f506c4ffac66280685bab06dad1f9e368d42f6928faff63cb5c8128718fb6541

Analysis

max time kernel
149s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
26/08/2024, 05:37 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c2613437fa6dd46ebd1ac3a0a3654767_JaffaCakes118.html
Size

264KB
MD5

c2613437fa6dd46ebd1ac3a0a3654767
SHA1

6f0bb386c42fce27900abdfa0bdc4398fcd02ece
SHA256

f506c4ffac66280685bab06dad1f9e368d42f6928faff63cb5c8128718fb6541
SHA512

92cf80f419cfe4f78a21d3b6cd6a74839220fb6098c3baa96b28fa8756063a411313aa9cbbd4626b29b03b6efc426eed12038e807868be052fe703238ce7dc18
SSDEEP

1536:lqeZjIeooYmdkpLLSSNNIIVVWWZZTTmmxx66ii99XXoobbWWaaggggiippppYY8p:lvZUsLJQft3+foqfJaCA27

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
544	msedge.exe
544	msedge.exe
3912	msedge.exe
3912	msedge.exe
3672	identity_helper.exe
3672	identity_helper.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe
3912	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3912 wrote to memory of 3532	3912	msedge.exe	84
PID 3912 wrote to memory of 3532	3912	msedge.exe	84
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 2260	3912	msedge.exe	85
PID 3912 wrote to memory of 544	3912	msedge.exe	86
PID 3912 wrote to memory of 544	3912	msedge.exe	86
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87
PID 3912 wrote to memory of 2128	3912	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c2613437fa6dd46ebd1ac3a0a3654767_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbb50146f8,0x7ffbb5014708,0x7ffbb5014718
  2⤵
  PID:3532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:2128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:2660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
  2⤵
  PID:1492
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
  2⤵
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
  2⤵
  PID:2556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4028 /prefetch:1
  2⤵
  PID:852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,9307505077625458403,16243353012423466580,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5100 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4260

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4996

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:996

Network

DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

www.medigaphealth.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.medigaphealth.com

IN A

Response

www.medigaphealth.com

IN CNAME

traff-4.hugedomains.com

traff-4.hugedomains.com

IN CNAME

hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com

hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com

IN A

3.94.41.167

hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com

IN A

52.86.6.113
GET

http://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C900%2C500italic%2C400%2C300&ver=4.5.6

msedge.exe

Remote address:

142.250.75.234:80

Request

GET /css?family=Roboto%3A500%2C400italic%2C700%2C900%2C500italic%2C400%2C300&ver=4.5.6 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 26 Aug 2024 05:37:53 GMT
Date: Mon, 26 Aug 2024 05:37:53 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Mon, 26 Aug 2024 05:37:53 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=4.5.6

msedge.exe

Remote address:

142.250.75.234:80

Request

GET /css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=4.5.6 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 26 Aug 2024 05:37:53 GMT
Date: Mon, 26 Aug 2024 05:37:53 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Mon, 26 Aug 2024 05:37:53 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Lato%3A400%2C700&ver=4.5.6

msedge.exe

Remote address:

142.250.75.234:80

Request

GET /css?family=Lato%3A400%2C700&ver=4.5.6 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 26 Aug 2024 05:37:53 GMT
Date: Mon, 26 Aug 2024 05:37:53 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Mon, 26 Aug 2024 05:37:53 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://www.medigaphealth.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.5.1

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.5.1 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:53 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:53 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:54 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:54 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/10.jpg

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/10.jpg HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/plugins/ad-inserter/css/dummy.css?ver=1479721075

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/plugins/ad-inserter/css/dummy.css?ver=1479721075 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:53 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:53 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-content/themes/newspaper/js/tagdiv_theme.js?ver=7.1.1

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/themes/newspaper/js/tagdiv_theme.js?ver=7.1.1 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:54 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-content/uploads/2016/10/aging-218x150.jpg

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/10/aging-218x150.jpg HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/plugins/google-captcha/css/gglcptch.css?ver=1.27

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/plugins/google-captcha/css/gglcptch.css?ver=1.27 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:53 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-includes/js/wp-emoji-release.min.js?ver=4.5.6

