Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
31/05/2024, 19:31 UTC
Static task
static1
Behavioral task
behavioral1
Sample
881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html
Resource
win10v2004-20240508-en
General
-
Target
881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html
-
Size
22KB
-
MD5
881aa98283b14a09f2f6cb8ad607ff49
-
SHA1
c67ae4954887aaf18f0c12842a79daa8a4e81bed
-
SHA256
ef51b9d05cce7bbbffb03800d64144321dbd33511eeccecd88a0e7334ebf53fa
-
SHA512
a3ea0fb95e3c0b551d8f28ae9286d5f6c96885482e35f3d6c191d42db25420e548ea884cfa0874c35e1361b3bad7bf74a700d1ab8feab7a36f287d693792baf1
-
SSDEEP
384:QvRl1JZ+n9zbA7BREl2+v1P1kDlTy0gbAx57heyOTrSSCqdhFylgzb:QvRn7BRGlv1cmcx57hsJCIX
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Suspicious behavior: EnumeratesProcesses 10 IoCs
pid Process 6112 msedge.exe 6112 msedge.exe 3604 msedge.exe 3604 msedge.exe 3064 identity_helper.exe 3064 identity_helper.exe 5540 msedge.exe 5540 msedge.exe 5540 msedge.exe 5540 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
pid Process 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe 3604 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 3604 wrote to memory of 1064 3604 msedge.exe 82 PID 3604 wrote to memory of 1064 3604 msedge.exe 82 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 5092 3604 msedge.exe 83 PID 3604 wrote to memory of 6112 3604 msedge.exe 84 PID 3604 wrote to memory of 6112 3604 msedge.exe 84 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85 PID 3604 wrote to memory of 4324 3604 msedge.exe 85
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3604 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa819846f8,0x7ffa81984708,0x7ffa819847182⤵PID:1064
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:22⤵PID:5092
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:6112
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:82⤵PID:4324
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:12⤵PID:464
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:12⤵PID:5128
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 /prefetch:82⤵PID:572
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:3064
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:12⤵PID:2372
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:12⤵PID:4548
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:12⤵PID:3068
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:12⤵PID:1684
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:12⤵PID:4112
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:12⤵PID:2572
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:12⤵PID:5960
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:12⤵PID:3672
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1984 /prefetch:12⤵PID:3428
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,3153189055152114145,4735309679462672132,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4484 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:5540
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:5112
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3976
Network
-
Remote address:8.8.8.8:53Requestjs-agent.newrelic.comIN AResponsejs-agent.newrelic.comIN A162.247.243.39
-
Remote address:162.247.243.39:80RequestGET /nr-943.min.js HTTP/1.1
Host: js-agent.newrelic.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://nr-browser-agent.s3.amazonaws.com/nr-943.min.js
Accept-Ranges: bytes
Date: Fri, 31 May 2024 19:31:07 GMT
Via: 1.1 varnish
X-Served-By: cache-lcy-eglc8600051-LCY
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1717183868.935744,VS0,VE0
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300
-
