169557cb3bbccd76428133bd79c44c95655c78cfbf598777dcbc4e69d6155b03

Analysis

max time kernel
144s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
16/05/2024, 08:40 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4a3ffcecb7318fcf205015c0d9eabe54_JaffaCakes118.html
Size

29KB
MD5

4a3ffcecb7318fcf205015c0d9eabe54
SHA1

897192dbe2031cbb9bb96543f1b250e22072a9c1
SHA256

169557cb3bbccd76428133bd79c44c95655c78cfbf598777dcbc4e69d6155b03
SHA512

0e428c72b1a3d4b4506212aeef61fa0411a597e9ae3d2ae2f1deaddb1ebbb0581aa4204707ada405f32893f012939efa925a8c88ca44f6feb6c3310e7c554a93
SSDEEP

192:STgE2XbpU3kFmtgbo9iWQVexJxqwCi4SixX046eWkQmfciJQNQQQBDjg5eykwkgB:STghbptbqQVwCiH4NYQQQRjQnkVDi

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4a3ffcecb7318fcf205015c0d9eabe54_JaffaCakes118.html
1⤵
PID:2356

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3220,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=4100 /prefetch:1
1⤵
PID:3916

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4912,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:1
1⤵
PID:3036

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5260,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=5276 /prefetch:1
1⤵
PID:1676

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5352,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=5488 /prefetch:8
1⤵
PID:3988

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5448,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:8
1⤵
PID:4916

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5984,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=5976 /prefetch:1
1⤵
PID:3940

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5664,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=5316 /prefetch:8
1⤵
PID:3628

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5792,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=5840 /prefetch:8
1⤵
PID:3788

Network

DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN A

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

IN A

94.245.104.56
DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN Unknown

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net
DNS

www.usacars.com

Remote address:

8.8.8.8:53

Request

www.usacars.com

IN A

Response

www.usacars.com

IN A

216.40.34.41
DNS

www.usacars.com

Remote address:

8.8.8.8:53

Request

www.usacars.com

IN Unknown

Response
DNS

www.fiberglassics.com

Remote address:

8.8.8.8:53

Request

www.fiberglassics.com

IN A

Response

www.fiberglassics.com

IN A

3.215.233.133
DNS

www.fiberglassics.com

Remote address:

8.8.8.8:53

Request

www.fiberglassics.com

IN Unknown

Response
GET

http://www.fiberglassics.com/00B/babyfg.jpg

Remote address:

3.215.233.133:80

Request

GET /00B/babyfg.jpg HTTP/1.1
Host: www.fiberglassics.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 16 May 2024 08:40:12 GMT
Server: Apache
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 2fa6f061b48af5b1d7a0c5d23dc87479=50a583507c8537f3c956b3d73f1af70b; path=/; secure; HttpOnly
Location: https://www.fiberglassics.com/00B/babyfg.jpg
Last-Modified: Thu, 16 May 2024 08:40:12 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
GET

http://www.usacars.com//components/com_comprofiler/plugin/language/default_language/images/tnnophoto.jpg

Remote address:

216.40.34.41:80

Request

GET //components/com_comprofiler/plugin/language/default_language/images/tnnophoto.jpg HTTP/1.1
Host: www.usacars.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 303 See Other

x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
location: https://i-c.net/domains-for-sale/components/com_comprofiler/plugin/language/default_language/images/tnnophoto.jpg
content-type: text/html; charset=utf-8
cache-control: no-cache
x-request-id: 1e476026-db98-4591-ad4b-ad2600ab1e27
x-runtime: 0.004373
transfer-encoding: chunked
GET

http://www.usacars.com//images/comprofiler/gallery/dog.gif

Remote address:

216.40.34.41:80

Request

GET //images/comprofiler/gallery/dog.gif HTTP/1.1
Host: www.usacars.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 303 See Other

x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
location: https://i-c.net/domains-for-sale/images/comprofiler/gallery/dog.gif
content-type: text/html; charset=utf-8
cache-control: no-cache
x-request-id: 85272c39-a9e5-40a9-8487-36abc51d7a7b
x-runtime: 0.005504
transfer-encoding: chunked
GET

http://www.usacars.com/plugins/content/kunenadiscuss/discuss.css

Remote address:

