d95238dabdb16697dcd7fa7f786798fd83257497f335d587816f5b0a05377275

Analysis

max time kernel
141s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
16/05/2024, 09:44 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4a780a63ac90dcc40c389247d89150a9_JaffaCakes118.html
Size

36KB
MD5

4a780a63ac90dcc40c389247d89150a9
SHA1

022dfe12284f175d9fb67c681ef25aeab9f4abe8
SHA256

d95238dabdb16697dcd7fa7f786798fd83257497f335d587816f5b0a05377275
SHA512

63678a15dd879e36e5aaf0758a93fd68ab2aff1ee491ee9b678175fc99c206ae0e98dff7368bde60a847451f8ab24027aa5a223ef080fc90afb97b4e6d1ebf0c
SSDEEP

768:zwx/MDTHDkD+88hARDZPXKE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6TtZO46lrl6lLa:Q/LbJxNVuu0Sx/c8sK

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4a780a63ac90dcc40c389247d89150a9_JaffaCakes118.html
1⤵
PID:4764

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4816,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5012 /prefetch:1
1⤵
PID:2040

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4060,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=2528 /prefetch:1
1⤵
PID:4524

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5284,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5304 /prefetch:1
1⤵
PID:2136

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5324,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5476 /prefetch:8
1⤵
PID:3564

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5352,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5592 /prefetch:8
1⤵
PID:3752

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5848,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=4508 /prefetch:1
1⤵
PID:3880

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=5832,i,13281073920029625837,8253721632651544158,262144 --variations-seed-version --mojo-platform-channel-handle=5704 /prefetch:8
1⤵
PID:608

Network

DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN A

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

IN A

94.245.104.56
DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN Unknown

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

96.16.53.162

a416.dscd.akamai.net

IN A

96.16.53.149
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

saltworld.net

Remote address:

8.8.8.8:53

Request

saltworld.net

IN A

Response

saltworld.net

IN A

172.67.166.97

saltworld.net

IN A

104.21.11.155
DNS

saltworld.net

Remote address:

8.8.8.8:53

Request

saltworld.net

IN Unknown

Response

saltworld.net

IN Unknown

h3h2h��C�a &G05�C�a&G06h�
DNS

saltworld.net

Remote address:

8.8.8.8:53

Request

saltworld.net

IN A

Response

saltworld.net

IN A

172.67.166.97

saltworld.net

IN A

104.21.11.155
DNS

saltworld.net

Remote address:

8.8.8.8:53

Request

saltworld.net

IN Unknown

Response

saltworld.net

IN Unknown

h3h2�r`�ra *��1 *��1!
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

gamingw.net

Remote address:

8.8.8.8:53

Request

gamingw.net

IN A

Response

gamingw.net

IN A

172.67.160.162

gamingw.net

IN A

104.21.65.85
DNS

gamingw.net

Remote address:

8.8.8.8:53

Request

gamingw.net

IN Unknown

Response

gamingw.net

IN Unknown

h3h2hAU�C�� &G03hAU&G04�C��
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

56.104.245.94.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.104.245.94.in-addr.arpa

IN PTR

Response
DNS

159.113.53.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.113.53.23.in-addr.arpa

IN PTR

Response

159.113.53.23.in-addr.arpa

IN PTR

a23-53-113-159deploystaticakamaitechnologiescom
DNS

162.53.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

162.53.16.96.in-addr.arpa

IN PTR

Response

162.53.16.96.in-addr.arpa

IN PTR

a96-16-53-162deploystaticakamaitechnologiescom
DNS

79.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.190.18.2.in-addr.arpa

IN PTR

Response

79.190.18.2.in-addr.arpa

IN PTR

a2-18-190-79deploystaticakamaitechnologiescom
DNS

97.166.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.166.67.172.in-addr.arpa

IN PTR

Response
DNS

140.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

140.32.126.40.in-addr.arpa

IN PTR

Response
DNS

www.gravatar.com

Remote address:

8.8.8.8:53

Request

www.gravatar.com

IN A

Response

www.gravatar.com

IN A

192.0.73.2
DNS

www.gravatar.com

Remote address:

8.8.8.8:53

Request

www.gravatar.com

IN Unknown

Response
GET

http://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

Remote address:

192.0.73.2:80

Request

GET /avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
Host: www.gravatar.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx
Date: Thu, 16 May 2024 09:44:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
GET

http://www.gravatar.com/avatar/936f26abd759555807b0105d4e610318?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

Remote address:

192.0.73.2:80

Request

GET /avatar/936f26abd759555807b0105d4e610318?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
Host: www.gravatar.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx
Date: Thu, 16 May 2024 09:44:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.gravatar.com/avatar/936f26abd759555807b0105d4e610318?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
GET

http://www.gravatar.com/avatar/59df318a5dd5b358077fb9a7e56e80a2?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

Remote address:

192.0.73.2:80

Request

GET /avatar/59df318a5dd5b358077fb9a7e56e80a2?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
Host: www.gravatar.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx
Date: Thu, 16 May 2024 09:44:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.gravatar.com/avatar/59df318a5dd5b358077fb9a7e56e80a2?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
GET

http://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

Remote address:

192.0.73.2:80

Request

GET /avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
Host: www.gravatar.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx
Date: Thu, 16 May 2024 09:44:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
GET

http://www.gravatar.com/avatar/cafd83e895d821e4ada3e3e38f93582d?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

Remote address:

192.0.73.2:80

Request

GET /avatar/cafd83e895d821e4ada3e3e38f93582d?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
Host: www.gravatar.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx
Date: Thu, 16 May 2024 09:44:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.gravatar.com/avatar/cafd83e895d821e4ada3e3e38f93582d?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
GET

http://www.gravatar.com/avatar/e93d7024558d2ee595265c43dc1084df?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

Remote address:

192.0.73.2:80

Request

GET /avatar/e93d7024558d2ee595265c43dc1084df?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png HTTP/1.1
Host: www.gravatar.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx
Date: Thu, 16 May 2024 09:44:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.gravatar.com/avatar/e93d7024558d2ee595265c43dc1084df?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png
DNS

www.gravatar.com

Remote address:

8.8.8.8:53

Request

www.gravatar.com

IN A

Response

www.gravatar.com

IN A

192.0.73.2
DNS

www.gravatar.com

Remote address:

8.8.8.8:53

Request

www.gravatar.com

IN Unknown

Response
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-1.ukwest.cloudapp.azure.com

prod-agic-uw-1.ukwest.cloudapp.azure.com

IN A

51.140.242.104
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-2.ukwest.cloudapp.azure.com
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
DNS

i1.wp.com

Remote address:

8.8.8.8:53

Request

i1.wp.com

IN A

Response

i1.wp.com

IN A

192.0.77.2
DNS

i1.wp.com

Remote address:

8.8.8.8:53

Request

i1.wp.com

IN Unknown

Response
GET

http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

Remote address:

192.0.77.2:80

Request

GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
Host: i1.wp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 File Not Found

Server: nginx
Date: Thu, 16 May 2024 09:44:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-nc: EXPIRED lhr 7
Alt-Svc: h3=":443"; ma=86400
GET

http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

Remote address:

192.0.77.2:80

Request

GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
Host: i1.wp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 File Not Found

Server: nginx
Date: Thu, 16 May 2024 09:44:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-nc: HIT lhr 7
Alt-Svc: h3=":443"; ma=86400
GET

http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

Remote address:

192.0.77.2:80

Request

GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
Host: i1.wp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 File Not Found

Server: nginx
Date: Thu, 16 May 2024 09:44:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-nc: HIT lhr 7
Alt-Svc: h3=":443"; ma=86400
GET

http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

Remote address:

192.0.77.2:80

Request

GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
Host: i1.wp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 File Not Found

Server: nginx
Date: Thu, 16 May 2024 09:44:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-nc: HIT lhr 7
Alt-Svc: h3=":443"; ma=86400
GET

http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

Remote address:

192.0.77.2:80

Request

GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
Host: i1.wp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 File Not Found

Server: nginx
Date: Thu, 16 May 2024 09:44:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-nc: HIT lhr 7
Alt-Svc: h3=":443"; ma=86400
GET

http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

Remote address:

192.0.77.2:80

Request

GET /saltworld.net/forums/public/style_images/master/profile/default_large.png HTTP/1.1
Host: i1.wp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 File Not Found