Remote address:8.8.8.8:53Requestnr-browser-agent.s3.amazonaws.comIN AResponsenr-browser-agent.s3.amazonaws.comIN CNAMEs3-1-w.amazonaws.coms3-1-w.amazonaws.comIN CNAMEs3-w.us-east-1.amazonaws.coms3-w.us-east-1.amazonaws.comIN A52.217.64.20s3-w.us-east-1.amazonaws.comIN A16.182.40.129s3-w.us-east-1.amazonaws.comIN A52.217.72.148s3-w.us-east-1.amazonaws.comIN A3.5.28.215s3-w.us-east-1.amazonaws.comIN A52.217.124.185s3-w.us-east-1.amazonaws.comIN A52.216.48.129s3-w.us-east-1.amazonaws.comIN A3.5.29.192s3-w.us-east-1.amazonaws.comIN A16.182.36.57
-
Remote address:52.217.64.20:443RequestGET /nr-943.min.js HTTP/1.1
Host: nr-browser-agent.s3.amazonaws.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
x-amz-request-id: TZQSVNJPSRYRWDY0
Date: Fri, 31 May 2024 19:31:09 GMT
Last-Modified: Wed, 18 Oct 2023 21:02:15 GMT
ETag: "0909a6e7f1ea17aa3a97acab0754bb45"
x-amz-server-side-encryption: AES256
Cache-Control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
x-amz-version-id: f.bDSPYdaEiS7QBoNBuX0T2RfNZwW1PI
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 22677
-
Remote address:8.8.8.8:53Request39.243.247.162.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request217.106.137.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request20.64.217.52.in-addr.arpaIN PTRResponse20.64.217.52.in-addr.arpaIN PTRs3-1-w amazonawscom
-
Remote address:8.8.8.8:53Requestbam.nr-data.netIN AResponsebam.nr-data.netIN CNAMEbam.cell.nr-data.netbam.cell.nr-data.netIN CNAMEfastly-tls12-bam.nr-data.netfastly-tls12-bam.nr-data.netIN A162.247.243.29
-
GEThttp://bam.nr-data.net/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=1444&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&ap=10&be=320&fe=69&dc=17&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1717183866747,%22n%22:0,%22dl%22:237,%22di%22:336,%22ds%22:337,%22de%22:337,%22dc%22:389,%22l%22:389,%22le%22:392,%22f%22:32,%22dn%22:32,%22dne%22:32,%22c%22:32,%22ce%22:32,%22rq%22:32,%22rp%22:32,%22rpe%22:142%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setTokenmsedge.exeRemote address:162.247.243.29:80RequestGET /1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=1444&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&ap=10&be=320&fe=69&dc=17&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1717183866747,%22n%22:0,%22dl%22:237,%22di%22:336,%22ds%22:337,%22de%22:337,%22dc%22:389,%22l%22:389,%22le%22:392,%22f%22:32,%22dn%22:32,%22dne%22:32,%22c%22:32,%22ce%22:32,%22rq%22:32,%22rp%22:32,%22rpe%22:142%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 308 Permanent Redirect
Content-Length: 730
location: https://bam.nr-data.net/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=1444&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&ap=10&be=320&fe=69&dc=17&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1717183866747,%22n%22:0,%22dl%22:237,%22di%22:336,%22ds%22:337,%22de%22:337,%22dc%22:389,%22l%22:389,%22le%22:392,%22f%22:32,%22dn%22:32,%22dne%22:32,%22c%22:32,%22ce%22:32,%22rq%22:32,%22rp%22:32,%22rpe%22:142%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
content-type: text/html; charset=utf-8
-
GEThttps://bam.nr-data.net/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=1444&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&ap=10&be=320&fe=69&dc=17&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1717183866747,%22n%22:0,%22dl%22:237,%22di%22:336,%22ds%22:337,%22de%22:337,%22dc%22:389,%22l%22:389,%22le%22:392,%22f%22:32,%22dn%22:32,%22dne%22:32,%22c%22:32,%22ce%22:32,%22rq%22:32,%22rp%22:32,%22rpe%22:142%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setTokenmsedge.exeRemote address:162.247.243.29:443RequestGET /1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=1444&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&ap=10&be=320&fe=69&dc=17&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1717183866747,%22n%22:0,%22dl%22:237,%22di%22:336,%22ds%22:337,%22de%22:337,%22dc%22:389,%22l%22:389,%22le%22:392,%22f%22:32,%22dn%22:32,%22dne%22:32,%22c%22:32,%22ce%22:32,%22rq%22:32,%22rp%22:32,%22rpe%22:142%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200
