Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

75229f0095...8.html

windows7-x64

1

75229f0095...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/05/2024, 10:08 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75229f0095c393cc1a52fbe0d547e2f4_JaffaCakes118.html

  • Size

    4KB

  • MD5

    75229f0095c393cc1a52fbe0d547e2f4

  • SHA1

    dda048f91544a938ff260f056c1aea387854c7b7

  • SHA256

    fc2ce0fbf439c250804ca7335e14e47bd98094736560fb49524eff70f131a217

  • SHA512

    5c0204fff17cf4856d4aaf9395398e885d653b42ab28c9994209f519bde3a13fecc9f7340d7540770ca15b484595fd25954dfff360d2952f5d4048e0e4a892aa

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8oG653d:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDw

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\75229f0095c393cc1a52fbe0d547e2f4_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:412
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff54f946f8,0x7fff54f94708,0x7fff54f94718
      2⤵
        PID:4644
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
        2⤵
          PID:1936
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2020
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8
          2⤵
            PID:3288
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
            2⤵
              PID:2728
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
              2⤵
                PID:3344
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8
                2⤵
                  PID:3588
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:212
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
                  2⤵
                    PID:4544
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
                    2⤵
                      PID:4424
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                      2⤵
                        PID:1596
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
                        2⤵
                          PID:3060
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,3451686029480229625,7432263081166329763,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:4140
                      • C:\Windows\System32\CompPkgSrv.exe
                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                        1⤵
                          PID:2068
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:1408