216.40.34.41:80

Request

GET /plugins/content/kunenadiscuss/discuss.css HTTP/1.1
Host: www.usacars.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 303 See Other

x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
location: https://i-c.net/domains-for-sale/plugins/content/kunenadiscuss/discuss.css
content-type: text/html; charset=utf-8
cache-control: no-cache
x-request-id: 4d763235-6e0b-4bb2-8eb3-588db9349ac1
x-runtime: 0.003673
transfer-encoding: chunked
GET

http://www.usacars.com/components/com_kunena/template/default/js/jquery-1.3.2.min.js

Remote address:

216.40.34.41:80

Request

GET /components/com_kunena/template/default/js/jquery-1.3.2.min.js HTTP/1.1
Host: www.usacars.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 303 See Other

x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
location: https://i-c.net/domains-for-sale/components/com_kunena/template/default/js/jquery-1.3.2.min.js
content-type: text/html; charset=utf-8
cache-control: no-cache
x-request-id: 0578ec29-5fb5-4113-98eb-db9a0674cca1
x-runtime: 0.006073
transfer-encoding: chunked
GET

http://www.usacars.com/components/com_adsmanager/css/adsmanager.css

Remote address:

216.40.34.41:80

Request

GET /components/com_adsmanager/css/adsmanager.css HTTP/1.1
Host: www.usacars.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 303 See Other

x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
location: https://i-c.net/domains-for-sale/components/com_adsmanager/css/adsmanager.css
content-type: text/html; charset=utf-8
cache-control: no-cache
x-request-id: c796fea9-4d91-4ea9-8169-22892b598931
x-runtime: 0.002918
transfer-encoding: chunked
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

96.16.53.162

a416.dscd.akamai.net

IN A

96.16.53.149
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

www.fiberglassics.com

Remote address:

8.8.8.8:53

Request

www.fiberglassics.com

IN A

Response

www.fiberglassics.com

IN A

3.215.233.133
DNS

www.fiberglassics.com

Remote address:

8.8.8.8:53

Request

www.fiberglassics.com

IN Unknown

Response
DNS

56.104.245.94.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.104.245.94.in-addr.arpa

IN PTR

Response
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

133.233.215.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.233.215.3.in-addr.arpa

IN PTR

Response

133.233.215.3.in-addr.arpa

IN PTR

mail fiberglassicscom
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

71.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.31.126.40.in-addr.arpa

IN PTR

Response
DNS

i-c.net

Remote address:

8.8.8.8:53

Request

i-c.net

IN A
DNS

i-c.net

Remote address:

8.8.8.8:53

Request

i-c.net

IN Unknown
GET

http://www.usacars.com/plugins/content/kunenadiscuss/discuss.js

Remote address:

216.40.34.41:80

Request

GET /plugins/content/kunenadiscuss/discuss.js HTTP/1.1
Host: www.usacars.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 303 See Other

x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
location: https://i-c.net/domains-for-sale/plugins/content/kunenadiscuss/discuss.js
content-type: text/html; charset=utf-8
cache-control: no-cache
x-request-id: 2c15256e-74fc-4911-8213-db42eb32dfed
x-runtime: 0.004361
transfer-encoding: chunked
GET

http://www.usacars.com/modules/mod_cbgallery/mod_cbgallery/cbgallery1.js

Remote address:

216.40.34.41:80

Request

GET /modules/mod_cbgallery/mod_cbgallery/cbgallery1.js HTTP/1.1
Host: www.usacars.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 303 See Other

x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
location: https://i-c.net/domains-for-sale/modules/mod_cbgallery/mod_cbgallery/cbgallery1.js
content-type: text/html; charset=utf-8
cache-control: no-cache
x-request-id: 01b363a6-de4e-410e-ba20-89ad9d4eae41
x-runtime: 0.002907
transfer-encoding: chunked
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

162.53.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

162.53.16.96.in-addr.arpa

IN PTR

Response

162.53.16.96.in-addr.arpa

IN PTR

a96-16-53-162deploystaticakamaitechnologiescom
DNS

41.34.40.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

41.34.40.216.in-addr.arpa

IN PTR

Response
DNS

i-c.net

Remote address:

8.8.8.8:53

Request

i-c.net

IN A
DNS

i-c.net

Remote address:

