8d89e1eeb264d226d1a237fbaedc1f28df2282ae746b3560e6d79fc0889a6f88

Analysis

max time kernel
145s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
11/06/2024, 07:11 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9d62b5436ee89c0ec7606135f49ecaa1_JaffaCakes118.html
Size

328KB
MD5

9d62b5436ee89c0ec7606135f49ecaa1
SHA1

3a3b642935529918f35987c23b38858650030d4c
SHA256

8d89e1eeb264d226d1a237fbaedc1f28df2282ae746b3560e6d79fc0889a6f88
SHA512

94813d7f98ebdd1293b873f8f3cc5452546dd0a9feb9a491e19244c79b911fbee142bb11d174cdb67625eaa81e37918c16a92038b412606e6e57f884458458a1
SSDEEP

3072:7owSq/WLPBY45J/5Uf/UuiyqCwF20BNgqfirIAv0upMegx0lKS1vFZNWs:7owSq/yPJGpfwF20cHC6lKS1vFZN

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
860	msedge.exe
860	msedge.exe
1824	msedge.exe
1824	msedge.exe
2824	identity_helper.exe
2824	identity_helper.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe
2932	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe
1824	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1824 wrote to memory of 4084	1824	msedge.exe	80
PID 1824 wrote to memory of 4084	1824	msedge.exe	80
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 3856	1824	msedge.exe	81
PID 1824 wrote to memory of 860	1824	msedge.exe	82
PID 1824 wrote to memory of 860	1824	msedge.exe	82
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83
PID 1824 wrote to memory of 4988	1824	msedge.exe	83

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9d62b5436ee89c0ec7606135f49ecaa1_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0xd8,0x7ffccfeb46f8,0x7ffccfeb4708,0x7ffccfeb4718
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
  2⤵
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2644 /prefetch:8
  2⤵
  PID:4988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
  2⤵
  PID:336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6664 /prefetch:8
  2⤵
  PID:3560
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6664 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
  2⤵
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
  2⤵
  PID:1124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,12007153331084750657,7358868034914862501,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6412 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2932

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3032

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3324

Network

DNS

58.55.71.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

58.55.71.13.in-addr.arpa

IN PTR

Response
DNS

ads.trafficjunky.net

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.trafficjunky.net

IN A

Response

ads.trafficjunky.net

IN A

66.254.114.154
DNS

ads2.contentabc.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads2.contentabc.com

IN A

Response

ads2.contentabc.com

IN A

66.254.114.171
DNS

ajax.googleapis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.187.202
DNS

static.trafficjunky.com

msedge.exe

Remote address:

8.8.8.8:53

Request

static.trafficjunky.com

IN A

Response

static.trafficjunky.com

IN CNAME

static.trafficjunky.com.sds.rncdn7.com

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.21

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.22

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.23

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.16

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.17

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.18

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.19

static.trafficjunky.com.sds.rncdn7.com

IN A

64.210.156.20
DNS

di.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

di.phncdn.com

IN A

Response

di.phncdn.com

IN CNAME

di.phncdn.com.sds.rncdn7.com

di.phncdn.com.sds.rncdn7.com

IN A

64.210.156.22

di.phncdn.com.sds.rncdn7.com

IN A

64.210.156.23

di.phncdn.com.sds.rncdn7.com

IN A

64.210.156.16

di.phncdn.com.sds.rncdn7.com

IN A

64.210.156.17

di.phncdn.com.sds.rncdn7.com

IN A

64.210.156.18

di.phncdn.com.sds.rncdn7.com

IN A

64.210.156.19

di.phncdn.com.sds.rncdn7.com

IN A

64.210.156.20

di.phncdn.com.sds.rncdn7.com

IN A

64.210.156.21
DNS

smpop.icfcdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

smpop.icfcdn.com

IN A

Response

smpop.icfcdn.com

IN CNAME

smpop.cachefly.net

smpop.cachefly.net

IN CNAME

vip1.g5.cachefly.net

vip1.g5.cachefly.net

IN A

205.234.175.175
DNS

cdn1d-static-shared.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn1d-static-shared.phncdn.com

IN A

Response

cdn1d-static-shared.phncdn.com

IN CNAME

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.16

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.17

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.18

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.19

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.20

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.21

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.22

cdn1d-static-shared.phncdn.com.sds.rncdn7.com

IN A

64.210.156.23
DNS

cdn.feeds.videosz.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.feeds.videosz.com

IN A

Response

cdn.feeds.videosz.com

IN CNAME

cdn.feeds.videosz.com.cdn.reflected.net

cdn.feeds.videosz.com.cdn.reflected.net

IN A

64.210.156.20

cdn.feeds.videosz.com.cdn.reflected.net

IN A

64.210.156.21

cdn.feeds.videosz.com.cdn.reflected.net

IN A

64.210.156.22

cdn.feeds.videosz.com.cdn.reflected.net

IN A

64.210.156.23

cdn.feeds.videosz.com.cdn.reflected.net

IN A

64.210.156.16

cdn.feeds.videosz.com.cdn.reflected.net

IN A

64.210.156.17

cdn.feeds.videosz.com.cdn.reflected.net

IN A

64.210.156.18

cdn.feeds.videosz.com.cdn.reflected.net

IN A

64.210.156.19
DNS

apis.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.200.14
DNS

cdn.niche.videosz.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.niche.videosz.com

IN A

Response

cdn.niche.videosz.com

IN CNAME

cdn.niche.videosz.com.cdn.reflected.net

cdn.niche.videosz.com.cdn.reflected.net

IN A

64.210.156.21

cdn.niche.videosz.com.cdn.reflected.net

IN A

64.210.156.22

cdn.niche.videosz.com.cdn.reflected.net

IN A

64.210.156.23

cdn.niche.videosz.com.cdn.reflected.net

IN A

64.210.156.16

cdn.niche.videosz.com.cdn.reflected.net

IN A

64.210.156.17

cdn.niche.videosz.com.cdn.reflected.net

IN A

64.210.156.18

cdn.niche.videosz.com.cdn.reflected.net

IN A

64.210.156.19

cdn.niche.videosz.com.cdn.reflected.net

IN A

64.210.156.20
GET

https://di.phncdn.com/www-static/css/generated-header.css?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/css/generated-header.css?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: text/css
content-length: 66037
last-modified: Thu, 16 May 2024 18:37:55 GMT
etag: "66465283-101f5"
content-encoding: br
expires: Mon, 16 Sep 2024 04:05:26 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-1-52523-h-0-0---;16009-42-42635----0-0-1
GET

https://di.phncdn.com/www-static/css/video-search-pc.css?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/css/video-search-pc.css?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: text/css
content-length: 2048
last-modified: Wed, 21 Feb 2024 19:49:06 GMT
etag: "65d653b2-800"
content-encoding: br
expires: Mon, 16 Sep 2024 04:05:26 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-36811-h-0-0---;16009-42-42635----0-0-1
GET

https://di.phncdn.com/www-static/css/pc/streamate/widgets-streamate-block.css?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/css/pc/streamate/widgets-streamate-block.css?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: text/css
content-length: 3841
last-modified: Tue, 02 Apr 2024 18:08:58 GMT
etag: "660c49ba-f01"
content-encoding: br
expires: Mon, 16 Sep 2024 04:05:26 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16032-2-52600-h-0-0---;16009-42-42635----0-0-1
GET

https://di.phncdn.com/www-static/css/premium/premium-modals.css?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/css/premium/premium-modals.css?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: application/javascript
content-length: 8877
last-modified: Tue, 05 Dec 2023 16:27:44 GMT
etag: "656f4f80-22ad"
content-encoding: br
expires: Sun, 25 Aug 2024 23:41:52 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-3-44152-h-0-0---;16009-42-42635----0-0-1
GET

https://di.phncdn.com/www-static/js/ph-tracking.js?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/js/ph-tracking.js?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: application/javascript
content-length: 145
last-modified: Thu, 01 Jun 2023 20:32:16 GMT
etag: "64790050-91"
content-encoding: br
expires: Mon, 16 Sep 2024 04:05:26 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-44053-h-0-0---;16009-42-42635----0-0-1
GET