                          Network

                          • flag-us
                            DNS
                            cdn-adef.akamaized.net
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            cdn-adef.akamaized.net
                            IN A
                            Response
                            cdn-adef.akamaized.net
                            IN CNAME
                            a326.d.akamai.net
                            a326.d.akamai.net
                            IN A
                            2.17.251.32
                            a326.d.akamai.net
                            IN A
                            2.17.251.40
                          • flag-us
                            GET
                            https://cdn-adef.akamaized.net/images/jump-favicon.ico
                            msedge.exe
                            Remote address:
                            2.17.251.32:443
                            Request
                            GET /images/jump-favicon.ico HTTP/1.1
                            Host: cdn-adef.akamaized.net
                            Connection: keep-alive
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            DNT: 1
                            sec-ch-ua-mobile: ?0
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Sec-Fetch-Site: cross-site
                            Sec-Fetch-Mode: no-cors
                            Sec-Fetch-Dest: image
                            Accept-Encoding: gzip, deflate, br
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            x-amz-id-2: 2bhf9jJs6aXu8HdmBwNsQXyd0eD/Usi1ydIjJLf4nhNQfW1M4xRQFpkQOdB1MDzlfmYuSknAZaQ=
                            x-amz-request-id: AMFNJH6J2RAEQ765
                            Last-Modified: Wed, 07 Nov 2018 10:05:44 GMT
                            ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
                            Accept-Ranges: bytes
                            Content-Type: image/x-icon
                            Server: AmazonS3
                            Content-Length: 4103
                            Date: Sun, 26 May 2024 10:09:02 GMT
                            Connection: keep-alive
                            Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
                          • flag-us
                            DNS
                            0.159.190.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            0.159.190.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            g.bing.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            g.bing.com
                            IN A
                            Response
                            g.bing.com
                            IN CNAME
                            g-bing-com.dual-a-0034.a-msedge.net
                            g-bing-com.dual-a-0034.a-msedge.net
                            IN CNAME
                            dual-a-0034.a-msedge.net
                            dual-a-0034.a-msedge.net
                            IN A
                            204.79.197.237
                            dual-a-0034.a-msedge.net
                            IN A
                            13.107.21.237
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bdOclx_UH9u_S3PgBuaPSTVUCUxrrVt_rP6_j4EHKjuRX2Y1XEtXTjotKBNwty0D66ZXhrvtl85IGrrz-pE5SKwc3J7aSPHslvX5Wvz9ZdaGZLXuQW_TMgsRkrRQK7XLAabQqkPnaZOY8x3cPitx7ISIXP0coHN1B8vWN2-7_ZIXhqmC%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D1070ffa8fd6b1456b8f29983521931ac&TIME=20240426T134344Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984&muid=B64DD8ED08746C05824A19614CB097A6
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bdOclx_UH9u_S3PgBuaPSTVUCUxrrVt_rP6_j4EHKjuRX2Y1XEtXTjotKBNwty0D66ZXhrvtl85IGrrz-pE5SKwc3J7aSPHslvX5Wvz9ZdaGZLXuQW_TMgsRkrRQK7XLAabQqkPnaZOY8x3cPitx7ISIXP0coHN1B8vWN2-7_ZIXhqmC%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D1070ffa8fd6b1456b8f29983521931ac&TIME=20240426T134344Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984&muid=B64DD8ED08746C05824A19614CB097A6 HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MUID=0A6CB2435DA069A814D8A6C85C406864; domain=.bing.com; expires=Fri, 20-Jun-2025 10:09:03 GMT; path=/; SameSite=None; Secure; Priority=High;
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: AEF35CA1B74C4216ACF84E537E064867 Ref B: LON04EDGE1007 Ref C: 2024-05-26T10:09:03Z
                            date: Sun, 26 May 2024 10:09:02 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bdOclx_UH9u_S3PgBuaPSTVUCUxrrVt_rP6_j4EHKjuRX2Y1XEtXTjotKBNwty0D66ZXhrvtl85IGrrz-pE5SKwc3J7aSPHslvX5Wvz9ZdaGZLXuQW_TMgsRkrRQK7XLAabQqkPnaZOY8x3cPitx7ISIXP0coHN1B8vWN2-7_ZIXhqmC%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D1070ffa8fd6b1456b8f29983521931ac&TIME=20240426T134344Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984&muid=B64DD8ED08746C05824A19614CB097A6
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bdOclx_UH9u_S3PgBuaPSTVUCUxrrVt_rP6_j4EHKjuRX2Y1XEtXTjotKBNwty0D66ZXhrvtl85IGrrz-pE5SKwc3J7aSPHslvX5Wvz9ZdaGZLXuQW_TMgsRkrRQK7XLAabQqkPnaZOY8x3cPitx7ISIXP0coHN1B8vWN2-7_ZIXhqmC%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D1070ffa8fd6b1456b8f29983521931ac&TIME=20240426T134344Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984&muid=B64DD8ED08746C05824A19614CB097A6 HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=0A6CB2435DA069A814D8A6C85C406864; _EDGE_S=SID=28E58F9DAC00661004049B16AD576770
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MSPTC=W3S2vZ4I_YrLqBMETk6FNS6YDfaO5o5kyNK3z8fY_QE; domain=.bing.com; expires=Fri, 20-Jun-2025 10:09:03 GMT; path=/; Partitioned; secure; SameSite=None
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 9A6E6CD316BB4D8A861D8ADA0AB7CAB0 Ref B: LON04EDGE1007 Ref C: 2024-05-26T10:09:03Z
                            date: Sun, 26 May 2024 10:09:03 GMT
                          • flag-us
                            DNS
                            32.251.17.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            32.251.17.2.in-addr.arpa
                            IN PTR
                            Response
                            32.251.17.2.in-addr.arpa
                            IN PTR
                            a2-17-251-32deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            95.221.229.192.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            95.221.229.192.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            209.205.72.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            209.205.72.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            91.90.14.23.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            91.90.14.23.in-addr.arpa
                            IN PTR
                            Response
                            91.90.14.23.in-addr.arpa
                            IN PTR
                            a23-14-90-91deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            237.197.79.204.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            237.197.79.204.in-addr.arpa