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-includes/js/wp-emoji-release.min.js?ver=4.5.6 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:55 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-content/uploads/2016/10/1-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/10/1-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/themes/newspaper/style.css?ver=7.1.1

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/themes/newspaper/style.css?ver=7.1.1 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:53 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/Benefits-of-Drinking-Water-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/Benefits-of-Drinking-Water-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.2

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.2 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:53 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/medigap_icon-300x300.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/medigap_icon-300x300.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/themes/newspaper/includes/demos/medicine/demo_style.css?ver=7.1.1

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/themes/newspaper/includes/demos/medicine/demo_style.css?ver=7.1.1 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:53 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-includes/js/wp-embed.min.js?ver=4.5.6

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-includes/js/wp-embed.min.js?ver=4.5.6 HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 26 Aug 2024 05:37:55 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/medigap.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/medigap.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

msedge.exe

Remote address:

142.250.178.131:80

Request

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
Connection: keep-alive
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Referer: http://fonts.googleapis.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 20 Aug 2024 21:47:51 GMT
Expires: Wed, 20 Aug 2025 21:47:51 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 02 May 2023 15:17:22 GMT
Content-Type: font/woff2
Age: 460204
DNS

www.hugedomains.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.hugedomains.com

IN A

Response

www.hugedomains.com

IN A

104.26.6.37

www.hugedomains.com

IN A

104.26.7.37

www.hugedomains.com

IN A

172.67.70.191
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:54 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: captcha-tracker=; expires=Sun, 25-Aug-2024 05:37:54 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hv%2Bj0fTchptkcUwyajmbDfL5B2FEV53hIQSF%2BucDX2y8GSxdErJsKm2F4tryTIHPQWN1c5eKfzOqKVnN2%2FKd6nS%2BdIR7m46pFWfw8mXS%2FeRcEtPqcn5N8FMu2cPSVshnOA4Xb%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9178f8eb8e7768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:54 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: captcha-tracker=; expires=Sun, 25-Aug-2024 05:37:54 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwoHGN7M8%2FUKGRLDTBgb5JLMbeLFgmZ0MF4cDKwvkSumnOgwsaYYvJa0nLqZhW0OERyQA3jnYfK3vfiVqzKzig2QliVjLbzSpY79%2Fv3SpYRfxFsYxl2%2F25vn%2F%2BRAh%2Fq8K3HTqbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9178fabd607768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:54 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: captcha-tracker=; expires=Sun, 25-Aug-2024 05:37:54 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jx9t0C%2FJRe3WSjW3LRc5Nz40vClwNSKNOTD45B2P00bZID5LGbK6qYS7mvmKMr7OpQEXBCDl2oB3H0L5iub6EOAoNfnKpesS1g78NOzxf3t07lZ9W%2BjLnNvp6Lu%2B4oZR9FWtijU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9178fbae317768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:54 