https://di.phncdn.com/www-static/js/lib/ph-functions.js?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/js/lib/ph-functions.js?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: text/css
content-length: 2398
last-modified: Thu, 01 Jun 2023 20:31:42 GMT
etag: "6479002e-95e"
content-encoding: br
expires: Mon, 16 Sep 2024 04:05:26 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-36810-h-0-0---;16009-42-42635----0-0-2
GET

https://di.phncdn.com/www-static/js/mg_modal-1.0.0.js?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/js/mg_modal-1.0.0.js?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: application/javascript
content-length: 1279
last-modified: Tue, 30 Jan 2024 10:10:09 GMT
etag: "65b8cb01-4ff"
content-encoding: br
expires: Sun, 25 Aug 2024 23:41:52 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16008-3-36810-h-0-0---;16009-43-42635----0-0-1
GET

https://di.phncdn.com/www-static/js/lib/networkbar-5.0.0.js?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/js/lib/networkbar-5.0.0.js?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: application/javascript
content-length: 7819
last-modified: Tue, 21 May 2024 12:16:09 GMT
etag: "664c9089-1e8b"
content-encoding: br
expires: Sat, 05 Oct 2024 23:23:02 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-44097-h-0-0---;16009-43-42635----0-0-2
GET

https://di.phncdn.com/www-static/images/pornhub_logo_straight.png?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/images/pornhub_logo_straight.png?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: image/png
content-length: 2935
last-modified: Thu, 01 Jun 2023 20:31:47 GMT
etag: "64790033-b77"
expires: Sun, 01 Sep 2024 01:31:28 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
x-cdn-diag: lon1-16008-1-36684-h-0-0---;16009-41-42635----0-0-1
GET

https://di.phncdn.com/videos/201911/20/263067152/original/(m=eafTGgaaaa)(mh=2LxkDZgtTnW4PtaM)5.jpg

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /videos/201911/20/263067152/original/(m=eafTGgaaaa)(mh=2LxkDZgtTnW4PtaM)5.jpg HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: text/html
content-length: 213
timing-allow-origin: *
access-control-allow-origin: *
x-cdn-diag: lon1-16008-3-36811-m-0-0-404-0.036--;16009-40-42635----0-0-37
access-control-expose-headers: x-cdn-diag
GET

https://di.phncdn.com/videos/201907/12/234875901/thumbs_5/(m=eafTGgaaaa)(mh=GVpRLy2frN4DZ4ck)1.jpg

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /videos/201907/12/234875901/thumbs_5/(m=eafTGgaaaa)(mh=GVpRLy2frN4DZ4ck)1.jpg HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: image/jpeg
content-length: 14201
expires: Tue, 30 Jul 2024 14:40:52 GMT
cache-control: max-age=10589344
last-modified: Fri, 12 Jul 2019 19:13:50 GMT
etag: "1a41c4767-101f4-58d80b5df0786"
access-control-allow-origin: *
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-44035-h-0-0---;16009-40-42635----0-0-1
GET

https://di.phncdn.com/videos/201809/23/184307401/original/(m=eafTGgaaaa)(mh=poGmrc5ifgS4xnyq)12.jpg

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /videos/201809/23/184307401/original/(m=eafTGgaaaa)(mh=poGmrc5ifgS4xnyq)12.jpg HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: text/html
content-length: 213
timing-allow-origin: *
access-control-allow-origin: *
x-cdn-diag: lon1-16009-1-11176-m-0-0-404-0.036--;16009-40-42635----0-0-37
access-control-expose-headers: x-cdn-diag
GET

https://di.phncdn.com/videos/201909/18/249184111/original/(m=eafTGgaaaa)(mh=nTVm3mzKjNJML6y6)11.jpg

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /videos/201909/18/249184111/original/(m=eafTGgaaaa)(mh=nTVm3mzKjNJML6y6)11.jpg HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: text/html
content-length: 213
timing-allow-origin: *
access-control-allow-origin: *
x-cdn-diag: lon1-16008-1-36683-m-0-0-404-0.032--;16009-40-42635----0-0-36
access-control-expose-headers: x-cdn-diag
GET

https://di.phncdn.com/videos/201912/16/269026031/original/(m=eafTGgaaaa)(mh=S-Ki34tG7nehUIDA)15.jpg

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /videos/201912/16/269026031/original/(m=eafTGgaaaa)(mh=S-Ki34tG7nehUIDA)15.jpg HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: text/html
content-length: 213
timing-allow-origin: *
access-control-allow-origin: *
x-cdn-diag: lon1-16032-1-52522-m-0-0-404-0.036--;16009-47-42635----0-0-37
access-control-expose-headers: x-cdn-diag
GET

https://di.phncdn.com/videos/202001/05/274056691/original/(m=eafTGgaaaa)(mh=biORvrk09eg15Na6)10.jpg

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /videos/202001/05/274056691/original/(m=eafTGgaaaa)(mh=biORvrk09eg15Na6)10.jpg HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: text/html
content-length: 213
timing-allow-origin: *
access-control-allow-origin: *
x-cdn-diag: lon1-16008-3-36810-m-0-0-404-0.032--;16009-47-42635----0-0-34
access-control-expose-headers: x-cdn-diag
GET

https://di.phncdn.com/videos/202002/09/283172212/original/(m=eafTGgaaaa)(mh=SU3vPsjOXwNFSuPj)16.jpg

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /videos/202002/09/283172212/original/(m=eafTGgaaaa)(mh=SU3vPsjOXwNFSuPj)16.jpg HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: text/html
content-length: 213
timing-allow-origin: *
access-control-allow-origin: *
x-cdn-diag: lon1-16008-2-36767-m-0-0-404-0.032--;16009-46-42635----0-0-35
access-control-expose-headers: x-cdn-diag
GET

https://di.phncdn.com/videos/201803/04/156836152/original/(m=eafTGgaaaa)(mh=QdpVbDtkZS2p2E5R)9.jpg

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /videos/201803/04/156836152/original/(m=eafTGgaaaa)(mh=QdpVbDtkZS2p2E5R)9.jpg HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: application/javascript
content-length: 28614
last-modified: Mon, 29 Apr 2024 15:34:29 GMT
etag: "662fbe05-6fc6"
content-encoding: br
expires: Mon, 16 Sep 2024 04:05:26 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-3-44161-h-0-0---;16009-46-42635----0-0-2
GET

https://di.phncdn.com/videos/202001/08/274999851/original/(m=eafTGgaaaa)(mh=fVeCvwh9ioI2ReC-)8.jpg

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /videos/202001/08/274999851/original/(m=eafTGgaaaa)(mh=fVeCvwh9ioI2ReC-)8.jpg HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: application/javascript
content-length: 891
last-modified: Thu, 01 Jun 2023 20:32:16 GMT
etag: "64790050-37b"
content-encoding: br
expires: Mon, 16 Sep 2024 04:05:26 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-3-44152-h-0-0---;16009-46-42635----0-0-2
GET

https://di.phncdn.com/www-static/js/lib/generated-lib.js?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/js/lib/generated-lib.js?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: text/css
content-length: 6470
last-modified: Thu, 11 Jan 2024 20:49:32 GMT
etag: "65a0545c-1946"
content-encoding: br
expires: Mon, 16 Sep 2024 04:05:26 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-1-44053-h-0-0---;16009-46-42635----0-0-1
GET

https://di.phncdn.com/www-static/js/lib/lazy_load-2.0.1.js?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/js/lib/lazy_load-2.0.1.js?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: text/html
content-length: 213
timing-allow-origin: *
access-control-allow-origin: *
x-cdn-diag: lon1-16032-2-52597-m-0-0-404-0.036--;16009-46-42635----0-0-35
access-control-expose-headers: x-cdn-diag
GET

https://di.phncdn.com/www-static/css/large.css?cache=2020020702

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/css/large.css?cache=2020020702 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: image/png
content-length: 30488
last-modified: Tue, 16 Jan 2024 00:05:09 GMT
etag: "65a5c835-7718"
expires: Fri, 13 Sep 2024 19:06:10 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
x-cdn-diag: lon1-16032-2-52597-h-0-0---;16009-46-42635----0-0-1
GET

https://di.phncdn.com/www-static/images/sprite-icons.png?cache=2024051603

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/images/sprite-icons.png?cache=2024051603 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://di.phncdn.com/www-static/css/generated-header.css?cache=2020020702
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: text/html
content-length: 213
timing-allow-origin: *
access-control-allow-origin: *
x-cdn-diag: lon1-16007-3-44170-m-0-0-404-0.040--;16009-45-42635----0-0-38
access-control-expose-headers: x-cdn-diag
GET

https://di.phncdn.com/www-static/images/verified-badge.svg?cache=2024051603

msedge.exe

Remote address:

64.210.156.22:443

Request

GET /www-static/images/verified-badge.svg?cache=2024051603 HTTP/2.0
host: di.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://di.phncdn.com/www-static/css/generated-header.css?cache=2020020702
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: image/svg+xml
content-length: 167
last-modified: Thu, 01 Jun 2023 20:31:48 GMT
etag: "64790034-a7"
content-encoding: br
expires: Fri, 13 Sep 2024 19:14:28 GMT
cache-control: max-age=10368000
access-control-allow-origin: *
vary: Accept-Encoding
timing-allow-origin: *
x-cdn-diag: lon1-16007-2-44096-h-0-0---;16009-44-42635----0-0-1
GET

https://static.trafficjunky.com/ab/ads_test.js

msedge.exe

Remote address:

64.210.156.21:443

Request

GET /ab/ads_test.js HTTP/2.0
host: static.trafficjunky.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 26 Jul 2023 19:30:36 GMT
etag: W/"6bb93e32b-7e3-60168e1c0cf00"
expires: Mon, 29 Jul 2024 09:32:40 GMT
cache-control: max-age=3600
content-encoding: br
x-cdn-diag: lon1-16032-2-52599-h-0-0---;16032-42-59577----0-0-0
GET

https://cdn1d-static-shared.phncdn.com/mg_utils-1.0.0.js?cache=2020020702

msedge.exe

Remote address:

64.210.156.16:443

Request

GET /mg_utils-1.0.0.js?cache=2020020702 HTTP/2.0
host: cdn1d-static-shared.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:47 GMT
content-type: application/javascript
content-length: 4759
last-modified: Fri, 23 Feb 2018 17:37:32 GMT
etag: "5a90515c-1297"
content-encoding: gzip
expires: Fri, 26 Jan 2024 12:03:18 GMT
cache-control: max-age=1706270598
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: lon1-16009-2-11240-h-0-0---;16008-39-13234----0-0-0
GET

https://cdn1d-static-shared.phncdn.com/iframe-1.1.5.html

msedge.exe

Remote address:

64.210.156.16:443

Request

GET /iframe-1.1.5.html HTTP/2.0
host: cdn1d-static-shared.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: text/html
content-length: 786
last-modified: Fri, 20 Sep 2019 15:43:43 GMT
etag: "5d84f3af-312"
content-encoding: gzip
expires: Sat, 21 Sep 2024 19:38:16 GMT
cache-control: max-age=1726947496
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: lon1-16008-2-36770-h-0-0---;16008-45-13234----0-0-1
GET

https://cdn1d-static-shared.phncdn.com/head/load-1.0.3.js

msedge.exe

Remote address:

64.210.156.16:443

Request

GET /head/load-1.0.3.js HTTP/2.0
host: cdn1d-static-shared.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: application/javascript
content-length: 1096
last-modified: Tue, 18 Oct 2016 14:27:29 GMT
etag: "58063151-448"
content-encoding: gzip
expires: Tue, 30 Jan 2024 06:57:30 GMT
cache-control: max-age=1706597850
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: lon1-16032-1-52523-h-0-0---;16008-50-13234----0-0-0
GET

https://cdn1d-static-shared.phncdn.com/tubes-2.0.4.js

msedge.exe

Remote address:

64.210.156.16:443

Request

GET /tubes-2.0.4.js HTTP/2.0
host: cdn1d-static-shared.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: application/javascript
content-length: 1964
last-modified: Tue, 28 Apr 2015 12:43:45 GMT
etag: "553f8081-7ac"
content-encoding: gzip
expires: Sat, 27 Jan 2024 17:02:26 GMT
cache-control: max-age=1706374946
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: lon1-16009-2-11238-h-0-0---;16008-50-13234----0-0-1
GET

https://cdn1d-static-shared.phncdn.com/timings-1.0.0.js

msedge.exe

Remote address:

64.210.156.16:443

Request

GET /timings-1.0.0.js HTTP/2.0
host: cdn1d-static-shared.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: application/javascript
content-length: 2495
last-modified: Thu, 23 Mar 2017 18:25:59 GMT
etag: "58d41337-9bf"
content-encoding: gzip
expires: Fri, 26 Jan 2024 06:46:21 GMT
cache-control: max-age=1706251581
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
x-cdn-diag: lon1-16009-1-11178-h-0-0---;16008-50-13234----0-0-1
DNS

cdn1-smallimg.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn1-smallimg.phncdn.com

IN A

Response

cdn1-smallimg.phncdn.com

IN CNAME

smallimg.phncdn.com

smallimg.phncdn.com

IN A

66.254.114.156
DNS

cdn1.ads.contentabc.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn1.ads.contentabc.com

IN A

Response

cdn1.ads.contentabc.com

IN CNAME

vip0x04e.ssl.rncdn5.com

vip0x04e.ssl.rncdn5.com

IN A

205.185.208.78
DNS

ci.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ci.phncdn.com

IN A

Response

ci.phncdn.com

IN CNAME

cs851.wpc.rncdn4.com

cs851.wpc.rncdn4.com

IN A

152.195.34.118
DNS

cs.phncdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cs.phncdn.com

IN A

Response

cs.phncdn.com

IN CNAME

vip0x08e.ssl.rncdn5.com

vip0x08e.ssl.rncdn5.com

IN A

205.185.208.142
DNS

m2.nsimg.net

msedge.exe

Remote address:

8.8.8.8:53

Request

m2.nsimg.net

IN A

Response

m2.nsimg.net

IN A

207.178.0.95

m2.nsimg.net

IN A

207.178.0.91

m2.nsimg.net

IN A

207.178.0.89

m2.nsimg.net

IN A

207.178.0.93
DNS

media.trafficjunky.net

msedge.exe

Remote address:

8.8.8.8:53

Request

media.trafficjunky.net

IN A

Response

media.trafficjunky.net

IN CNAME

media.trafficjunky.net.sds.rncdn7.com

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.17

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.18

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.19

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.20

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.21

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.22

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.23

media.trafficjunky.net.sds.rncdn7.com

IN A

64.210.156.16
DNS

p.twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

p.twitter.com

IN A

Response
DNS

platform.tumblr.com

msedge.exe

Remote address:

8.8.8.8:53

Request

platform.tumblr.com

IN A

Response

platform.tumblr.com

IN A

74.114.154.15
GET

https://smpop.icfcdn.com/smpop-stable.js

msedge.exe

Remote address:

205.234.175.175:443

Request

GET /smpop-stable.js HTTP/2.0
host: smpop.icfcdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: application/javascript
content-length: 4349
x-cff: B
last-modified: Fri, 28 Feb 2020 00:32:38 GMT
etag: "479e-59f97f97ab580-gzip"
vary: Accept-Encoding
cache-control: max-age=60
x-cf3: M
cf4age: 0
x-cf-tsc: 1716506168
cf4ttl: 60.000
content-encoding: gzip
x-cf2: M
accept-ranges: bytes
server: CFS 0215
x-cf1: 34233:fE.lon1:co:nots:cacheN.lon1-01:M
x-cf-reqid: ead0bbfb7f8eb9e88d3208f2998f05a2
DNS

platform.twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

platform.twitter.com

IN A

Response

platform.twitter.com

IN CNAME

platform.twitter.map.fastly.net

platform.twitter.map.fastly.net

IN A

199.232.56.157
DNS

twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

twitter.com

IN A

Response

twitter.com

IN A

104.244.42.65
GET

https://ci.phncdn.com/videos/201912/21/270319171/original/(m=eafTGgaaaa)(mh=P2T56_TyyPifxEh5)10.jpg