Server: nginx
Date: Thu, 16 May 2024 09:44:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-nc: HIT lhr 7
Alt-Svc: h3=":443"; ma=86400
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

global-entry-afdthirdparty-fallback-first.trafficmanager.net

global-entry-afdthirdparty-fallback-first.trafficmanager.net

IN CNAME

dual.part-0036.t-0009.fb-t-msedge.net
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

23.53.113.225
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

181.97.55.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

181.97.55.23.in-addr.arpa

IN PTR

Response

181.97.55.23.in-addr.arpa

IN PTR

a23-55-97-181deploystaticakamaitechnologiescom
DNS

162.160.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

162.160.67.172.in-addr.arpa

IN PTR

Response
DNS

104.242.140.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.242.140.51.in-addr.arpa

IN PTR

Response
DNS

238.75.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.75.250.142.in-addr.arpa

IN PTR

Response

238.75.250.142.in-addr.arpa

IN PTR

par10s41-in-f141e100net
DNS

2.77.0.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.77.0.192.in-addr.arpa

IN PTR

Response

2.77.0.192.in-addr.arpa

IN PTR

i0wpcom

2.77.0.192.in-addr.arpa

IN PTR

i1�8

2.77.0.192.in-addr.arpa

IN PTR

i2�8
DNS

2.73.0.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.73.0.192.in-addr.arpa

IN PTR

Response
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
GET

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

Remote address:

88.221.83.225:443

Request

GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
host: www.bing.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1107
date: Thu, 16 May 2024 09:44:51 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.dd53dd58.1715852691.3df85edf
DNS

225.83.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.83.221.88.in-addr.arpa

IN PTR

Response

225.83.221.88.in-addr.arpa

IN PTR

a88-221-83-225deploystaticakamaitechnologiescom
DNS

226.83.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.83.221.88.in-addr.arpa

IN PTR

Response

226.83.221.88.in-addr.arpa

IN PTR

a88-221-83-226deploystaticakamaitechnologiescom
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

26.165.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.165.165.52.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

139.53.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.53.16.96.in-addr.arpa

IN PTR

Response

139.53.16.96.in-addr.arpa

IN PTR

a96-16-53-139deploystaticakamaitechnologiescom
DNS

29.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.243.111.52.in-addr.arpa

IN PTR

Response
DNS

77.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.190.18.2.in-addr.arpa

IN PTR

Response

77.190.18.2.in-addr.arpa

IN PTR

a2-18-190-77deploystaticakamaitechnologiescom
DNS

202.83.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.83.221.88.in-addr.arpa

IN PTR

Response

202.83.221.88.in-addr.arpa

IN PTR

a88-221-83-202deploystaticakamaitechnologiescom
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 638730
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 73E74977A699439DA53AEBA60CCD5DEF Ref B: LON04EDGE1111 Ref C: 2024-05-16T09:46:29Z
date: Thu, 16 May 2024 09:46:28 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 555746
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 67CDE1147B4F4C8B8BB908606ED57545 Ref B: LON04EDGE1111 Ref C: 2024-05-16T09:46:29Z
date: Thu, 16 May 2024 09:46:28 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 415458
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5DEA8CAEEA6468CB1C3F7F70F02B5D3 Ref B: LON04EDGE1111 Ref C: 2024-05-16T09:46:29Z
date: Thu, 16 May 2024 09:46:28 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 430689
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 736B383B6626484AB03A6C3C60630E96 Ref B: LON04EDGE1111 Ref C: 2024-05-16T09:46:29Z
date: Thu, 16 May 2024 09:46:28 GMT
DNS

88.156.103.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.156.103.20.in-addr.arpa

IN PTR

Response
DNS

30.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

30.73.42.20.in-addr.arpa

IN PTR

Response

94.245.104.56:443

api.edgeoffer.microsoft.com

tls

3.6kB
7.4kB
14
13
13.107.6.158:443

business.bing.com

tls

3.3kB
9.8kB
19
23
96.16.53.162:443

bzib.nelreports.net

tls

3.8kB
6.1kB
14
16
172.67.166.97:443

saltworld.net

tls

2.3kB
6.4kB
10
10
172.67.166.97:443

saltworld.net

tls

2.2kB
5.8kB
11
9
172.67.166.97:443

saltworld.net

tls

2.2kB
5.8kB
9
9
172.67.166.97:443

saltworld.net

tls

4.9kB
11.8kB
35
41
172.67.166.97:443

saltworld.net

tls

2.3kB
5.8kB
11
9
23.55.97.181:443

www.microsoft.com

tls

4.0kB
24.9kB
27
36
192.0.73.2:80

http://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

http

820 B
765 B
7
6

HTTP Request

GET http://www.gravatar.com/avatar/ae111d25cbb9b2d7293e8bdb2fcfe8b3?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