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FMQyW%2Bqn5VcUxhOr4j1I3L5CnUHjhQ0r9UmWtC%2FEplFycdChZgpjxcptJAmKBOT08sBgp8l2voBeo3sOWl56meM3MP2Q4C4vnb1M9BP1RmsHGYbBZRjEE8LvYRUUJMjrrW8nDvM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9178fbae2f7768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:54 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mSLngc83AMzwchh2s5x%2BLHNAbQCpp9SrNgQxczgMzJGSlD%2B2%2BM2m%2FBhUvuvOODWjQL0I31zTk9giMMFrDD5xomSC7DbWdalQh8ftdGVHM9oW0mVaTZ8ZmJ9yHg5tW0eEKVaC%2BZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9178fc9ec17768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:54 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGGKF4hrtPmdFp50UMiNNSbfZHRFvcHVJYmwM2yf7itwUTRkDcp7xej%2FNGce6PBQ%2B0qBtzvxT5W3nYyYm0iaPjVQNmU0HvngDpPdHJ%2BcrnQIIt1yMeHACjMzJPKEyLLwvNUEYk0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9178fdaf6c7768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:55 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:54 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7TwaPD4HVbJdrwLgfgHIMyVyMck0lq%2Bb4Z%2BrqzCfjKixH0iZs2Z9uYDfEAC%2BIQbbCaWb6IKOL2a4SLBJwcv%2BkBcVQbyTRAtv%2B8YStsJMIEvDPtav8epqqDyFYQIkkR6GCM6zKNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9178feb8307768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:55 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
set-cookie: captcha-tracker=; expires=Sun, 25-Aug-2024 05:37:55 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkjBmGpkwjQFJf9aVIEmaLUzBuJOGvvrpWt0sUJIFByBGc7wfjJnmmPJPdLcZJ5GXTtr0ETH8Qj7G6EHrdxq79r%2FJ3wKZkcaBYCEjaW4dFYxcTyT6FCok7%2FxJuSwlGQ3g8TPCkc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9178ffc91e7768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:55 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yAEWeCGDn7Rv%2FCm09K99IvnTErIBmE5s9x8ZYZ3vnMHbjqGUPER62CUS0Y9dCsc3jmw%2BrOEc1hsgEqpV2Ahm7ZzHxX86M7T8z2MaJqIVmDyzhj883xaqLo8T3cS%2BjkosWgVGqIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b917900c9c77768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:55 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXAI3ueqviAKvckYJrbA1ezXCoXk4YChCJhk3JYfrIjWWGMCM3JMjGO9oIlldfA3r%2F9Dxj50Uec9FuYjFo4RT7QIOgfnBosSsQmRA546ZCDhYJJYqkE5oYyRnmJW53Bb9B%2Fz92Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9179021b0e7768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:55 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
set-cookie: captcha-tracker=; expires=Sun, 25-Aug-2024 05:37:55 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqjlafhU5A4Oa8SBYaRZn5FNZv39loK%2FjKPJeY87KjzKtEmpgBzHCktnd17WkLRtBYa6s%2Bz2mbHLmOGpmtuz4WSAmn2m5dP6o2U9e0cRuixKzfQwdQkg9OMUG5%2FlwaRwuLzkwKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9179034c007768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:56 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qq%2FsjGQ5vfM%2FC0POUQizN6ab807KfJPvuV%2FL1A%2FWy69I06GseGC3WCUpCeLj5qWsuKglJ7VlN%2FS3wVabRoKXya9LPU3v1wgNC8OOJ6EZkP0ZMZiyAiav5JpkJYX%2Fp6jJJKTnIB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9179044cb77768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:56 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:55 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JlKlAGzlcZuzo%2Boi5v0a6l8WmwS6V01LjoLgF3BPy05MJNZyTRMcEU39s4FIjLjm9cYOB9ujK7OJJGwRv8Ntb8BgmsXYsilQA5%2FHadnUBpRtoUlmHNtAOvI8J4GLPCdlPdW71Vc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9179055d4f7768-LHR
content-encoding: br
GET