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /videos/201912/21/270319171/original/(m=eafTGgaaaa)(mh=P2T56_TyyPifxEh5)10.jpg HTTP/2.0
host: ci.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

access-control-allow-origin: *
cache-control: no-cache
content-type: image/jpeg
date: Tue, 11 Jun 2024 07:11:47 GMT
expires: Wed, 12 Jun 2024 07:11:47 GMT
server: nginx
set-cookie: RNLBSERVERID=ded7363; path=/; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
GET

https://ci.phncdn.com/videos/202001/06/274287871/original/(m=eafTGgaaaa)(mh=sxPmaSGF41abVxqn)13.jpg

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /videos/202001/06/274287871/original/(m=eafTGgaaaa)(mh=sxPmaSGF41abVxqn)13.jpg HTTP/2.0
host: ci.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: RNLBSERVERID=ded7363

Response

HTTP/2.0 404

access-control-allow-origin: *
cache-control: no-cache
content-type: image/jpeg
date: Tue, 11 Jun 2024 07:11:47 GMT
expires: Wed, 12 Jun 2024 07:11:47 GMT
server: nginx
set-cookie: RNLBSERVERID=ded7453; path=/; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
GET

https://ci.phncdn.com/videos/201804/17/162505192/original/(m=eafTGgaaaa)(mh=azTxl8IN55Fm1Ppk)0.jpg

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /videos/201804/17/162505192/original/(m=eafTGgaaaa)(mh=azTxl8IN55Fm1Ppk)0.jpg HTTP/2.0
host: ci.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: RNLBSERVERID=ded7453

Response

HTTP/2.0 404

access-control-allow-origin: *
cache-control: no-cache
content-type: image/jpeg
date: Tue, 11 Jun 2024 07:11:47 GMT
expires: Wed, 12 Jun 2024 07:11:48 GMT
server: nginx
set-cookie: RNLBSERVERID=ded7430; path=/; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
GET

https://ci.phncdn.com/www-static/images/rightArrow.png

msedge.exe

Remote address:

152.195.34.118:443

Request

GET /www-static/images/rightArrow.png HTTP/2.0
host: ci.phncdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: RNLBSERVERID=ded7430

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-origin: *
age: 6715268
cache-control: max-age=10368000
content-type: image/png
date: Tue, 11 Jun 2024 07:11:48 GMT
etag: "64790033-92"
expires: Wed, 09 Oct 2024 07:11:48 GMT
last-modified: Thu, 01 Jun 2023 20:31:47 GMT
server: ECAcc (frb/6744)
timing-allow-origin: *
x-cache: HIT
content-length: 146
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

71.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.159.190.20.in-addr.arpa

IN PTR

Response
DNS

22.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.156.210.64.in-addr.arpa

IN PTR

Response
DNS

21.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.156.210.64.in-addr.arpa

IN PTR

Response
DNS

16.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

16.156.210.64.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

175.175.234.205.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.175.234.205.in-addr.arpa

IN PTR

Response

175.175.234.205.in-addr.arpa

IN PTR

vip1 G-anycast1cacheflynet
DNS

hubt.pornhub.com

msedge.exe

Remote address:

8.8.8.8:53

Request

hubt.pornhub.com

IN A

Response

hubt.pornhub.com

IN CNAME

hubtraffic.com

hubtraffic.com

IN A

216.18.168.30
GET

https://hubt.pornhub.com/js/ht.js?site_id=3

msedge.exe

Remote address:

216.18.168.30:443

Request

GET /js/ht.js?site_id=3 HTTP/2.0
host: hubt.pornhub.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

content-length: 0
GET

https://ads.trafficjunky.net/ads?zone_id=32&channel%5Bsearch%5D=cousin&channel%5Bcontext_page_type%5D=listing&refresh_times=2&site_id=2&channel%5Bsite%5D=pornhub

msedge.exe

Remote address:

66.254.114.154:443

Request

GET /ads?zone_id=32&channel%5Bsearch%5D=cousin&channel%5Bcontext_page_type%5D=listing&refresh_times=2&site_id=2&channel%5Bsite%5D=pornhub HTTP/2.0
host: ads.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn1d-static-shared.phncdn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
GET

https://ads.trafficjunky.net/ads?zone_id=5&channel%5Bsearch%5D=cousin&channel%5Bcontext_page_type%5D=listing&site_id=2&channel%5Bsite%5D=pornhub

msedge.exe

Remote address:

66.254.114.154:443

Request

GET /ads?zone_id=5&channel%5Bsearch%5D=cousin&channel%5Bcontext_page_type%5D=listing&site_id=2&channel%5Bsite%5D=pornhub HTTP/2.0
host: ads.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn1d-static-shared.phncdn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: text/html
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
set-cookie: tj_UUID=ChDkFnkb1fRIaoWAy2HXmYHMEgwIp9-SswYQira55wE=; Path=/; Domain=ads.trafficjunky.net; Expires=Thu, 11 Jul 2024 07:11:48 GMT; Secure; SameSite=None
set-cookie: tj_UUID_v2=ChDkFnkb1fRIaoWAy2HXmYHMEgwIp9-SswYQira55wE=; Path=/; Domain=ads.trafficjunky.net; Expires=Thu, 11 Jul 2024 07:11:48 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
GET

https://ads.trafficjunky.net/deep_pixel?info=CiQzM2U1MzkxNC0zYzBkLTRiMTctODg5ZC05ZjZhZDI4YzQ5ZDUQtPGfswYaImZlYWU1MGNjOGQxOTQyZTg5ZGFkZTAxYjYwNmJiZTIzLTEgAjCRons4BUD75wZIgbL73wNSAzQwNVjV66neA2CVsbzzA3IgZTQxNjc5MWJkNWY0NDg2YTg1ODBjYjYxZDc5OTgxY2OBAY3ttaD3xuA%2BkgECR0KaAQNFTkeiAQZMb25kb26qAQZjb3VzaW7KARJndHQgY29tbXVuaWNhdGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDjE5MS4xMDEuMjA5LjM5%2BgEOMTkxLjEwMS4yMDkuMzmCAgdkZWQ3NTIziAIhkgIEZWRnZZoCBEVDMU6qAgQxMC4wsgIEOTIuMNgC26CD2wXgAums55gE%2BgIBMYIDAnt9kgMHZGVza3RvcJoDAmVuqAMBwgMHbGlzdGluZw%3D%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

msedge.exe

Remote address:

66.254.114.154:443

Request

GET /deep_pixel?info=CiQzM2U1MzkxNC0zYzBkLTRiMTctODg5ZC05ZjZhZDI4YzQ5ZDUQtPGfswYaImZlYWU1MGNjOGQxOTQyZTg5ZGFkZTAxYjYwNmJiZTIzLTEgAjCRons4BUD75wZIgbL73wNSAzQwNVjV66neA2CVsbzzA3IgZTQxNjc5MWJkNWY0NDg2YTg1ODBjYjYxZDc5OTgxY2OBAY3ttaD3xuA%2BkgECR0KaAQNFTkeiAQZMb25kb26qAQZjb3VzaW7KARJndHQgY29tbXVuaWNhdGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDjE5MS4xMDEuMjA5LjM5%2BgEOMTkxLjEwMS4yMDkuMzmCAgdkZWQ3NTIziAIhkgIEZWRnZZoCBEVDMU6qAgQxMC4wsgIEOTIuMNgC26CD2wXgAums55gE%2BgIBMYIDAnt9kgMHZGVza3RvcJoDAmVuqAMBwgMHbGlzdGluZw%3D%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67 HTTP/2.0
host: ads.trafficjunky.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.trafficjunky.net/ads?zone_id=5&channel%5Bsearch%5D=cousin&channel%5Bcontext_page_type%5D=listing&site_id=2&channel%5Bsite%5D=pornhub
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
DNS