Content-Length: 79
date: Fri, 31 May 2024 19:31:09 GMT
content-type: text/javascript
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: Date
timing-allow-origin: *
set-cookie: JSESSIONID=8f84cb2ac127b2fb; Path=/; Domain=.nr-data.net; SameSite=None
x-served-by: cache-lcy-eglc8600023-LCY
-
POSThttps://bam.nr-data.net/resources/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=2281&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&st=1717183866747msedge.exeRemote address:162.247.243.29:443RequestPOST /resources/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=2281&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&st=1717183866747 HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 1257
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: null
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200
Content-Length: 36
date: Fri, 31 May 2024 19:31:09 GMT
content-type: text/plain
access-control-allow-origin: null
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-lcy-eglc8600023-LCY
-
POSThttps://bam.nr-data.net/jserrors/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=3211&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&xhr=%5B%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam.nr-data.net:443%22,%22pathname%22:%22/resources/1/0d385ba8a0%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:1257%7D,%22duration%22:%7B%22t%22:221%7D,%22rxSize%22:%7B%22t%22:36%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:2281%7D%7D%7D%5Dmsedge.exeRemote address:162.247.243.29:443RequestPOST /jserrors/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=3211&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&xhr=%5B%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam.nr-data.net:443%22,%22pathname%22:%22/resources/1/0d385ba8a0%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:1257%7D,%22duration%22:%7B%22t%22:221%7D,%22rxSize%22:%7B%22t%22:36%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:2281%7D%7D%7D%5D HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: null
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200
Content-Length: 24
date: Fri, 31 May 2024 19:31:10 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: null
x-served-by: cache-lcy-eglc8600041-LCY
-
POSThttps://bam.nr-data.net/resources/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=3214&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&st=1717183866747&ptid=114daef3-0001-b4e0-82d2-018fd02273bdmsedge.exeRemote address:162.247.243.29:443RequestPOST /resources/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=3214&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&st=1717183866747&ptid=114daef3-0001-b4e0-82d2-018fd02273bd HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 1070
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: null
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200
Content-Length: 36
date: Fri, 31 May 2024 19:31:11 GMT
content-type: text/plain
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: null
x-served-by: cache-lcy-eglc8600027-LCY
-
Remote address:8.8.8.8:53Request81.81.224.13.in-addr.arpaIN PTRResponse81.81.224.13.in-addr.arpaIN PTRserver-13-224-81-81man50r cloudfrontnet
-
Remote address:8.8.8.8:53Request240.197.17.2.in-addr.arpaIN PTRResponse240.197.17.2.in-addr.arpaIN PTRa2-17-197-240deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestg.bing.comIN AResponseg.bing.comIN CNAMEg-bing-com.dual-a-0034.a-msedge.netg-bing-com.dual-a-0034.a-msedge.netIN CNAMEdual-a-0034.a-msedge.netdual-a-0034.a-msedge.netIN A204.79.197.237dual-a-0034.a-msedge.netIN A13.107.21.237
-