HTTP Response

301
192.0.73.2:80

http://www.gravatar.com/avatar/936f26abd759555807b0105d4e610318?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

http

820 B
765 B
7
6

HTTP Request

GET http://www.gravatar.com/avatar/936f26abd759555807b0105d4e610318?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

HTTP Response

301
192.0.73.2:80

http://www.gravatar.com/avatar/59df318a5dd5b358077fb9a7e56e80a2?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

http

820 B
765 B
7
6

HTTP Request

GET http://www.gravatar.com/avatar/59df318a5dd5b358077fb9a7e56e80a2?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

HTTP Response

301
192.0.73.2:80

http://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

http

820 B
765 B
7
6

HTTP Request

GET http://www.gravatar.com/avatar/6128162e0ab80b6aaefd01d25ec9fefe?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

HTTP Response

301
192.0.73.2:80

http://www.gravatar.com/avatar/cafd83e895d821e4ada3e3e38f93582d?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

http

820 B
765 B
7
6

HTTP Request

GET http://www.gravatar.com/avatar/cafd83e895d821e4ada3e3e38f93582d?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

HTTP Response

301
192.0.73.2:80

http://www.gravatar.com/avatar/e93d7024558d2ee595265c43dc1084df?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

http

820 B
765 B
7
6

HTTP Request

GET http://www.gravatar.com/avatar/e93d7024558d2ee595265c43dc1084df?s=100&d=http%3A%2F%2Fsaltworld.net%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fprofile%2Fdefault_large.png

HTTP Response

301
192.0.73.2:443

www.gravatar.com

tls

4.2kB
8.1kB
23
24
192.0.73.2:443

www.gravatar.com

tls

2.3kB
4.8kB
11
10
192.0.73.2:443

www.gravatar.com

tls

2.2kB
4.1kB
9
7
192.0.73.2:443

www.gravatar.com

tls

2.2kB
4.1kB
9
7
192.0.73.2:443

www.gravatar.com

tls

2.3kB
4.7kB
10
8
192.0.73.2:443

www.gravatar.com

tls

2.2kB
4.1kB
9
7
51.140.242.104:443

nav-edge.smartscreen.microsoft.com

tls

14.3kB
14.0kB
36
34
51.140.242.104:443

nav-edge.smartscreen.microsoft.com

tls

2.5kB
7.5kB
12
13
51.140.242.104:443

nav-edge.smartscreen.microsoft.com

tls

2.5kB
7.5kB
12
13
51.140.242.104:443

nav-edge.smartscreen.microsoft.com

tls

2.4kB
6.7kB
12
9
192.0.77.2:80

http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

http

3.0kB
2.3kB
12
12

HTTP Request

GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

HTTP Response

404

HTTP Request

GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

HTTP Response

404

HTTP Request

GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

HTTP Response

404

HTTP Request

GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

HTTP Response

404

HTTP Request

GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

HTTP Response

404

HTTP Request

GET http://i1.wp.com/saltworld.net/forums/public/style_images/master/profile/default_large.png

HTTP Response

404
13.107.246.64:443

edgestatic.azureedge.net

tls

124.8kB
6.0MB
2568
4314
13.107.246.64:443

edgestatic.azureedge.net

tls

2.1kB
311 B
7
5
13.107.246.64:443

edgestatic.azureedge.net

tls

2.9kB
7.8kB
13
14
13.107.246.64:443

edgestatic.azureedge.net

tls

9.5kB
275.2kB
125
224
13.107.246.64:443

wcpstatic.microsoft.com

tls

5.3kB
91.1kB
52
79
88.221.83.225:443

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

tls, http2

1.5kB
6.3kB
17
11

HTTP Request

GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

HTTP Response

200
88.221.83.226:443

www.bing.com

tls

2.3kB
5.2kB
10
12
88.221.83.202:443

www.bing.com

tls

2.5kB
986 B
9
9
204.79.197.200:443

https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

tls, http2

74.0kB
2.1MB
1542
1539

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14

8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
226 B
1
1

DNS Request

api.edgeoffer.microsoft.com

DNS Response

94.245.104.56
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
271 B
1
1

DNS Request

api.edgeoffer.microsoft.com
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
185 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