118.34.195.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

118.34.195.152.in-addr.arpa

IN PTR

Response
DNS

30.168.18.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

30.168.18.216.in-addr.arpa

IN PTR

Response
DNS

154.114.254.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.114.254.66.in-addr.arpa

IN PTR

Response

154.114.254.66.in-addr.arpa

IN PTR

reflectededge reflectednet
DNS

a.adtng.com

msedge.exe

Remote address:

8.8.8.8:53

Request

a.adtng.com

IN A

Response

a.adtng.com

IN A

66.254.114.171
GET

https://cdn1-smallimg.phncdn.com/n172nWs1UEcnquuObA5x52osw51230gH/rta-1.gif

msedge.exe

Remote address:

66.254.114.156:443

Request

GET /n172nWs1UEcnquuObA5x52osw51230gH/rta-1.gif HTTP/1.1
Host: cdn1-smallimg.phncdn.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

server: openresty
date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 08 Oct 2015 21:35:30 GMT
etag: "5616e1a2-75a"
expires: Thu, 11 Jul 2024 07:11:48 GMT
cache-control: max-age=2592000
accept-ranges: bytes
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
GET

https://a.adtng.com/get/10008675?time=1572467498430&adtool_keyword=cousin&uuid=feae50cc8d1942e89dade01b606bbe23&impid=feae50cc8d1942e89dade01b606bbe23-1&tj_zid=2019601&tj_cid=1006557441&tj_aid=1533071451&infos=CiQzM2U1MzkxNC0zYzBkLTRiMTctODg5ZC05ZjZhZDI4YzQ5ZDUQtPGfswYaImZlYWU1MGNjOGQxOTQyZTg5ZGFkZTAxYjYwNmJiZTIzLTEgAjCRons4BUD75wZIgbL73wNSAzQwNVjV66neA2CVsbzzA3IgZTQxNjc5MWJkNWY0NDg2YTg1ODBjYjYxZDc5OTgxY2OBAY3ttaD3xuA+kgECR0KaAQNFTkeiAQZMb25kb26qAQZjb3VzaW7KARJndHQgY29tbXVuaWNhdGlvbnPSAQR3aWZp2gEHd2luZG93c+IBDjE5MS4xMDEuMjA5LjM5+gEOMTkxLjEwMS4yMDkuMzmCAgdkZWQ3NTIziAIhkgIEZWRnZZoCBEVDMU6qAgQxMC4wsgIEOTIuMNgC26CD2wXgAums55gE+gIBMYIDAnt9kgMHZGVza3RvcJoDAmVuqAMBwgMHbGlzdGluZw==

msedge.exe

Remote address:

66.254.114.171:443

Request

GET /get/10008675?time=1572467498430&adtool_keyword=cousin&uuid=feae50cc8d1942e89dade01b606bbe23&impid=feae50cc8d1942e89dade01b606bbe23-1&tj_zid=2019601&tj_cid=1006557441&tj_aid=1533071451&infos=CiQzM2U1MzkxNC0zYzBkLTRiMTctODg5ZC05ZjZhZDI4YzQ5ZDUQtPGfswYaImZlYWU1MGNjOGQxOTQyZTg5ZGFkZTAxYjYwNmJiZTIzLTEgAjCRons4BUD75wZIgbL73wNSAzQwNVjV66neA2CVsbzzA3IgZTQxNjc5MWJkNWY0NDg2YTg1ODBjYjYxZDc5OTgxY2OBAY3ttaD3xuA+kgECR0KaAQNFTkeiAQZMb25kb26qAQZjb3VzaW7KARJndHQgY29tbXVuaWNhdGlvbnPSAQR3aWZp2gEHd2luZG93c+IBDjE5MS4xMDEuMjA5LjM5+gEOMTkxLjEwMS4yMDkuMzmCAgdkZWQ3NTIziAIhkgIEZWRnZZoCBEVDMU6qAgQxMC4wsgIEOTIuMNgC26CD2wXgAums55gE+gIBMYIDAnt9kgMHZGVza3RvcJoDAmVuqAMBwgMHbGlzdGluZw== HTTP/2.0
host: a.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.trafficjunky.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: openresty
date: Tue, 11 Jun 2024 07:11:48 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
DNS

hw-cdn2.adtng.com

msedge.exe

Remote address:

8.8.8.8:53

Request

hw-cdn2.adtng.com

IN A

Response

hw-cdn2.adtng.com

IN CNAME

hw-cdn2.adtng.com.lds.rncdn7.com

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.6

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.7

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.0

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.1

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.2

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.3

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.4

hw-cdn2.adtng.com.lds.rncdn7.com

IN A

64.210.156.5
DNS

hw-cdn2.adtng.com

msedge.exe

Remote address:

8.8.8.8:53

Request

hw-cdn2.adtng.com

IN A
DNS

156.114.254.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

156.114.254.66.in-addr.arpa

IN PTR

Response

156.114.254.66.in-addr.arpa

IN PTR

reflectededge reflectednet
DNS

171.114.254.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.114.254.66.in-addr.arpa

IN PTR

Response

171.114.254.66.in-addr.arpa

IN PTR

reflectededge reflectednet
GET

https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js

msedge.exe

Remote address:

64.210.156.6:443

Request

GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://a.adtng.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:50 GMT
content-type: application/javascript
content-length: 5027
last-modified: Fri, 02 Nov 2018 14:17:11 GMT
expires: Sun, 30 May 2021 14:46:56 GMT
cache-control: max-age=10700326
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: lon1-16036-3-48519-h-0-0---;16024-39-1610162----0-0-1
GET

https://hw-cdn2.adtng.com/a7/creatives/1/49/818923/1100152/1100152_logo.png

msedge.exe

Remote address:

64.210.156.6:443

Request

GET /a7/creatives/1/49/818923/1100152/1100152_logo.png HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://a.adtng.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:50 GMT
content-type: image/png
content-length: 64833
last-modified: Tue, 09 Apr 2024 19:38:46 GMT
expires: Sun, 25 Aug 2024 15:46:58 GMT
cache-control: max-age=10691653
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: lon1-16024-7-1342478-h-0-0---;16024-39-1610162----0-0-0
GET

https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js

msedge.exe

Remote address:

64.210.156.6:443

Request

GET /delivery/intersection_observer/IntersectionObserver.js HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://a.adtng.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jun 2024 07:11:50 GMT
content-type: application/javascript
content-length: 16885
last-modified: Tue, 05 Apr 2022 20:54:54 GMT
expires: Sun, 17 Mar 2024 01:54:48 GMT
cache-control: max-age=10382487
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: lon1-16025-2-1288204-h-0-0---;16024-42-1610162----0-0-1
GET

https://hw-cdn2.adtng.com/a7/creatives/1/49/818923/1100152/1100152_video.mp4

msedge.exe

Remote address:

64.210.156.6:443

Request

GET /a7/creatives/1/49/818923/1100152/1100152_video.mp4 HTTP/2.0
host: hw-cdn2.adtng.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://a.adtng.com/
accept-language: en-US,en;q=0.9
range: bytes=0-

Response

HTTP/2.0 206

date: Tue, 11 Jun 2024 07:11:50 GMT
content-type: video/mp4
content-length: 819536
last-modified: Tue, 09 Apr 2024 19:43:04 GMT
expires: Sun, 25 Aug 2024 07:32:32 GMT
cache-control: max-age=10661987
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
content-range: bytes 0-819535/819536
x-cdn-diag: lon1-16036-5-48898-h-0-0---;16024-42-1610162----0-0-1
DNS

6.156.210.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.156.210.64.in-addr.arpa

IN PTR

Response
DNS

183.142.211.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.142.211.20.in-addr.arpa

IN PTR

Response
DNS

157.123.68.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.123.68.40.in-addr.arpa

IN PTR

Response
DNS

157.123.68.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.123.68.40.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response

64.210.156.22:443

di.phncdn.com

tls

msedge.exe

1.1kB
4.0kB
9
7
64.210.156.22:443

https://di.phncdn.com/www-static/images/verified-badge.svg?cache=2024051603

tls, http2

msedge.exe

10.2kB
198.8kB
145
169

HTTP Request

GET https://di.phncdn.com/www-static/css/generated-header.css?cache=2020020702

HTTP Request

GET https://di.phncdn.com/www-static/css/video-search-pc.css?cache=2020020702

HTTP Request

GET https://di.phncdn.com/www-static/css/pc/streamate/widgets-streamate-block.css?cache=2020020702