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

msedge.exe

Remote address:

104.26.6.37:443

Request

GET /domain_profile.cfm?d=medigaphealth.com HTTP/2.0
host: www.hugedomains.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 26 Aug 2024 05:37:56 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Thu, 21-Aug-2025 05:37:56 GMT; path=/
set-cookie: site_version=HDv3; expires=Thu, 21-Aug-2025 05:37:56 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ae0Vj5f%2BwFBKZGZCcZztyLYfFLmCY4U3xIt%2Fei22rGy2QtW69sv4dhNgbLDTzR%2F822S0SGPngm40fxST%2FWgkapk5gC3qA%2FC9nBsyLeO3q4JDLv7t4oAL6YswStccK4FoWta%2BbC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b9179064dd97768-LHR
content-encoding: br
DNS

4.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.159.190.20.in-addr.arpa

IN PTR

Response
DNS

73.144.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.144.22.2.in-addr.arpa

IN PTR

Response

73.144.22.2.in-addr.arpa

IN PTR

a2-22-144-73deploystaticakamaitechnologiescom
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

234.75.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.75.250.142.in-addr.arpa

IN PTR

Response

234.75.250.142.in-addr.arpa

IN PTR

par10s41-in-f101e100net
DNS

a.nel.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=hv%2Bj0fTchptkcUwyajmbDfL5B2FEV53hIQSF%2BucDX2y8GSxdErJsKm2F4tryTIHPQWN1c5eKfzOqKVnN2%2FKd6nS%2BdIR7m46pFWfw8mXS%2FeRcEtPqcn5N8FMu2cPSVshnOA4Xb%2BY%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=hv%2Bj0fTchptkcUwyajmbDfL5B2FEV53hIQSF%2BucDX2y8GSxdErJsKm2F4tryTIHPQWN1c5eKfzOqKVnN2%2FKd6nS%2BdIR7m46pFWfw8mXS%2FeRcEtPqcn5N8FMu2cPSVshnOA4Xb%2BY%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://www.hugedomains.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://a.nel.cloudflare.com/report/v4?s=hv%2Bj0fTchptkcUwyajmbDfL5B2FEV53hIQSF%2BucDX2y8GSxdErJsKm2F4tryTIHPQWN1c5eKfzOqKVnN2%2FKd6nS%2BdIR7m46pFWfw8mXS%2FeRcEtPqcn5N8FMu2cPSVshnOA4Xb%2BY%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

POST /report/v4?s=hv%2Bj0fTchptkcUwyajmbDfL5B2FEV53hIQSF%2BucDX2y8GSxdErJsKm2F4tryTIHPQWN1c5eKfzOqKVnN2%2FKd6nS%2BdIR7m46pFWfw8mXS%2FeRcEtPqcn5N8FMu2cPSVshnOA4Xb%2BY%3D HTTP/2.0
host: a.nel.cloudflare.com
content-length: 438
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

131.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.178.250.142.in-addr.arpa

IN PTR

Response

131.178.250.142.in-addr.arpa

IN PTR

par21s22-in-f31e100net
DNS

37.6.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

37.6.26.104.in-addr.arpa

IN PTR

Response
DNS

167.41.94.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

167.41.94.3.in-addr.arpa

IN PTR

Response

167.41.94.3.in-addr.arpa

IN PTR

ec2-3-94-41-167 compute-1 amazonawscom
DNS

1.80.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.80.190.35.in-addr.arpa

IN PTR

Response

1.80.190.35.in-addr.arpa

IN PTR

18019035bcgoogleusercontentcom
DNS

0.gravatar.com

msedge.exe

Remote address:

8.8.8.8:53

Request

0.gravatar.com

IN A

Response

0.gravatar.com

IN A

192.0.73.2
GET

http://0.gravatar.com/avatar/?s=80&d=mm&r=g

msedge.exe

Remote address:

192.0.73.2:80

Request

GET /avatar/?s=80&d=mm&r=g HTTP/1.1
Host: 0.gravatar.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx
Date: Mon, 26 Aug 2024 05:37:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://0.gravatar.com/avatar/?s=80&d=mm&r=g
GET

http://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

msedge.exe

Remote address:

142.250.178.131:80

Request

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
Connection: keep-alive
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Referer: http://fonts.googleapis.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 20 Aug 2024 22:53:10 GMT
Expires: Wed, 20 Aug 2025 22:53:10 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 02 May 2023 15:07:25 GMT
Content-Type: font/woff2
Age: 456285
DNS

contextual.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

contextual.media.net

IN A

Response

contextual.media.net

IN A

95.100.244.20
GET

https://0.gravatar.com/avatar/?s=80&d=mm&r=g

msedge.exe

Remote address:

192.0.73.2:443

Request

GET /avatar/?s=80&d=mm&r=g HTTP/2.0
host: 0.gravatar.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 26 Aug 2024 05:37:56 GMT
content-type: image/jpeg
content-length: 1288
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/?s=80&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="none.png"
expires: Mon, 26 Aug 2024 05:42:56 GMT
cache-control: max-age=300
x-nc: HIT lhr 2
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
GET

http://contextual.media.net/nmedianet.js?cid=8CU7483LH

msedge.exe

Remote address:

95.100.244.20:80

Request

GET /nmedianet.js?cid=8CU7483LH HTTP/1.1
Host: contextual.media.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Server: AkamaiGHost
Content-Length: 0
Location: https://contextual.media.net/nmedianet.js?cid=8CU7483LH
Date: Mon, 26 Aug 2024 05:37:55 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/pregnancy-diet-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/pregnancy-diet-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

https://contextual.media.net/nmedianet.js?cid=8CU7483LH

msedge.exe

Remote address:

95.100.244.20:443

Request

GET /nmedianet.js?cid=8CU7483LH HTTP/2.0
host: contextual.media.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
content-type: text/javascript; charset=utf-8
x-mnt-h: 22-5h9m
x-mnt-w: 22-5h9m
timing-allow-origin: *
etag: "b5e04d0c3d7b27b9ff6e4dc5ff637524"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=93600
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Mon, 26 Aug 2024 05:42:56 GMT
date: Mon, 26 Aug 2024 05:37:56 GMT
GET

https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=457&&kkdd=n9%7CH%7C9*An&*m=foeMnBVnonqVeeeoffM&dWgA=f&k5gy=V&65~g=V&KW*=fReB&h5Kp=PnVR&KmW=qJNoMqRPL&KgKW=ZevT_lKc7pvSCmW!735KhC%3D%3D&KAmW=fRfqoqefB&5mwp=nVVYeBV&KK=Fu&5K=2H&~hhg5=f&ApUQAi=lmip%3A%2F%2F%2FJ%3A%2FN5pA5%2FCWkm)%2FCggOyhy%2FP0Kyi%2F!pkg%2FKenfRMRolynWWMnprWfyKRyVyRnBMonoIcyllyJyjp5ffqs~hki&)5p=B&i6=f&QdW=M&m6=feqV&kKl=BBqn(&gdmW=gVfBMoqenMqeheVeMVqenVBRo&gdmW5=f&~hki5AK=f&sflct=8569874&ure=1

msedge.exe

Remote address:

95.100.244.20:443

Request

GET /sr/1017354394/SAFEFRAME.html?ule=457&&kkdd=n9%7CH%7C9*An&*m=foeMnBVnonqVeeeoffM&dWgA=f&k5gy=V&65~g=V&KW*=fReB&h5Kp=PnVR&KmW=qJNoMqRPL&KgKW=ZevT_lKc7pvSCmW!735KhC%3D%3D&KAmW=fRfqoqefB&5mwp=nVVYeBV&KK=Fu&5K=2H&~hhg5=f&ApUQAi=lmip%3A%2F%2F%2FJ%3A%2FN5pA5%2FCWkm)%2FCggOyhy%2FP0Kyi%2F!pkg%2FKenfRMRolynWWMnprWfyKRyVyRnBMonoIcyllyJyjp5ffqs~hki&)5p=B&i6=f&QdW=M&m6=feqV&kKl=BBqn(&gdmW=gVfBMoqenMqeheVeMVqenVBRo&gdmW5=f&~hki5AK=f&sflct=8569874&ure=1 HTTP/2.0
host: contextual.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=93600
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 28 Aug 2024 05:37:56 GMT
date: Mon, 26 Aug 2024 05:37:56 GMT
content-length: 6481
GET

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU7483LH&https=1&itype=CM

msedge.exe

Remote address:

95.100.244.20:443

Request

GET /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU7483LH&https=1&itype=CM HTTP/2.0
host: contextual.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 35
content-type: image/gif
access-control-allow-origin: *
strict-transport-security: max-age=21600
alt-svc: h3=":443"; ma=93600
expires: Mon, 26 Aug 2024 05:37:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 26 Aug 2024 05:37:56 GMT
GET

https://lg3.media.net/bping.php?vgd_len=638&&vgd_cdv=1325&vgd_cage=2&vgd_tsce=L603&vgd_mcf=55869&gdpr=1&mspa=0&wshp=0&prid=8PRHGG6T9&cid=8CU7483LH&crid=131878215&vi=1724650676802227114&ugd=4&lf=6&cc=GB&sc=EN&lper=100&wsip=170785051&r=1724650675618&requrl=file:///C:/Users/Admin/AppData/Local/Temp/c2613437fa6dd46ebd1ac3a0a3654767_JaffaCakes118.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=174&vgd_rakh=1724650676149193896&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01547826482t202408260537&vgd_pgids=1&vgd_wshp=0&vgd_uspa=0&vgda_l1btm=%5B%22URLDC%22%5D&hvsid=00001724650675612032619921927714&gdpr=1&mspa=0&wshp=0&vgd_l2type=scs_newfl&vgd_end=1

msedge.exe

Remote address:

95.100.244.20:443

Request

GET /bping.php?vgd_len=638&&vgd_cdv=1325&vgd_cage=2&vgd_tsce=L603&vgd_mcf=55869&gdpr=1&mspa=0&wshp=0&prid=8PRHGG6T9&cid=8CU7483LH&crid=131878215&vi=1724650676802227114&ugd=4&lf=6&cc=GB&sc=EN&lper=100&wsip=170785051&r=1724650675618&requrl=file:///C:/Users/Admin/AppData/Local/Temp/c2613437fa6dd46ebd1ac3a0a3654767_JaffaCakes118.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=174&vgd_rakh=1724650676149193896&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01547826482t202408260537&vgd_pgids=1&vgd_wshp=0&vgd_uspa=0&vgda_l1btm=%5B%22URLDC%22%5D&hvsid=00001724650675612032619921927714&gdpr=1&mspa=0&wshp=0&vgd_l2type=scs_newfl&vgd_end=1 HTTP/2.0
host: lg3.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-encoding: gzip
content-type: text/html
x-sc-h: 22-71ds
expires: Mon, 26 Aug 2024 05:37:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 26 Aug 2024 05:37:56 GMT
content-length: 320
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
strict-transport-security: max-age=31536000
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/food-fitness.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/food-fitness.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/weight-loss.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/weight-loss.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/sunlight-1-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/sunlight-1-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/Home-Remedies-for-reducing-freckles-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/Home-Remedies-for-reducing-freckles-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
DNS

lg3.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

lg3.media.net

IN A

Response

lg3.media.net

IN A

95.100.244.20
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/brest-wo-218x150.jpg

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/brest-wo-218x150.jpg HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
DNS

174.20.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

174.20.217.172.in-addr.arpa

IN PTR

Response

174.20.217.172.in-addr.arpa

IN PTR

par10s49-in-f141e100net

174.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f14�I

174.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f174�I
DNS

2.73.0.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.73.0.192.in-addr.arpa

IN PTR

Response
DNS

20.244.100.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

20.244.100.95.in-addr.arpa

IN PTR

Response

20.244.100.95.in-addr.arpa

IN PTR

a95-100-244-20deploystaticakamaitechnologiescom
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/Drinking-2-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/Drinking-2-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/10/sperm-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/10/sperm-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/1-2-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/1-2-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/1-1-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/1-1-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/body-Building.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/body-Building.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/Diet-218x150.jpg

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/Diet-218x150.jpg HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/How-woman-should-care-of-her-health-during-Mensuration-Cycleheading-1-218x150.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/How-woman-should-care-of-her-health-during-Mensuration-Cycleheading-1-218x150.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/probotics-1.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/probotics-1.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/mesotha.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/mesotha.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/10/1-324x160.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/10/1-324x160.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/10/aging-324x160.jpg

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/10/aging-324x160.jpg HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/10/sperm-324x160.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/10/sperm-324x160.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/pregnancy-diet-324x160.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/pregnancy-diet-324x160.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/Benefits-of-Drinking-Water-324x160.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/Benefits-of-Drinking-Water-324x160.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/1-2-324x160.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/1-2-324x160.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/brest-wo-100x70.jpg

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/brest-wo-100x70.jpg HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/pregnancy-diet-100x70.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/pregnancy-diet-100x70.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/breast-100x70.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/breast-100x70.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
GET

http://www.medigaphealth.com/wp-content/uploads/2016/09/medigap.png

msedge.exe

Remote address:

3.94.41.167:80

Request

GET /wp-content/uploads/2016/09/medigap.png HTTP/1.1
Host: www.medigaphealth.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.0 404 Not Found

cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
DNS

57.169.31.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.169.31.20.in-addr.arpa

IN PTR

Response
DNS

97.17.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.17.167.52.in-addr.arpa

IN PTR

Response
DNS

28.118.140.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.118.140.52.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

171.39.242.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.39.242.20.in-addr.arpa