GEThttps://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8KWp6onm8L4tIk0GsxDvOMTVUCUwIJ_tY6PHDF1Fadvt8d48gfbtuXvgG7i7RGQUcZbk93iwOzWIQwOLeWa6qKLcfPtihQl9jse1Jgsn8hOglvwgiVAsh0Ie5S_vOHSfNphmZFWwMDzqDHuY3GO13RgmEimiaSP-3bS5BzHjXdZHa-n4W%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Da04cc55536271a180d19a36e52b32d7f&TIME=20240508T114033Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48Remote address:204.79.197.237:443RequestGET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8KWp6onm8L4tIk0GsxDvOMTVUCUwIJ_tY6PHDF1Fadvt8d48gfbtuXvgG7i7RGQUcZbk93iwOzWIQwOLeWa6qKLcfPtihQl9jse1Jgsn8hOglvwgiVAsh0Ie5S_vOHSfNphmZFWwMDzqDHuY3GO13RgmEimiaSP-3bS5BzHjXdZHa-n4W%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Da04cc55536271a180d19a36e52b32d7f&TIME=20240508T114033Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48 HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1DE935FDFB456D05296B216DFAA56C23; domain=.bing.com; expires=Wed, 25-Jun-2025 19:31:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8ECA3391567A4731BEDF78C73EBA9798 Ref B: LON04EDGE1213 Ref C: 2024-05-31T19:31:09Z
date: Fri, 31 May 2024 19:31:09 GMT
-
GEThttps://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8KWp6onm8L4tIk0GsxDvOMTVUCUwIJ_tY6PHDF1Fadvt8d48gfbtuXvgG7i7RGQUcZbk93iwOzWIQwOLeWa6qKLcfPtihQl9jse1Jgsn8hOglvwgiVAsh0Ie5S_vOHSfNphmZFWwMDzqDHuY3GO13RgmEimiaSP-3bS5BzHjXdZHa-n4W%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Da04cc55536271a180d19a36e52b32d7f&TIME=20240508T114033Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48Remote address:204.79.197.237:443RequestGET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8KWp6onm8L4tIk0GsxDvOMTVUCUwIJ_tY6PHDF1Fadvt8d48gfbtuXvgG7i7RGQUcZbk93iwOzWIQwOLeWa6qKLcfPtihQl9jse1Jgsn8hOglvwgiVAsh0Ie5S_vOHSfNphmZFWwMDzqDHuY3GO13RgmEimiaSP-3bS5BzHjXdZHa-n4W%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Da04cc55536271a180d19a36e52b32d7f&TIME=20240508T114033Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48 HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=1DE935FDFB456D05296B216DFAA56C23; _EDGE_S=SID=22A98600718063021F39929070C86260
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=lHp2s6ziFcWH_PG6M9LvQF_SFoJPLRtywrY74Tx5FHA; domain=.bing.com; expires=Wed, 25-Jun-2025 19:31:10 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 87EDE9372C5F4024A7783498914201DD Ref B: LON04EDGE1213 Ref C: 2024-05-31T19:31:10Z
date: Fri, 31 May 2024 19:31:09 GMT
-
GEThttps://www.bing.com/aes/c.gif?RG=3999f65e6b8146ae8e6773eff2f78b4c&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T114033Z&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182Remote address:23.62.61.97:443RequestGET /aes/c.gif?RG=3999f65e6b8146ae8e6773eff2f78b4c&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T114033Z&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182 HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=1DE935FDFB456D05296B216DFAA56C23
ResponseHTTP/2.0 200
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B9A0418917954B2D97D9FD6E6FBCFBCA Ref B: BRU30EDGE0918 Ref C: 2024-05-31T19:31:10Z
content-length: 0
date: Fri, 31 May 2024 19:31:10 GMT
set-cookie: _EDGE_S=SID=22A98600718063021F39929070C86260; path=/; httponly; domain=bing.com
set-cookie: MUIDB=1DE935FDFB456D05296B216DFAA56C23; path=/; httponly; expires=Wed, 25-Jun-2025 19:31:10 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.973d3e17.1717183869.e20fdd3
-
Remote address:8.8.8.8:53Requestmidifilehosting.comIN AResponse
-
Remote address:8.8.8.8:53Request29.243.247.162.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request237.197.79.204.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request97.61.62.23.in-addr.arpaIN PTRResponse97.61.62.23.in-addr.arpaIN PTRa23-62-61-97deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request75.159.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestgoogle.comIN A