8.8.8.8:53

Request

i-c.net

IN Unknown

Response
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-1.ukwest.cloudapp.azure.com

prod-agic-uw-1.ukwest.cloudapp.azure.com

IN A

51.140.242.104
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-3.uksouth.cloudapp.azure.com
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

194.17.21.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.17.21.2.in-addr.arpa

IN PTR

Response

194.17.21.2.in-addr.arpa

IN PTR

a2-21-17-194deploystaticakamaitechnologiescom
DNS

i-c.net

Remote address:

8.8.8.8:53

Request

i-c.net

IN A

Response

i-c.net

IN A

54.86.199.205
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A
DNS

205.199.86.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.199.86.54.in-addr.arpa

IN PTR

Response

205.199.86.54.in-addr.arpa

IN PTR

hostingaccesstechnologynet
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

global-entry-afdthirdparty-fallback-first.trafficmanager.net

global-entry-afdthirdparty-fallback-first.trafficmanager.net

IN CNAME

dual.part-0036.t-0009.fb-t-msedge.net

dual.part-0036.t-0009.fb-t-msedge.net

IN CNAME

part-0036.t-0009.fb-t-msedge.net

part-0036.t-0009.fb-t-msedge.net

IN A

13.107.253.64

part-0036.t-0009.fb-t-msedge.net

IN A

13.107.226.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

global-entry-afdthirdparty-fallback-first.trafficmanager.net

global-entry-afdthirdparty-fallback-first.trafficmanager.net

IN CNAME

dual.part-0036.t-0009.fb-t-msedge.net

dual.part-0036.t-0009.fb-t-msedge.net

IN CNAME

part-0036.t-0009.fb-t-msedge.net
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

23.53.113.225
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

183.142.211.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.142.211.20.in-addr.arpa

IN PTR

Response
DNS

64.253.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.253.107.13.in-addr.arpa

IN PTR

Response
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

global-entry-afdthirdparty-fallback-first.trafficmanager.net

global-entry-afdthirdparty-fallback-first.trafficmanager.net

IN CNAME

dual.part-0036.t-0009.fb-t-msedge.net

dual.part-0036.t-0009.fb-t-msedge.net

IN CNAME

part-0036.t-0009.fb-t-msedge.net

part-0036.t-0009.fb-t-msedge.net

IN A

13.107.253.64

part-0036.t-0009.fb-t-msedge.net

IN A

13.107.226.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

global-entry-afdthirdparty-fallback-first.trafficmanager.net

global-entry-afdthirdparty-fallback-first.trafficmanager.net

IN CNAME

dual.part-0036.t-0009.fb-t-msedge.net

dual.part-0036.t-0009.fb-t-msedge.net

IN CNAME

part-0036.t-0009.fb-t-msedge.net
GET

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

Remote address:

23.62.61.97:443

Request

GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
host: www.bing.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1107
date: Thu, 16 May 2024 08:40:18 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.5d3d3e17.1715848818.46cc354
DNS

238.75.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.75.250.142.in-addr.arpa

IN PTR

Response

238.75.250.142.in-addr.arpa

IN PTR

par10s41-in-f141e100net
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR

Response
DNS

97.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.61.62.23.in-addr.arpa

IN PTR

Response

97.61.62.23.in-addr.arpa

IN PTR

a23-62-61-97deploystaticakamaitechnologiescom
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

139.53.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.53.16.96.in-addr.arpa

IN PTR

Response

139.53.16.96.in-addr.arpa

IN PTR

a96-16-53-139deploystaticakamaitechnologiescom
DNS

56.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.61.62.23.in-addr.arpa

IN PTR

Response

56.61.62.23.in-addr.arpa

IN PTR

a23-62-61-56deploystaticakamaitechnologiescom
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://tse1.mm.bing.net/th?id=OADD2.10239351692210_1AKNUXTAY2T0XUMCR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239351692210_1AKNUXTAY2T0XUMCR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 415458
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C335CBB96557411BA19C45F5A6C6AF9D Ref B: LON04EDGE1008 Ref C: 2024-05-16T08:41:56Z
date: Thu, 16 May 2024 08:41:55 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 449656
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 364D1D17E1E14167A0458462F07B5876 Ref B: LON04EDGE1008 Ref C: 2024-05-16T08:41:56Z
date: Thu, 16 May 2024 08:41:55 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 430689
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0CE5CB5AA4234D2192FE6841008DB37B Ref B: LON04EDGE1008 Ref C: 2024-05-16T08:41:56Z
date: Thu, 16 May 2024 08:41:55 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239351692215_1UJ4FAL91XLA7HB15&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239351692215_1UJ4FAL91XLA7HB15&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 468637
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 44AACB54D4B14115B04FE7F842AF1747 Ref B: LON04EDGE1008 Ref C: 2024-05-16T08:41:56Z
date: Thu, 16 May 2024 08:41:55 GMT
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
DNS