HTTP Request

GET https://di.phncdn.com/www-static/css/premium/premium-modals.css?cache=2020020702

HTTP Request

GET https://di.phncdn.com/www-static/js/ph-tracking.js?cache=2020020702

HTTP Request

GET https://di.phncdn.com/www-static/js/lib/ph-functions.js?cache=2020020702

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://di.phncdn.com/www-static/js/mg_modal-1.0.0.js?cache=2020020702

HTTP Response

200

HTTP Request

GET https://di.phncdn.com/www-static/js/lib/networkbar-5.0.0.js?cache=2020020702

HTTP Response

200

HTTP Request

GET https://di.phncdn.com/www-static/images/pornhub_logo_straight.png?cache=2020020702

HTTP Response

200

HTTP Request

GET https://di.phncdn.com/videos/201911/20/263067152/original/(m=eafTGgaaaa)(mh=2LxkDZgtTnW4PtaM)5.jpg

HTTP Response

404

HTTP Request

GET https://di.phncdn.com/videos/201907/12/234875901/thumbs_5/(m=eafTGgaaaa)(mh=GVpRLy2frN4DZ4ck)1.jpg

HTTP Response

200

HTTP Request

GET https://di.phncdn.com/videos/201809/23/184307401/original/(m=eafTGgaaaa)(mh=poGmrc5ifgS4xnyq)12.jpg

HTTP Response

404

HTTP Request

GET https://di.phncdn.com/videos/201909/18/249184111/original/(m=eafTGgaaaa)(mh=nTVm3mzKjNJML6y6)11.jpg

HTTP Response

404

HTTP Request

GET https://di.phncdn.com/videos/201912/16/269026031/original/(m=eafTGgaaaa)(mh=S-Ki34tG7nehUIDA)15.jpg

HTTP Response

404

HTTP Request

GET https://di.phncdn.com/videos/202001/05/274056691/original/(m=eafTGgaaaa)(mh=biORvrk09eg15Na6)10.jpg

HTTP Response

404

HTTP Request

GET https://di.phncdn.com/videos/202002/09/283172212/original/(m=eafTGgaaaa)(mh=SU3vPsjOXwNFSuPj)16.jpg

HTTP Request

GET https://di.phncdn.com/videos/201803/04/156836152/original/(m=eafTGgaaaa)(mh=QdpVbDtkZS2p2E5R)9.jpg

HTTP Request

GET https://di.phncdn.com/videos/202001/08/274999851/original/(m=eafTGgaaaa)(mh=fVeCvwh9ioI2ReC-)8.jpg

HTTP Request

GET https://di.phncdn.com/www-static/js/lib/generated-lib.js?cache=2020020702

HTTP Request

GET https://di.phncdn.com/www-static/js/lib/lazy_load-2.0.1.js?cache=2020020702

HTTP Request

GET https://di.phncdn.com/www-static/css/large.css?cache=2020020702

HTTP Request

GET https://di.phncdn.com/www-static/images/sprite-icons.png?cache=2024051603

HTTP Response

404

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

404

HTTP Response

200

HTTP Response

404

HTTP Request

GET https://di.phncdn.com/www-static/images/verified-badge.svg?cache=2024051603

HTTP Response

200
64.210.156.22:443

di.phncdn.com

tls

msedge.exe

1.1kB
4.0kB
9
7
64.210.156.22:443

di.phncdn.com

tls

msedge.exe

1.1kB
4.0kB
9
7
64.210.156.22:443

di.phncdn.com

tls

msedge.exe

1.1kB
4.0kB
9
7
64.210.156.22:443

di.phncdn.com

tls

msedge.exe

1.1kB
4.0kB
9
7
64.210.156.21:443

https://static.trafficjunky.com/ab/ads_test.js

tls, http2

msedge.exe

1.7kB
5.2kB
12
11

HTTP Request

GET https://static.trafficjunky.com/ab/ads_test.js

HTTP Response

200
64.210.156.16:443

https://cdn1d-static-shared.phncdn.com/timings-1.0.0.js

tls, http2

msedge.exe

2.7kB
18.0kB
25
25

HTTP Request

GET https://cdn1d-static-shared.phncdn.com/mg_utils-1.0.0.js?cache=2020020702

HTTP Response

200

HTTP Request

GET https://cdn1d-static-shared.phncdn.com/iframe-1.1.5.html

HTTP Response

200

HTTP Request

GET https://cdn1d-static-shared.phncdn.com/head/load-1.0.3.js

HTTP Request

GET https://cdn1d-static-shared.phncdn.com/tubes-2.0.4.js

HTTP Request

GET https://cdn1d-static-shared.phncdn.com/timings-1.0.0.js

HTTP Response

200

HTTP Response

200

HTTP Response

200
205.234.175.175:443

https://smpop.icfcdn.com/smpop-stable.js

tls, http2

msedge.exe

1.7kB
8.9kB
15
19

HTTP Request

GET https://smpop.icfcdn.com/smpop-stable.js

HTTP Response

200
152.195.34.118:443

https://ci.phncdn.com/www-static/images/rightArrow.png

tls, http2

msedge.exe

3.7kB
44.6kB
37
48

HTTP Request

GET https://ci.phncdn.com/videos/201912/21/270319171/original/(m=eafTGgaaaa)(mh=P2T56_TyyPifxEh5)10.jpg

HTTP Response

404

HTTP Request

GET https://ci.phncdn.com/videos/202001/06/274287871/original/(m=eafTGgaaaa)(mh=sxPmaSGF41abVxqn)13.jpg

HTTP Response

404

HTTP Request

GET https://ci.phncdn.com/videos/201804/17/162505192/original/(m=eafTGgaaaa)(mh=azTxl8IN55Fm1Ppk)0.jpg

HTTP Response

404

HTTP Request

GET https://ci.phncdn.com/www-static/images/rightArrow.png

HTTP Response

200
216.58.213.14:445

www.google-analytics.com

260 B
5
216.18.168.30:443

https://hubt.pornhub.com/js/ht.js?site_id=3

tls, http2

msedge.exe

1.6kB
4.8kB
13
12

HTTP Request

GET https://hubt.pornhub.com/js/ht.js?site_id=3

HTTP Response

404
66.254.114.154:443

https://ads.trafficjunky.net/deep_pixel?info=CiQzM2U1MzkxNC0zYzBkLTRiMTctODg5ZC05ZjZhZDI4YzQ5ZDUQtPGfswYaImZlYWU1MGNjOGQxOTQyZTg5ZGFkZTAxYjYwNmJiZTIzLTEgAjCRons4BUD75wZIgbL73wNSAzQwNVjV66neA2CVsbzzA3IgZTQxNjc5MWJkNWY0NDg2YTg1ODBjYjYxZDc5OTgxY2OBAY3ttaD3xuA%2BkgECR0KaAQNFTkeiAQZMb25kb26qAQZjb3VzaW7KARJndHQgY29tbXVuaWNhdGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDjE5MS4xMDEuMjA5LjM5%2BgEOMTkxLjEwMS4yMDkuMzmCAgdkZWQ3NTIziAIhkgIEZWRnZZoCBEVDMU6qAgQxMC4wsgIEOTIuMNgC26CD2wXgAums55gE%2BgIBMYIDAnt9kgMHZGVza3RvcJoDAmVuqAMBwgMHbGlzdGluZw%3D%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

tls, http2

msedge.exe

3.0kB
8.3kB
19
19

HTTP Request

GET https://ads.trafficjunky.net/ads?zone_id=32&channel%5Bsearch%5D=cousin&channel%5Bcontext_page_type%5D=listing&refresh_times=2&site_id=2&channel%5Bsite%5D=pornhub

HTTP Request

GET https://ads.trafficjunky.net/ads?zone_id=5&channel%5Bsearch%5D=cousin&channel%5Bcontext_page_type%5D=listing&site_id=2&channel%5Bsite%5D=pornhub