                            IN PTR
                            Response
                          • flag-nl
                            GET
                            https://www.bing.com/aes/c.gif?RG=a28cd0b71547497588ab3f1ee8b58cfd&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134344Z&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984
                            Remote address:
                            23.62.61.194:443
                            Request
                            GET /aes/c.gif?RG=a28cd0b71547497588ab3f1ee8b58cfd&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134344Z&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984 HTTP/2.0
                            host: www.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=0A6CB2435DA069A814D8A6C85C406864
                            Response
                            HTTP/2.0 200
                            cache-control: private,no-store
                            pragma: no-cache
                            vary: Origin
                            p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: EAA2BD881A314FD681D2DE1BE60257AF Ref B: AMS04EDGE1509 Ref C: 2024-05-26T10:09:03Z
                            content-length: 0
                            date: Sun, 26 May 2024 10:09:03 GMT
                            set-cookie: _EDGE_S=SID=28E58F9DAC00661004049B16AD576770; path=/; httponly; domain=bing.com
                            set-cookie: MUIDB=0A6CB2435DA069A814D8A6C85C406864; path=/; httponly; expires=Fri, 20-Jun-2025 10:09:03 GMT
                            alt-svc: h3=":443"; ma=93600
                            x-cdn-traceid: 0.be3d3e17.1716718143.1f24edca
                          • flag-us
                            DNS
                            194.61.62.23.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            194.61.62.23.in-addr.arpa
                            IN PTR
                            Response
                            194.61.62.23.in-addr.arpa
                            IN PTR
                            a23-62-61-194deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            57.169.31.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            57.169.31.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-nl
                            GET
                            https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                            Remote address:
                            23.62.61.194:443
                            Request
                            GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
                            host: www.bing.com
                            accept: */*
                            cookie: MUID=0A6CB2435DA069A814D8A6C85C406864; _EDGE_S=SID=28E58F9DAC00661004049B16AD576770; MSPTC=W3S2vZ4I_YrLqBMETk6FNS6YDfaO5o5kyNK3z8fY_QE; MUIDB=0A6CB2435DA069A814D8A6C85C406864
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-type: image/png
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            content-length: 1107
                            date: Sun, 26 May 2024 10:09:05 GMT
                            alt-svc: h3=":443"; ma=93600
                            x-cdn-traceid: 0.be3d3e17.1716718145.1f24f232
                          • flag-us
                            DNS
                            58.55.71.13.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            58.55.71.13.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            183.59.114.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            183.59.114.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            206.23.85.13.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            206.23.85.13.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            82.90.14.23.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            82.90.14.23.in-addr.arpa
                            IN PTR
                            Response
                            82.90.14.23.in-addr.arpa
                            IN PTR
                            a23-14-90-82deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            tse1.mm.bing.net
                            Remote address:
                            8.8.8.8:53
                            Request
                            tse1.mm.bing.net
                            IN A
                            Response
                            tse1.mm.bing.net
                            IN CNAME
                            mm-mm.bing.net.trafficmanager.net
                            mm-mm.bing.net.trafficmanager.net
                            IN CNAME
                            dual-a-0001.a-msedge.net
                            dual-a-0001.a-msedge.net
                            IN A
                            204.79.197.200
                            dual-a-0001.a-msedge.net
                            IN A
                            13.107.21.200
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 659775
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: D5F326AD26204A2F8C56E6BEEA64355B Ref B: LON04EDGE0816 Ref C: 2024-05-26T10:10:43Z
                            date: Sun, 26 May 2024 10:10:42 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 627437
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: E98548EAE8704ADD9E7AF28964DC6219 Ref B: LON04EDGE0816 Ref C: 2024-05-26T10:10:43Z
                            date: Sun, 26 May 2024 10:10:42 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 792794
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 05E02EA58DDF48BF8948A668D58AC672 Ref B: LON04EDGE0816 Ref C: 2024-05-26T10:10:43Z
                            date: Sun, 26 May 2024 10:10:42 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 621794
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 9EC72106B9EB460AB09C05DB8BF07C2B Ref B: LON04EDGE0816 Ref C: 2024-05-26T10:10:43Z
                            date: Sun, 26 May 2024 10:10:42 GMT
                          • flag-us
                            DNS
                            200.197.79.204.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            200.197.79.204.in-addr.arpa
                            IN PTR
                            Response
                            200.197.79.204.in-addr.arpa
                            IN PTR
                            a-0001a-msedgenet
                          • flag-us
                            DNS
                            1.173.189.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            1.173.189.20.in-addr.arpa
                            IN PTR
                            Response
                          • 2.17.251.32:443
                            https://cdn-adef.akamaized.net/images/jump-favicon.ico
                            tls, http
                            msedge.exe
                            2.8kB
                             9.7kB
                             14
                            18