27.178.89.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

27.178.89.13.in-addr.arpa

IN PTR

Response

94.245.104.56:443

api.edgeoffer.microsoft.com

tls

3.7kB
7.5kB
15
14
13.107.6.158:443

business.bing.com

52 B
1
3.215.233.133:80

http://www.fiberglassics.com/00B/babyfg.jpg

http

647 B
812 B
6
6

HTTP Request

GET http://www.fiberglassics.com/00B/babyfg.jpg

HTTP Response

301
13.107.6.158:443

business.bing.com

tls

3.4kB
9.8kB
19
23
13.107.6.158:443

business.bing.com

tls

2.5kB
8.1kB
11
14
216.40.34.41:80

www.usacars.com

340 B
172 B
7
4
216.40.34.41:80

www.usacars.com

340 B
172 B
7
4
216.40.34.41:80

http://www.usacars.com//images/comprofiler/gallery/dog.gif

http

1.3kB
1.6kB
10
5

HTTP Request

GET http://www.usacars.com//components/com_comprofiler/plugin/language/default_language/images/tnnophoto.jpg

HTTP Response

303

HTTP Request

GET http://www.usacars.com//images/comprofiler/gallery/dog.gif

HTTP Response

303
216.40.34.41:80

www.usacars.com

340 B
172 B
7
4
216.40.34.41:80

http://www.usacars.com/components/com_adsmanager/css/adsmanager.css

http

1.8kB
2.9kB
10
7

HTTP Request

GET http://www.usacars.com/plugins/content/kunenadiscuss/discuss.css

HTTP Response

303

HTTP Request

GET http://www.usacars.com/components/com_kunena/template/default/js/jquery-1.3.2.min.js