IN PTR

Response
DNS

147.142.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

147.142.123.92.in-addr.arpa

IN PTR

Response

147.142.123.92.in-addr.arpa

IN PTR

a92-123-142-147deploystaticakamaitechnologiescom
DNS

172.214.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
DNS

29.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.243.111.52.in-addr.arpa

IN PTR

Response
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

ax-0001.ax-msedge.net

ax-0001.ax-msedge.net

IN A

150.171.27.10

ax-0001.ax-msedge.net

IN A

150.171.28.10
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301013_1R2AO9YZ4I5BGB4K2&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

150.171.27.10:443

Request

GET /th?id=OADD2.10239317301013_1R2AO9YZ4I5BGB4K2&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 424756
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 979E611530D94328B5D9C8AA7817B30F Ref B: LON04EDGE1116 Ref C: 2024-08-26T05:39:34Z
date: Mon, 26 Aug 2024 05:39:34 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239339388101_1QVDUIA0VRXO5VJJA&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

150.171.27.10:443

Request

GET /th?id=OADD2.10239339388101_1QVDUIA0VRXO5VJJA&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 558070
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F50FF02EEDC4E4D85B0F7FBF7FFD729 Ref B: LON04EDGE1116 Ref C: 2024-08-26T05:39:34Z
date: Mon, 26 Aug 2024 05:39:34 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239339388102_168Q3Q8H82BSBY644&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

150.171.27.10:443

Request

GET /th?id=OADD2.10239339388102_168Q3Q8H82BSBY644&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 351259
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2377D5EFD8B74ABE9062FC7548825D0B Ref B: LON04EDGE1116 Ref C: 2024-08-26T05:39:34Z
date: Mon, 26 Aug 2024 05:39:34 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301446_1EN88Z1GJDY90F0IF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

150.171.27.10:443

Request

GET /th?id=OADD2.10239317301446_1EN88Z1GJDY90F0IF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 548581
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0EA22D1A3DAA44A39384D955B7F956E1 Ref B: LON04EDGE1116 Ref C: 2024-08-26T05:39:34Z
date: Mon, 26 Aug 2024 05:39:34 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301195_10TKS815IX0MOD3NX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

150.171.27.10:443

Request

GET /th?id=OADD2.10239317301195_10TKS815IX0MOD3NX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 335594
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4FFB758CFF5547288C37F170FBA0D20A Ref B: LON04EDGE1116 Ref C: 2024-08-26T05:39:34Z
date: Mon, 26 Aug 2024 05:39:34 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301604_1H6WK0590WT095LZX&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

150.171.27.10:443

Request

GET /th?id=OADD2.10239317301604_1H6WK0590WT095LZX&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 317640
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F9BC725F936C497898EB7D215EC09FEC Ref B: LON04EDGE1116 Ref C: 2024-08-26T05:39:35Z
date: Mon, 26 Aug 2024 05:39:35 GMT
DNS

10.27.171.150.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.27.171.150.in-addr.arpa

IN PTR

Response

142.250.179.98:445

pagead2.googlesyndication.com

260 B
5
142.250.75.234:80

http://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C900%2C500italic%2C400%2C300&ver=4.5.6

http

msedge.exe

765 B
1.9kB
8
8

HTTP Request

GET http://fonts.googleapis.com/css?family=Roboto%3A500%2C400italic%2C700%2C900%2C500italic%2C400%2C300&ver=4.5.6

HTTP Response

200
142.250.75.234:80

http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=4.5.6

http

msedge.exe

768 B
3.0kB
8
8

HTTP Request

GET http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C400%2C600%2C700&ver=4.5.6

HTTP Response

200
142.250.75.234:80

http://fonts.googleapis.com/css?family=Lato%3A400%2C700&ver=4.5.6

http

msedge.exe

675 B
1.3kB
7
7

HTTP Request

GET http://fonts.googleapis.com/css?family=Lato%3A400%2C700&ver=4.5.6

HTTP Response

200
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/10.jpg

http

msedge.exe

2.4kB
1.1kB
12
8

HTTP Request

GET http://www.medigaphealth.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.5.1