                            HTTP Request

                            GET https://cdn-adef.akamaized.net/images/jump-favicon.ico

                            HTTP Response

                            200
                          • 204.79.197.237:443
                            https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bdOclx_UH9u_S3PgBuaPSTVUCUxrrVt_rP6_j4EHKjuRX2Y1XEtXTjotKBNwty0D66ZXhrvtl85IGrrz-pE5SKwc3J7aSPHslvX5Wvz9ZdaGZLXuQW_TMgsRkrRQK7XLAabQqkPnaZOY8x3cPitx7ISIXP0coHN1B8vWN2-7_ZIXhqmC%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D1070ffa8fd6b1456b8f29983521931ac&TIME=20240426T134344Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984&muid=B64DD8ED08746C05824A19614CB097A6
                            tls, http2
                            2.5kB
                             9.0kB
                             20
                            17

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bdOclx_UH9u_S3PgBuaPSTVUCUxrrVt_rP6_j4EHKjuRX2Y1XEtXTjotKBNwty0D66ZXhrvtl85IGrrz-pE5SKwc3J7aSPHslvX5Wvz9ZdaGZLXuQW_TMgsRkrRQK7XLAabQqkPnaZOY8x3cPitx7ISIXP0coHN1B8vWN2-7_ZIXhqmC%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D1070ffa8fd6b1456b8f29983521931ac&TIME=20240426T134344Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984&muid=B64DD8ED08746C05824A19614CB097A6

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8bdOclx_UH9u_S3PgBuaPSTVUCUxrrVt_rP6_j4EHKjuRX2Y1XEtXTjotKBNwty0D66ZXhrvtl85IGrrz-pE5SKwc3J7aSPHslvX5Wvz9ZdaGZLXuQW_TMgsRkrRQK7XLAabQqkPnaZOY8x3cPitx7ISIXP0coHN1B8vWN2-7_ZIXhqmC%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D1070ffa8fd6b1456b8f29983521931ac&TIME=20240426T134344Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984&muid=B64DD8ED08746C05824A19614CB097A6

                            HTTP Response

                            204
                          • 23.62.61.194:443
                            https://www.bing.com/aes/c.gif?RG=a28cd0b71547497588ab3f1ee8b58cfd&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134344Z&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984
                            tls, http2
                            1.4kB
                             5.4kB
                             16
                            12

                            HTTP Request

                            GET https://www.bing.com/aes/c.gif?RG=a28cd0b71547497588ab3f1ee8b58cfd&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134344Z&adUnitId=11730597&localId=w:B64DD8ED-0874-6C05-824A-19614CB097A6&deviceId=6825828828100984

                            HTTP Response

                            200
                          • 23.62.61.194:443
                            https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                            tls, http2
                            1.6kB
                             6.4kB
                             17
                            13

                            HTTP Request

                            GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

                            HTTP Response

                            200
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             8.1kB
                             16
                            14
                          • 204.79.197.200:443
                            https://tse1.mm.bing.net/th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            tls, http2
                            96.8kB
                             2.8MB
                             2035
                            2029

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             8.1kB
                             16
                            14
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             8.1kB
                             16
                            13
                          • 8.8.8.8:53
                            cdn-adef.akamaized.net
                            dns
                            msedge.exe
                            68 B
                             128 B
                             1
                            1

                            DNS Request

                            cdn-adef.akamaized.net

                            DNS Response

                            2.17.251.32
                            2.17.251.40

                          • 8.8.8.8:53
                            0.159.190.20.in-addr.arpa
                            dns
                            71 B
                             157 B
                             1
                            1

                            DNS Request

                            0.159.190.20.in-addr.arpa

                          • 8.8.8.8:53
                            g.bing.com
                            dns
                            56 B
                             151 B
                             1
                            1

                            DNS Request

                            g.bing.com

                            DNS Response

                            204.79.197.237
                            13.107.21.237

                          • 8.8.8.8:53
                            32.251.17.2.in-addr.arpa
                            dns
                            70 B
                             133 B
                             1
                            1

                            DNS Request

                            32.251.17.2.in-addr.arpa

                          • 8.8.8.8:53
                            95.221.229.192.in-addr.arpa
                            dns
                            73 B
                             144 B
                             1
                            1

                            DNS Request

                            95.221.229.192.in-addr.arpa

                          • 8.8.8.8:53
                            209.205.72.20.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            209.205.72.20.in-addr.arpa

                          • 8.8.8.8:53
                            91.90.14.23.in-addr.arpa
                            dns
                            70 B
                             133 B
                             1
                            1

                            DNS Request

                            91.90.14.23.in-addr.arpa

                          • 8.8.8.8:53
                            237.197.79.204.in-addr.arpa
                            dns
                            73 B
                             143 B
                             1
                            1

                            DNS Request

                            237.197.79.204.in-addr.arpa

                          • 224.0.0.251:5353
                            529 B
                             8
                          • 8.8.8.8:53
                            194.61.62.23.in-addr.arpa
                            dns
                            71 B
                             135 B
                             1
                            1

                            DNS Request

                            194.61.62.23.in-addr.arpa

                          • 8.8.8.8:53
                            57.169.31.20.in-addr.arpa
                            dns
                            71 B
                             157 B
                             1
                            1