HTTP Response

303

HTTP Request

GET http://www.usacars.com/components/com_adsmanager/css/adsmanager.css

HTTP Response

303
96.16.53.162:443

bzib.nelreports.net

tls

3.8kB
6.1kB
15
16
3.215.233.133:443

www.fiberglassics.com

tls

2.9kB
8.6kB
15
15
216.40.34.41:80

http://www.usacars.com/modules/mod_cbgallery/mod_cbgallery/cbgallery1.js

http

985 B
1.5kB
7
5

HTTP Request

GET http://www.usacars.com/plugins/content/kunenadiscuss/discuss.js

HTTP Response

303

HTTP Request

GET http://www.usacars.com/modules/mod_cbgallery/mod_cbgallery/cbgallery1.js

HTTP Response

303
51.140.242.104:443

nav-edge.smartscreen.microsoft.com

tls

13.8kB
12.8kB
31
31
2.21.17.194:443

www.microsoft.com

tls

2.5kB
7.3kB
13
14
2.21.17.194:443

www.microsoft.com

tls

4.1kB
24.5kB
27
37
54.86.199.205:443

i-c.net

tls

3.7kB
31.7kB
30
29
54.86.199.205:443

i-c.net

tls

3.3kB
22.7kB
22
23
54.86.199.205:443

i-c.net

tls

3.3kB
22.7kB
22
23
54.86.199.205:443

i-c.net

tls

4.0kB
48.4kB
37
41
54.86.199.205:443

i-c.net

tls

3.4kB
24.2kB
25
25
13.107.253.64:443

edgestatic.azureedge.net

tls

3.0kB
7.8kB
13
14
13.107.253.64:443

edgestatic.azureedge.net

tls

117.5kB
6.0MB
2436
4310
13.107.253.64:443

edgestatic.azureedge.net

tls

3.0kB
7.8kB
13
14
54.86.199.205:443

i-c.net

tls

3.7kB
24.6kB
30
31
54.86.199.205:443

i-c.net

tls

3.5kB
20.4kB
26
27
13.107.253.64:443

edgestatic.azureedge.net

tls

9.5kB
274.6kB
125
212
13.107.253.64:443

wcpstatic.microsoft.com

tls

5.4kB
91.1kB
53
79
23.62.61.97:443

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

tls, http2

1.4kB
6.3kB
16
11

HTTP Request

GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

HTTP Response

200
23.62.61.97:443

www.bing.com

tls

2.3kB
5.2kB
10
12
52.142.223.178:80

46 B
1
23.62.61.56:443

www.bing.com

tls

2.6kB
986 B
9
9
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

https://tse1.mm.bing.net/th?id=OADD2.10239351692215_1UJ4FAL91XLA7HB15&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

tls, http2

65.5kB
1.8MB
1346
1343

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239351692210_1AKNUXTAY2T0XUMCR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239351692215_1UJ4FAL91XLA7HB15&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
226 B
1
1

DNS Request

api.edgeoffer.microsoft.com

DNS Response

94.245.104.56
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
271 B
1
1

DNS Request

api.edgeoffer.microsoft.com
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
185 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

www.usacars.com

dns

61 B
77 B
1
1

DNS Request

www.usacars.com

DNS Response

216.40.34.41
8.8.8.8:53

www.usacars.com

dns

61 B
117 B
1
1

DNS Request

www.usacars.com
8.8.8.8:53

www.fiberglassics.com

dns

67 B
83 B
1
1

DNS Request

www.fiberglassics.com

DNS Response

3.215.233.133
8.8.8.8:53

www.fiberglassics.com

dns

67 B
148 B
1
1

DNS Request

www.fiberglassics.com
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

96.16.53.162

96.16.53.149
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

www.fiberglassics.com

dns

67 B
83 B
1
1

DNS Request

www.fiberglassics.com

DNS Response

3.215.233.133
8.8.8.8:53

www.fiberglassics.com

dns

67 B
148 B
1
1

DNS Request

www.fiberglassics.com
8.8.8.8:53

56.104.245.94.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

56.104.245.94.in-addr.arpa
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

133.233.215.3.in-addr.arpa

dns

72 B
108 B
1
1

DNS Request

133.233.215.3.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

71.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

71.31.126.40.in-addr.arpa
8.8.8.8:53

i-c.net

dns

53 B
1

DNS Request

i-c.net
8.8.8.8:53

i-c.net

dns

53 B
1

DNS Request

i-c.net
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

www.microsoft.com

dns

63 B
1

DNS Request

www.microsoft.com
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

162.53.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

162.53.16.96.in-addr.arpa
8.8.8.8:53

41.34.40.216.in-addr.arpa

dns

71 B
71 B
1
1

DNS Request

41.34.40.216.in-addr.arpa
8.8.8.8:53

i-c.net

dns

53 B
1

DNS Request

i-c.net
8.8.8.8:53

i-c.net

dns

53 B
112 B
1
1

DNS Request

i-c.net
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
199 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

51.140.242.104
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
244 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

194.17.21.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

194.17.21.2.in-addr.arpa
8.8.8.8:53

i-c.net

dns

53 B
69 B
1
1

DNS Request

i-c.net

DNS Response

54.86.199.205
8.8.8.8:53

www.microsoft.com

dns

63 B
1

DNS Request

www.microsoft.com
8.8.8.8:53

205.199.86.54.in-addr.arpa

dns

72 B
114 B
1
1

DNS Request

205.199.86.54.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
349 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.253.64

13.107.226.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
377 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

23.53.113.225
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

183.142.211.20.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

183.142.211.20.in-addr.arpa
8.8.8.8:53

64.253.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.253.107.13.in-addr.arpa
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
369 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.253.64

13.107.226.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
384 B
1
1

DNS Request

wcpstatic.microsoft.com
8.8.8.8:53

238.75.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

238.75.250.142.in-addr.arpa
8.8.8.8:53

26.35.223.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

26.35.223.20.in-addr.arpa
224.0.0.251:5353

204 B
3
8.8.8.8:53

97.61.62.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

97.61.62.23.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

139.53.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

139.53.16.96.in-addr.arpa
8.8.8.8:53

56.61.62.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

56.61.62.23.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

62 B
173 B
1
1

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

27.178.89.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

27.178.89.13.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response