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ads.trafficjunky.net/deep_pixel?info=CiQzM2U1MzkxNC0zYzBkLTRiMTctODg5ZC05ZjZhZDI4YzQ5ZDUQtPGfswYaImZlYWU1MGNjOGQxOTQyZTg5ZGFkZTAxYjYwNmJiZTIzLTEgAjCRons4BUD75wZIgbL73wNSAzQwNVjV66neA2CVsbzzA3IgZTQxNjc5MWJkNWY0NDg2YTg1ODBjYjYxZDc5OTgxY2OBAY3ttaD3xuA%2BkgECR0KaAQNFTkeiAQZMb25kb26qAQZjb3VzaW7KARJndHQgY29tbXVuaWNhdGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDjE5MS4xMDEuMjA5LjM5%2BgEOMTkxLjEwMS4yMDkuMzmCAgdkZWQ3NTIziAIhkgIEZWRnZZoCBEVDMU6qAgQxMC4wsgIEOTIuMNgC26CD2wXgAums55gE%2BgIBMYIDAnt9kgMHZGVza3RvcJoDAmVuqAMBwgMHbGlzdGluZw%3D%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.131+Safari%2F537.36+Edg%2F92.0.902.67

HTTP Response

200
66.254.114.154:443

ads.trafficjunky.net

msedge.exe

98 B
52 B
2
1
66.254.114.156:443

https://cdn1-smallimg.phncdn.com/n172nWs1UEcnquuObA5x52osw51230gH/rta-1.gif

tls, http

msedge.exe

1.7kB
6.7kB
12
14

HTTP Request

GET https://cdn1-smallimg.phncdn.com/n172nWs1UEcnquuObA5x52osw51230gH/rta-1.gif

HTTP Response

200
66.254.114.171:443

https://a.adtng.com/get/10008675?time=1572467498430&adtool_keyword=cousin&uuid=feae50cc8d1942e89dade01b606bbe23&impid=feae50cc8d1942e89dade01b606bbe23-1&tj_zid=2019601&tj_cid=1006557441&tj_aid=1533071451&infos=CiQzM2U1MzkxNC0zYzBkLTRiMTctODg5ZC05ZjZhZDI4YzQ5ZDUQtPGfswYaImZlYWU1MGNjOGQxOTQyZTg5ZGFkZTAxYjYwNmJiZTIzLTEgAjCRons4BUD75wZIgbL73wNSAzQwNVjV66neA2CVsbzzA3IgZTQxNjc5MWJkNWY0NDg2YTg1ODBjYjYxZDc5OTgxY2OBAY3ttaD3xuA+kgECR0KaAQNFTkeiAQZMb25kb26qAQZjb3VzaW7KARJndHQgY29tbXVuaWNhdGlvbnPSAQR3aWZp2gEHd2luZG93c+IBDjE5MS4xMDEuMjA5LjM5+gEOMTkxLjEwMS4yMDkuMzmCAgdkZWQ3NTIziAIhkgIEZWRnZZoCBEVDMU6qAgQxMC4wsgIEOTIuMNgC26CD2wXgAums55gE+gIBMYIDAnt9kgMHZGVza3RvcJoDAmVuqAMBwgMHbGlzdGluZw==

tls, http2

msedge.exe

3.7kB
15.2kB
24
24

HTTP Request

GET https://a.adtng.com/get/10008675?time=1572467498430&adtool_keyword=cousin&uuid=feae50cc8d1942e89dade01b606bbe23&impid=feae50cc8d1942e89dade01b606bbe23-1&tj_zid=2019601&tj_cid=1006557441&tj_aid=1533071451&infos=CiQzM2U1MzkxNC0zYzBkLTRiMTctODg5ZC05ZjZhZDI4YzQ5ZDUQtPGfswYaImZlYWU1MGNjOGQxOTQyZTg5ZGFkZTAxYjYwNmJiZTIzLTEgAjCRons4BUD75wZIgbL73wNSAzQwNVjV66neA2CVsbzzA3IgZTQxNjc5MWJkNWY0NDg2YTg1ODBjYjYxZDc5OTgxY2OBAY3ttaD3xuA+kgECR0KaAQNFTkeiAQZMb25kb26qAQZjb3VzaW7KARJndHQgY29tbXVuaWNhdGlvbnPSAQR3aWZp2gEHd2luZG93c+IBDjE5MS4xMDEuMjA5LjM5+gEOMTkxLjEwMS4yMDkuMzmCAgdkZWQ3NTIziAIhkgIEZWRnZZoCBEVDMU6qAgQxMC4wsgIEOTIuMNgC26CD2wXgAums55gE+gIBMYIDAnt9kgMHZGVza3RvcJoDAmVuqAMBwgMHbGlzdGluZw==

HTTP Response

200
64.210.156.6:443

https://hw-cdn2.adtng.com/a7/creatives/1/49/818923/1100152/1100152_video.mp4

tls, http2

msedge.exe

20.0kB
948.5kB
382
698

HTTP Request

GET https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js

HTTP Request

GET https://hw-cdn2.adtng.com/a7/creatives/1/49/818923/1100152/1100152_logo.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js

HTTP Request

GET https://hw-cdn2.adtng.com/a7/creatives/1/49/818923/1100152/1100152_video.mp4

HTTP Response

200

HTTP Response

206
216.58.213.14:139

www.google-analytics.com

260 B
5
64.210.156.6:443

hw-cdn2.adtng.com

tls

msedge.exe

2.0kB
4.0kB
9
7
64.210.156.22:443

di.phncdn.com

tls

msedge.exe

4.5kB
67.4kB
50
60
64.210.156.16:443

cdn1d-static-shared.phncdn.com

tls

msedge.exe

3.3kB
71.8kB
42
59

8.8.8.8:53

58.55.71.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

58.55.71.13.in-addr.arpa
8.8.8.8:53

ads.trafficjunky.net

dns

msedge.exe

66 B
82 B
1
1

DNS Request

ads.trafficjunky.net

DNS Response

66.254.114.154
8.8.8.8:53

ads2.contentabc.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

ads2.contentabc.com

DNS Response

66.254.114.171
8.8.8.8:53

ajax.googleapis.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.187.202
8.8.8.8:53