-
Remote address:8.8.8.8:53Requestgoogle.comIN A
-
Remote address:8.8.4.4:53Requestgoogle.comIN AResponsegoogle.comIN A142.250.178.14
-
Remote address:8.8.8.8:53Request4.4.8.8.in-addr.arpaIN PTRResponse4.4.8.8.in-addr.arpaIN PTRdnsgoogle
-
Remote address:8.8.8.8:53Request43.58.199.20.in-addr.arpaIN PTRResponse
-
GEThttps://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90Remote address:23.62.61.97:443RequestGET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
host: www.bing.com
accept: */*
cookie: MUID=1DE935FDFB456D05296B216DFAA56C23; _EDGE_S=SID=22A98600718063021F39929070C86260; MSPTC=lHp2s6ziFcWH_PG6M9LvQF_SFoJPLRtywrY74Tx5FHA; MUIDB=1DE935FDFB456D05296B216DFAA56C23
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1107
date: Fri, 31 May 2024 19:31:14 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.7d3d3e17.1717183874.11f0fafa
-
Remote address:8.8.8.8:53Requestmidifilehosting.comIN AResponse
-
Remote address:8.8.8.8:53Requestmidifilehosting.comIN A
-
Remote address:8.8.8.8:53Requestmidifilehosting.comIN A
-
Remote address:8.8.8.8:53Requestmidifilehosting.comIN A
-
Remote address:8.8.8.8:53Request28.118.140.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request157.123.68.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestmidifilehosting.comIN AResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request57.169.31.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestmidifilehosting.comIN AResponse
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN AResponsetse1.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 621794
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D39BDC9F1A04446BAB4C05DDEE23F662 Ref B: LON04EDGE1210 Ref C: 2024-05-31T19:32:51Z
date: Fri, 31 May 2024 19:32:50 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 555746
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC9B28AE95554A6B9828A2243D3C9AED Ref B: LON04EDGE1210 Ref C: 2024-05-31T19:32:51Z
date: Fri, 31 May 2024 19:32:50 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 638730
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2480AECBD4084D528C7520109839DBEC Ref B: LON04EDGE1210 Ref C: 2024-05-31T19:32:51Z
date: Fri, 31 May 2024 19:32:50 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 659775
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2C8B598C57FB447E998AFFCAE1B8407E Ref B: LON04EDGE1210 Ref C: 2024-05-31T19:32:51Z
date: Fri, 31 May 2024 19:32:50 GMT
-
Remote address:8.8.8.8:53Request55.36.223.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request200.197.79.204.in-addr.arpaIN PTRResponse200.197.79.204.in-addr.arpaIN PTRa-0001a-msedgenet
-
Remote address:8.8.8.8:53Request24.173.189.20.in-addr.arpaIN PTRResponse
-
545 B 653 B 5 5
HTTP Request
GET http://js-agent.newrelic.com/nr-943.min.jsHTTP Response
301 -
3.3kB 30.2kB 27 32
HTTP Request
GET https://nr-browser-agent.s3.amazonaws.com/nr-943.min.jsHTTP Response
200 -
248 B 144 B 5 3
-
162.247.243.29:80http://bam.nr-data.net/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=1444&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&ap=10&be=320&fe=69&dc=17&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1717183866747,%22n%22:0,%22dl%22:237,%22di%22:336,%22ds%22:337,%22de%22:337,%22dc%22:389,%22l%22:389,%22le%22:392,%22f%22:32,%22dn%22:32,%22dne%22:32,%22c%22:32,%22ce%22:32,%22rq%22:32,%22rp%22:32,%22rpe%22:142%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setTokenhttpmsedge.exe1.2kB 1.8kB 7 7
HTTP Request
GET http://bam.nr-data.net/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=1444&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&ap=10&be=320&fe=69&dc=17&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1717183866747,%22n%22:0,%22dl%22:237,%22di%22:336,%22ds%22:337,%22de%22:337,%22dc%22:389,%22l%22:389,%22le%22:392,%22f%22:32,%22dn%22:32,%22dne%22:32,%22c%22:32,%22ce%22:32,%22rq%22:32,%22rp%22:32,%22rpe%22:142%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setTokenHTTP Response