                            DNS Request

                            57.169.31.20.in-addr.arpa

                          • 8.8.8.8:53
                            58.55.71.13.in-addr.arpa
                            dns
                            70 B
                             144 B
                             1
                            1

                            DNS Request

                            58.55.71.13.in-addr.arpa

                          • 8.8.8.8:53
                            183.59.114.20.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            183.59.114.20.in-addr.arpa

                          • 8.8.8.8:53
                            206.23.85.13.in-addr.arpa
                            dns
                            71 B
                             145 B
                             1
                            1

                            DNS Request

                            206.23.85.13.in-addr.arpa

                          • 8.8.8.8:53
                            82.90.14.23.in-addr.arpa
                            dns
                            70 B
                             133 B
                             1
                            1

                            DNS Request

                            82.90.14.23.in-addr.arpa

                          • 8.8.8.8:53
                            tse1.mm.bing.net
                            dns
                            62 B
                             173 B
                             1
                            1

                            DNS Request

                            tse1.mm.bing.net

                            DNS Response

                            204.79.197.200
                            13.107.21.200

                          • 8.8.8.8:53
                            200.197.79.204.in-addr.arpa
                            dns
                            73 B
                             106 B
                             1
                            1

                            DNS Request

                            200.197.79.204.in-addr.arpa

                          • 8.8.8.8:53
                            1.173.189.20.in-addr.arpa
                            dns
                            71 B
                             157 B
                             1
                            1

                            DNS Request

                            1.173.189.20.in-addr.arpa

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            2daa93382bba07cbc40af372d30ec576

                            SHA1

                            c5e709dc3e2e4df2ff841fbde3e30170e7428a94

                            SHA256

                            1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

                            SHA512

                            65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            ecdc2754d7d2ae862272153aa9b9ca6e

                            SHA1

                            c19bed1c6e1c998b9fa93298639ad7961339147d

                            SHA256

                            a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

                            SHA512

                            cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                            Filesize

                            292B

                            MD5

                            e8d9507d91aa0f3179c19c6f1326ef22

                            SHA1

                            e0c59942e70bf406d600056ca5b009c9d48b59e6

                            SHA256

                            9c0a4350877b40f82dc2a55fa5e82c4ea3bf5f438afbcd3f1c5bbc88f7379ef5

                            SHA512

                            0a2aaee861696604d52bbd15c954bff3a410d82f0b822703a219382259830d0f9e5c82133624601c5d2041c18a382032e02803f82d1629ffd202bd9f5b391fa4

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            5KB

                            MD5

                            696aa610eeba7a27311725c1b57b89fd

                            SHA1

                            57f959e7715b75ee3990e5db992d33260af25901

                            SHA256

                            41405e5e391e985bdcc3688d535b16d2e710c3a1ebf3e47e85a24fa7770ae142

                            SHA512

                            5e270850f0f789e515e860e55f866b4b8335429f407c6fb6f624c17e47ebb87a5cf232045117ec2e1e0e220eebbe0886200d6428fb45c7834447915d741ceeb4

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            6KB

                            MD5

                            cc7ea02f984be6d9854889f61738e0e5

                            SHA1

                            1302ee774e9ca65d47d21962ad2aaf5b1cf494ab

                            SHA256

                            907ef3d574da9777764fda437b14b22a1a4d2ca4b2aebab1f3b98605c306d8b7

                            SHA512

                            16108227314570f23279ab79525a93843ebef5b578a6eb3ba419685f9e148ba17d3031cdc78aab6a7f4697112d50418007c42a7f910441d8edde19177dc4c76d

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                            Filesize

                            16B

                            MD5

                            6752a1d65b201c13b62ea44016eb221f

                            SHA1

                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                            SHA256

                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                            SHA512

                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                            Filesize

                            11KB

                            MD5

                            0f733fd3d77e6d429f5f3cbcf6d8d921

                            SHA1

                            c3c60e9e0746503f0a55ce1330206ac23696c962

                            SHA256

                            89c869c5b4d1598a9f344cc417ed3c2e351673955f3615f14022f5842adb2846

                            SHA512

                            4eaff271dcff2c1371cb58a68420b263c757a96660f7bb36b9a27cb7af4c6c79bbe674c78ec2298599855310a4ec6a3e8da14cf223f5d4263b117490e306d32d

                            Download Submit

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.