static.trafficjunky.com

dns

msedge.exe

69 B
246 B
1
1

DNS Request

static.trafficjunky.com

DNS Response

64.210.156.21

64.210.156.22

64.210.156.23

64.210.156.16

64.210.156.17

64.210.156.18

64.210.156.19

64.210.156.20
8.8.8.8:53

di.phncdn.com

dns

msedge.exe

59 B
226 B
1
1

DNS Request

di.phncdn.com

DNS Response

64.210.156.22

64.210.156.23

64.210.156.16

64.210.156.17

64.210.156.18

64.210.156.19

64.210.156.20

64.210.156.21
8.8.8.8:53

smpop.icfcdn.com

dns

msedge.exe

62 B
132 B
1
1

DNS Request

smpop.icfcdn.com

DNS Response

205.234.175.175
8.8.8.8:53

cdn1d-static-shared.phncdn.com

dns

msedge.exe

76 B
260 B
1
1

DNS Request

cdn1d-static-shared.phncdn.com

DNS Response

64.210.156.16

64.210.156.17

64.210.156.18

64.210.156.19

64.210.156.20

64.210.156.21

64.210.156.22

64.210.156.23
8.8.8.8:53

cdn.feeds.videosz.com

dns

msedge.exe

67 B
248 B
1
1

DNS Request

cdn.feeds.videosz.com

DNS Response

64.210.156.20

64.210.156.21

64.210.156.22

64.210.156.23

64.210.156.16

64.210.156.17

64.210.156.18

64.210.156.19
8.8.8.8:53

apis.google.com

dns

msedge.exe

61 B
98 B
1
1

DNS Request

apis.google.com

DNS Response

142.250.200.14
8.8.8.8:53

cdn.niche.videosz.com

dns

msedge.exe

67 B
248 B
1
1

DNS Request

cdn.niche.videosz.com

DNS Response

64.210.156.21

64.210.156.22

64.210.156.23

64.210.156.16

64.210.156.17

64.210.156.18

64.210.156.19

64.210.156.20
8.8.8.8:53

cdn1-smallimg.phncdn.com

dns

msedge.exe

70 B
109 B
1
1

DNS Request

cdn1-smallimg.phncdn.com

DNS Response

66.254.114.156
8.8.8.8:53

cdn1.ads.contentabc.com

dns

msedge.exe

69 B
119 B
1
1

DNS Request

cdn1.ads.contentabc.com

DNS Response

205.185.208.78
8.8.8.8:53

ci.phncdn.com

dns

msedge.exe

59 B
106 B
1
1

DNS Request

ci.phncdn.com

DNS Response

152.195.34.118
8.8.8.8:53

cs.phncdn.com

dns

msedge.exe

59 B
109 B
1
1

DNS Request

cs.phncdn.com

DNS Response

205.185.208.142
8.8.8.8:53

m2.nsimg.net

dns

msedge.exe

58 B
122 B
1
1

DNS Request

m2.nsimg.net

DNS Response

207.178.0.95

207.178.0.91

207.178.0.89

207.178.0.93
8.8.8.8:53

media.trafficjunky.net

dns

msedge.exe

68 B
247 B
1
1

DNS Request

media.trafficjunky.net

DNS Response

64.210.156.17

64.210.156.18

64.210.156.19

64.210.156.20

64.210.156.21

64.210.156.22

64.210.156.23

64.210.156.16
8.8.8.8:53

p.twitter.com

dns

msedge.exe

59 B
124 B
1
1

DNS Request

p.twitter.com
8.8.8.8:53

platform.tumblr.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

platform.tumblr.com

DNS Response

74.114.154.15
8.8.8.8:53

platform.twitter.com

dns

msedge.exe

66 B
127 B
1
1

DNS Request

platform.twitter.com

DNS Response

199.232.56.157
8.8.8.8:53

twitter.com

dns

msedge.exe

57 B
73 B
1
1

DNS Request

twitter.com

DNS Response

104.244.42.65
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

71.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

71.159.190.20.in-addr.arpa
8.8.8.8:53

22.156.210.64.in-addr.arpa

dns

72 B
141 B
1
1

DNS Request

22.156.210.64.in-addr.arpa
8.8.8.8:53

21.156.210.64.in-addr.arpa

dns

72 B
141 B
1
1

DNS Request

21.156.210.64.in-addr.arpa
8.8.8.8:53

16.156.210.64.in-addr.arpa

dns

72 B
141 B
1
1

DNS Request

16.156.210.64.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

175.175.234.205.in-addr.arpa

dns

74 B
116 B
1
1

DNS Request

175.175.234.205.in-addr.arpa
8.8.8.8:53

hubt.pornhub.com

dns

msedge.exe

62 B
103 B
1
1

DNS Request

hubt.pornhub.com

DNS Response

216.18.168.30
8.8.8.8:53

118.34.195.152.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

118.34.195.152.in-addr.arpa
8.8.8.8:53

30.168.18.216.in-addr.arpa

dns

72 B
136 B
1
1

DNS Request

30.168.18.216.in-addr.arpa
8.8.8.8:53

154.114.254.66.in-addr.arpa

dns

73 B
114 B
1
1

DNS Request

154.114.254.66.in-addr.arpa
8.8.8.8:53

a.adtng.com

dns

msedge.exe

57 B
73 B
1
1

DNS Request

a.adtng.com

DNS Response

66.254.114.171
8.8.8.8:53

hw-cdn2.adtng.com

dns

msedge.exe

126 B
234 B
2
1

DNS Request

hw-cdn2.adtng.com

DNS Request

hw-cdn2.adtng.com

DNS Response

64.210.156.6

64.210.156.7

64.210.156.0

64.210.156.1

64.210.156.2

64.210.156.3

64.210.156.4

64.210.156.5
8.8.8.8:53

156.114.254.66.in-addr.arpa

dns

73 B
114 B
1
1

DNS Request

156.114.254.66.in-addr.arpa
8.8.8.8:53

171.114.254.66.in-addr.arpa

dns

73 B
114 B
1
1

DNS Request

171.114.254.66.in-addr.arpa
8.8.8.8:53

6.156.210.64.in-addr.arpa

dns

71 B
140 B
1
1

DNS Request

6.156.210.64.in-addr.arpa
224.0.0.251:5353

msedge.exe

594 B
9
8.8.8.8:53

183.142.211.20.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

183.142.211.20.in-addr.arpa
8.8.8.8:53

157.123.68.40.in-addr.arpa

dns

144 B
292 B
2
2

DNS Request

157.123.68.40.in-addr.arpa

DNS Request

157.123.68.40.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

142 B
314 B
2
2

DNS Request

198.187.3.20.in-addr.arpa

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

11.227.111.52.in-addr.arpa

DNS Request

11.227.111.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
537815e7cc5c694912ac0308147852e4

SHA1
2ccdd9d9dc637db5462fe8119c0df261146c363c

SHA256
b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f

SHA512
63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8b167567021ccb1a9fdf073fa9112ef0

SHA1
3baf293fbfaa7c1e7cdacb5f2975737f4ef69898

SHA256
26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513

SHA512
726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
c847a01e50daee7fc8bd1c9f3e6edea7

SHA1
f54d0935647c44531962a58c170e923fcdfb3a44

SHA256
395254937274d994083071ab64d204dfffef7850adcf4cf97ff1541fcf75277f

SHA512
d339a8f8840471b7c0d3004d7a3763f81020cee2e2c6043eb5facaffa9da080335aa2a91082e0ba00144c2ed74056db91787c1fc9d54c6142abe3ba985d467ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
791B

MD5
789880ab2f4818c45cdc6caa14710af0

SHA1
044c705b0af9ad1c2295fff82467627e87794785

SHA256
dd1718e8f3ce17a46bdf547be6f8150964d163d3a0fc443c1fe59701de678c1b

SHA512
a2f01a7977f437aac0af0ae7ffa37583900558f2e17d8de1604b7ce0214118a41e794c536b269216564127e0dde5053cf5e06910ad31600dfb7e44fd2cccd7b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8bfda24112ab5239c964ac8b9de36440

SHA1
b96acf17edf47a28ecd30becc9c2d55846a7ac5c

SHA256
ab85159f0cad159a2400f91624f1b0b8028966f296e6ac4afb70c7797ed0dc23

SHA512
8dd96aedeb6db82c1e782d53aa244b7b9242c9ad9f59f29b0caeab938e9a8caacbb753c418657a2df4df76e89044491f14c4198a90230ae5ddb13250549039f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f53091637ab8e4322c84acc0448b0b6a

SHA1
700acfdd08a7eec7f09bc1a053c1894c8d3b01ab

SHA256
2674b4d3127de8932eeb3178b6fc0e06b76a0d925afe5cced75368fa9e8017be

SHA512
16ade2b19428f8b3685749a8b9015080ae9cb8fa1b90c5af7594e79258617e6b16fd2f314310dbf471852bdec9de752a09ebb62b3731fb87dbc0fe0aa673655f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
49fdecd50924b96c92dc02b450bcab37

SHA1
393116db03141f25a1a6a8d673db1dc1251e4a9b

SHA256
4d1875944df759497fd96ff08295170414d98e9f603b5ea2d2bea37f29338d81

SHA512
806dceda369f903ef4dbf445a266d32a93ac8db8d88b7736435feb784a56ed9bb3c0b1aa772b919730776968dfa6dee1c8f30fb9273964475762c52346b3110a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
3e7bfc7c68d63166a7a3a8d75a6999e7

SHA1
64dc89a9e34355b3b68b19bcdc02197218ff2211

SHA256
69a01c51a5d7b40f88f4e5451d85b05dc26dd6fdfa13b1f889da95b817ee63cd

SHA512
accbd7c8b860b4f4a7bb5fc31f51507ab3655f61bda2b2136b0b3d20f700442213a67483d9f0622e7dffccbfdc96a2c6d8285f483ee16b1158394684e9263e16

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response