308 -
162.247.243.29:443https://bam.nr-data.net/resources/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=3214&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&st=1717183866747&ptid=114daef3-0001-b4e0-82d2-018fd02273bdtls, httpmsedge.exe10.5kB 8.7kB 21 24
HTTP Request
GET https://bam.nr-data.net/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=1444&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&ap=10&be=320&fe=69&dc=17&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1717183866747,%22n%22:0,%22dl%22:237,%22di%22:336,%22ds%22:337,%22de%22:337,%22dc%22:389,%22l%22:389,%22le%22:392,%22f%22:32,%22dn%22:32,%22dne%22:32,%22c%22:32,%22ce%22:32,%22rq%22:32,%22rp%22:32,%22rpe%22:142%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setTokenHTTP Response
200HTTP Request
POST https://bam.nr-data.net/resources/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=2281&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&st=1717183866747HTTP Response
200HTTP Request
POST https://bam.nr-data.net/jserrors/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=3211&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&xhr=%5B%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam.nr-data.net:443%22,%22pathname%22:%22/resources/1/0d385ba8a0%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:1257%7D,%22duration%22:%7B%22t%22:221%7D,%22rxSize%22:%7B%22t%22:36%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:2281%7D%7D%7D%5DHTTP Response
200HTTP Request
POST https://bam.nr-data.net/resources/1/0d385ba8a0?a=4351484&v=943.9bd99bf&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXwpbEFMKVQ%3D%3D&rst=3214&ref=file:///C:/Users/Admin/AppData/Local/Temp/881aa98283b14a09f2f6cb8ad607ff49_JaffaCakes118.html&st=1717183866747&ptid=114daef3-0001-b4e0-82d2-018fd02273bdHTTP Response
200 -
204.79.197.237:443https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8KWp6onm8L4tIk0GsxDvOMTVUCUwIJ_tY6PHDF1Fadvt8d48gfbtuXvgG7i7RGQUcZbk93iwOzWIQwOLeWa6qKLcfPtihQl9jse1Jgsn8hOglvwgiVAsh0Ie5S_vOHSfNphmZFWwMDzqDHuY3GO13RgmEimiaSP-3bS5BzHjXdZHa-n4W%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Da04cc55536271a180d19a36e52b32d7f&TIME=20240508T114033Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48tls, http22.5kB 9.0kB 20 17
HTTP Request
GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8KWp6onm8L4tIk0GsxDvOMTVUCUwIJ_tY6PHDF1Fadvt8d48gfbtuXvgG7i7RGQUcZbk93iwOzWIQwOLeWa6qKLcfPtihQl9jse1Jgsn8hOglvwgiVAsh0Ie5S_vOHSfNphmZFWwMDzqDHuY3GO13RgmEimiaSP-3bS5BzHjXdZHa-n4W%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Da04cc55536271a180d19a36e52b32d7f&TIME=20240508T114033Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8KWp6onm8L4tIk0GsxDvOMTVUCUwIJ_tY6PHDF1Fadvt8d48gfbtuXvgG7i7RGQUcZbk93iwOzWIQwOLeWa6qKLcfPtihQl9jse1Jgsn8hOglvwgiVAsh0Ie5S_vOHSfNphmZFWwMDzqDHuY3GO13RgmEimiaSP-3bS5BzHjXdZHa-n4W%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3Da04cc55536271a180d19a36e52b32d7f&TIME=20240508T114033Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48HTTP Response
204 -
23.62.61.97:443https://www.bing.com/aes/c.gif?RG=3999f65e6b8146ae8e6773eff2f78b4c&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T114033Z&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182tls, http21.4kB 5.3kB 16 11
HTTP Request
GET https://www.bing.com/aes/c.gif?RG=3999f65e6b8146ae8e6773eff2f78b4c&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T114033Z&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182HTTP Response
200 -
1.1kB 891 B 10 9
-
23.62.61.97:443https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90tls, http21.6kB 6.4kB 17 13
HTTP Request
GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90HTTP Response