96.16.53.162

96.16.53.149
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

saltworld.net

dns

59 B
91 B
1
1

DNS Request

saltworld.net

DNS Response

172.67.166.97

104.21.11.155
8.8.8.8:53

saltworld.net

dns

59 B
132 B
1
1

DNS Request

saltworld.net
8.8.8.8:53

saltworld.net

dns

59 B
91 B
1
1

DNS Request

saltworld.net

DNS Response

172.67.166.97

104.21.11.155
8.8.8.8:53

saltworld.net

dns

59 B
132 B
1
1

DNS Request

saltworld.net
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

gamingw.net

dns

57 B
89 B
1
1

DNS Request

gamingw.net

DNS Response

172.67.160.162

104.21.65.85
8.8.8.8:53

gamingw.net

dns

57 B
130 B
1
1

DNS Request

gamingw.net
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

56.104.245.94.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

56.104.245.94.in-addr.arpa
8.8.8.8:53

159.113.53.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

159.113.53.23.in-addr.arpa
8.8.8.8:53

162.53.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

162.53.16.96.in-addr.arpa
8.8.8.8:53

79.190.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

79.190.18.2.in-addr.arpa
8.8.8.8:53

97.166.67.172.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

97.166.67.172.in-addr.arpa
8.8.8.8:53

140.32.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

140.32.126.40.in-addr.arpa
172.67.160.162:443

gamingw.net

https

9.6kB
20.2kB
30
33
172.67.166.97:443

saltworld.net

https

5.7kB
11.2kB
18
20
8.8.8.8:53

www.gravatar.com

dns

62 B
78 B
1
1

DNS Request

www.gravatar.com

DNS Response

192.0.73.2
8.8.8.8:53

www.gravatar.com

dns

62 B
124 B
1
1

DNS Request

www.gravatar.com
8.8.8.8:53

www.gravatar.com

dns

62 B
78 B
1
1

DNS Request

www.gravatar.com

DNS Response

192.0.73.2
8.8.8.8:53

www.gravatar.com

dns

62 B
124 B
1
1

DNS Request

www.gravatar.com
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
199 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

51.140.242.104
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
243 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

i1.wp.com

dns

55 B
71 B
1
1

DNS Request

i1.wp.com

DNS Response

192.0.77.2
8.8.8.8:53

i1.wp.com

dns

55 B
117 B
1
1

DNS Request

i1.wp.com
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
245 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
363 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

23.53.113.225
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

181.97.55.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

181.97.55.23.in-addr.arpa
8.8.8.8:53

162.160.67.172.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

162.160.67.172.in-addr.arpa
8.8.8.8:53

104.242.140.51.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

104.242.140.51.in-addr.arpa
8.8.8.8:53

238.75.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

238.75.250.142.in-addr.arpa
8.8.8.8:53

2.77.0.192.in-addr.arpa

dns

69 B
126 B
1
1

DNS Request

2.77.0.192.in-addr.arpa
8.8.8.8:53

2.73.0.192.in-addr.arpa

dns

69 B
134 B
1
1

DNS Request

2.73.0.192.in-addr.arpa
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
265 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
280 B
1
1

DNS Request

wcpstatic.microsoft.com
224.0.0.251:5353

204 B
3
8.8.8.8:53

225.83.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

225.83.221.88.in-addr.arpa
8.8.8.8:53

226.83.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

226.83.221.88.in-addr.arpa
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

26.165.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

26.165.165.52.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

139.53.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

139.53.16.96.in-addr.arpa
8.8.8.8:53

29.243.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

29.243.111.52.in-addr.arpa
8.8.8.8:53

77.190.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

77.190.18.2.in-addr.arpa
8.8.8.8:53

202.83.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

202.83.221.88.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

62 B
173 B
1
1

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

88.156.103.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

88.156.103.20.in-addr.arpa
8.8.8.8:53

30.73.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

30.73.42.20.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response