204.79.197.237
                13.107.21.237

              • 8.8.8.8:53
                13.86.106.20.in-addr.arpa
                dns
                71 B
                 157 B
                 1
                1

                DNS Request

                13.86.106.20.in-addr.arpa

              • 8.8.8.8:53
                172.210.232.199.in-addr.arpa
                dns
                74 B
                 128 B
                 1
                1

                DNS Request

                172.210.232.199.in-addr.arpa

              • 8.8.8.8:53
                237.197.79.204.in-addr.arpa
                dns
                73 B
                 143 B
                 1
                1

                DNS Request

                237.197.79.204.in-addr.arpa

              • 8.8.8.8:53
                95.221.229.192.in-addr.arpa
                dns
                73 B
                 144 B
                 1
                1

                DNS Request

                95.221.229.192.in-addr.arpa

              • 8.8.8.8:53
                138.32.126.40.in-addr.arpa
                dns
                72 B
                 158 B
                 1
                1

                DNS Request

                138.32.126.40.in-addr.arpa

              • 8.8.8.8:53
                202.83.221.88.in-addr.arpa
                dns
                72 B
                 137 B
                 1
                1

                DNS Request

                202.83.221.88.in-addr.arpa

              • 8.8.8.8:53
                192.83.221.88.in-addr.arpa
                dns
                72 B
                 137 B
                 1
                1

                DNS Request

                192.83.221.88.in-addr.arpa

              • 8.8.8.8:53
                144.96.55.23.in-addr.arpa
                dns
                71 B
                 135 B
                 1
                1

                DNS Request

                144.96.55.23.in-addr.arpa

              • 8.8.8.8:53
                130.15.31.184.in-addr.arpa
                dns
                72 B
                 137 B
                 1
                1

                DNS Request

                130.15.31.184.in-addr.arpa

              • 8.8.8.8:53
                26.165.165.52.in-addr.arpa
                dns
                72 B
                 146 B
                 1
                1

                DNS Request

                26.165.165.52.in-addr.arpa

              • 8.8.8.8:53
                171.39.242.20.in-addr.arpa
                dns
                72 B
                 158 B
                 1
                1

                DNS Request

                171.39.242.20.in-addr.arpa

              • 8.8.8.8:53
                57.15.31.184.in-addr.arpa
                dns
                71 B
                 135 B
                 1
                1

                DNS Request

                57.15.31.184.in-addr.arpa

              • 8.8.8.8:53
                58.99.105.20.in-addr.arpa
                dns
                71 B
                 157 B
                 1
                1

                DNS Request

                58.99.105.20.in-addr.arpa

              • 8.8.8.8:53
                11.227.111.52.in-addr.arpa
                dns
                72 B
                 158 B
                 1
                1

                DNS Request

                11.227.111.52.in-addr.arpa

              • 8.8.8.8:53
                57.169.31.20.in-addr.arpa
                dns
                142 B
                 157 B
                 2
                1

                DNS Request

                57.169.31.20.in-addr.arpa

                DNS Request

                57.169.31.20.in-addr.arpa

              • 8.8.8.8:53
                tse1.mm.bing.net
                dns
                62 B
                 173 B
                 1
                1

                DNS Request

                tse1.mm.bing.net

                DNS Response

                204.79.197.200
                13.107.21.200

              • 8.8.8.8:53
                84.65.42.20.in-addr.arpa
                dns
                70 B
                 156 B
                 1
                1

                DNS Request

                84.65.42.20.in-addr.arpa

              MITRE ATT&CK Enterprise v15

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
                Filesize

                64KB

                MD5

                8ff2784e290e1f701270cc3c89920408

                SHA1

                25865ff3c02cea2db6c74f3f2464935dcca8137e

                SHA256

                158720ddcf1f4ca81028f1fff3320cb797bb68eca392f70dc92809eae336a1b2

                SHA512

                435de4fdff166e6a5fe25d7242a9130a07f2cfca0b795823516c39470b05275718f99cd4517b0c8f821741c5111af3f3ed3734799934ea177cce5ccc86590502

                Download Submit

              • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
                Filesize

                36KB

                MD5

                b30d3becc8731792523d599d949e63f5

                SHA1

                19350257e42d7aee17fb3bf139a9d3adb330fad4

                SHA256

                b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

                SHA512

                523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

                Download Submit

              • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
                Filesize

                56KB

                MD5

                752a1f26b18748311b691c7d8fc20633

                SHA1

                c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

                SHA256

                111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

                SHA512

                a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

                Download Submit

              We care about your privacy.

              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.