200 -
204.79.197.200:443https://tse1.mm.bing.net/th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90tls, http288.4kB 2.6MB 1870 1867
HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200 -
1.2kB 8.1kB 16 14
-
1.2kB 8.0kB 16 12
-
1.2kB 8.1kB 16 14
-
67 B 83 B 1 1
DNS Request
js-agent.newrelic.com
DNS Response
162.247.243.39
-
79 B 257 B 1 1
DNS Request
nr-browser-agent.s3.amazonaws.com
DNS Response
52.217.64.2016.182.40.12952.217.72.1483.5.28.21552.217.124.18552.216.48.1293.5.29.19216.182.36.57
-
73 B 138 B 1 1
DNS Request
39.243.247.162.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
217.106.137.52.in-addr.arpa
-
71 B 105 B 1 1
DNS Request
20.64.217.52.in-addr.arpa
-
61 B 131 B 1 1
DNS Request
bam.nr-data.net
DNS Response
162.247.243.29
-
71 B 127 B 1 1
DNS Request
81.81.224.13.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
240.197.17.2.in-addr.arpa
-
56 B 151 B 1 1
DNS Request
g.bing.com
DNS Response
204.79.197.23713.107.21.237
-
530 B 8
-
65 B 138 B 1 1
DNS Request
midifilehosting.com
-
73 B 138 B 1 1
DNS Request
29.243.247.162.in-addr.arpa
-
73 B 143 B 1 1
DNS Request
237.197.79.204.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
97.61.62.23.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
75.159.190.20.in-addr.arpa
-
56 B 1
DNS Request
google.com
-
56 B 1
DNS Request
google.com
-
56 B 72 B 1 1
DNS Request
google.com
DNS Response
142.250.178.14
-
66 B 90 B 1 1
DNS Request
4.4.8.8.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
43.58.199.20.in-addr.arpa
-
260 B 138 B 4 1
DNS Request
midifilehosting.com
DNS Request
midifilehosting.com
DNS Request
midifilehosting.com
DNS Request
midifilehosting.com
-
72 B 158 B 1 1
DNS Request
28.118.140.52.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
157.123.68.40.in-addr.arpa
-
70 B 144 B 1 1
DNS Request
18.31.95.13.in-addr.arpa
-
65 B 138 B 1 1
DNS Request
midifilehosting.com
-
148 B 128 B 2 1
DNS Request
172.210.232.199.in-addr.arpa
DNS Request
172.210.232.199.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
57.169.31.20.in-addr.arpa
-
65 B 138 B 1 1
DNS Request
midifilehosting.com
-
62 B 173 B 1 1
DNS Request
tse1.mm.bing.net
DNS Response
204.79.197.20013.107.21.200
-
71 B 157 B 1 1
DNS Request
55.36.223.20.in-addr.arpa
-
73 B 106 B 1 1
DNS Request
200.197.79.204.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
24.173.189.20.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD54b4f91fa1b362ba5341ecb2836438dea
SHA19561f5aabed742404d455da735259a2c6781fa07
SHA256d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c
SHA512fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac
-
Filesize
152B
MD5eaa3db555ab5bc0cb364826204aad3f0
SHA1a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca
SHA256ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b
SHA512e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4
-
Filesize
5KB
MD521c4af456704f5e6180125b0390f5648
SHA175796cd714efa57ec10e61a3f98e5c5e5c9b20b2
SHA256aca97c153733847b898718ea936e70f6aed7d096818c98c187407349903c01ea
SHA51238dcbfd69edd1e5bad77de81af58030d0cc633be59d0cd0e00c2879357bbe8e9df6ed475a52c8c96ecab5a14a3ae49376d9a231cffdde4c9a1cdccfde766c4d1
-
Filesize
6KB
MD5534029b9de12ea181629d7e121d7010a
SHA18ed0e0ef442a95ef080379f96aa9caa8ab3f88a7
SHA25696b06bc224d3a99f2936f938232f53ae9ab5ec753f478608e1d9dbb9d47ef204
SHA51204d3c2c7d815fe7815acda99cbd6dbc1bb704d246829ea19c90c90abc9db142c587014f185ca740e3f87aadba19c84ed0e4268771e4ad5153ff49cad1a5aa3aa
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD596aa1d2601e43f9bbc40aafc7e2043ed
SHA12090fe7ac910b5c80b8eff43ff01af86dd67c9b2
SHA256364d954b1ab12c36f4159769634d07c82e168d1adf5c92fb860844d9e1ed42d2
SHA5122112fc553b764027c0605484af1d3fdb82e6259ef700c25a57ea2f107876c9d1f0181dacb33dee0f51e6bebc7bc1b647224c3ad9f8b0c26305fa6c839cfc228e