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/10.jpg

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/10/aging-218x150.jpg

http

msedge.exe

1.9kB
937 B
10
7

HTTP Request

GET http://www.medigaphealth.com/wp-content/plugins/ad-inserter/css/dummy.css?ver=1479721075

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-content/themes/newspaper/js/tagdiv_theme.js?ver=7.1.1

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/10/aging-218x150.jpg

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/10/1-218x150.png

http

msedge.exe

1.5kB
741 B
9
6

HTTP Request

GET http://www.medigaphealth.com/wp-content/plugins/google-captcha/css/gglcptch.css?ver=1.27

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-includes/js/wp-emoji-release.min.js?ver=4.5.6

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/10/1-218x150.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/Benefits-of-Drinking-Water-218x150.png

http

msedge.exe

1.1kB
545 B
7
5

HTTP Request

GET http://www.medigaphealth.com/wp-content/themes/newspaper/style.css?ver=7.1.1

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/Benefits-of-Drinking-Water-218x150.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/medigap_icon-300x300.png

http

msedge.exe

1.1kB
545 B
7
5

HTTP Request

GET http://www.medigaphealth.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.2

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/medigap_icon-300x300.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/medigap.png

http

msedge.exe

1.5kB
741 B
9
6

HTTP Request

GET http://www.medigaphealth.com/wp-content/themes/newspaper/includes/demos/medicine/demo_style.css?ver=7.1.1

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-includes/js/wp-embed.min.js?ver=4.5.6

HTTP Response

302

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/medigap.png

HTTP Response

404
142.250.178.131:80

http://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

http

msedge.exe

1.1kB
25.3kB
15
23

HTTP Request

GET http://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

HTTP Response

200
104.26.6.37:443

https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

tls, http2

msedge.exe

6.1kB
108.6kB
91
150

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200

HTTP Request

GET https://www.hugedomains.com/domain_profile.cfm?d=medigaphealth.com

HTTP Response

200
35.190.80.1:443

https://a.nel.cloudflare.com/report/v4?s=hv%2Bj0fTchptkcUwyajmbDfL5B2FEV53hIQSF%2BucDX2y8GSxdErJsKm2F4tryTIHPQWN1c5eKfzOqKVnN2%2FKd6nS%2BdIR7m46pFWfw8mXS%2FeRcEtPqcn5N8FMu2cPSVshnOA4Xb%2BY%3D

tls, http2

msedge.exe

2.7kB
4.9kB
18
20

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=hv%2Bj0fTchptkcUwyajmbDfL5B2FEV53hIQSF%2BucDX2y8GSxdErJsKm2F4tryTIHPQWN1c5eKfzOqKVnN2%2FKd6nS%2BdIR7m46pFWfw8mXS%2FeRcEtPqcn5N8FMu2cPSVshnOA4Xb%2BY%3D

HTTP Request

POST https://a.nel.cloudflare.com/report/v4?s=hv%2Bj0fTchptkcUwyajmbDfL5B2FEV53hIQSF%2BucDX2y8GSxdErJsKm2F4tryTIHPQWN1c5eKfzOqKVnN2%2FKd6nS%2BdIR7m46pFWfw8mXS%2FeRcEtPqcn5N8FMu2cPSVshnOA4Xb%2BY%3D
142.250.179.98:139

pagead2.googlesyndication.com

260 B
5
192.0.73.2:80

http://0.gravatar.com/avatar/?s=80&d=mm&r=g

http

msedge.exe

688 B
638 B
7
6

HTTP Request

GET http://0.gravatar.com/avatar/?s=80&d=mm&r=g

HTTP Response

301
142.250.178.131:80

http://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

http

msedge.exe

1.1kB
24.8kB
15
23

HTTP Request

GET http://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

HTTP Response

200
192.0.73.2:443

https://0.gravatar.com/avatar/?s=80&d=mm&r=g

tls, http2

msedge.exe

1.7kB
6.8kB
16
16

HTTP Request

GET https://0.gravatar.com/avatar/?s=80&d=mm&r=g

HTTP Response

200
95.100.244.20:80

http://contextual.media.net/nmedianet.js?cid=8CU7483LH

http

msedge.exe

744 B
535 B
7
6

HTTP Request

GET http://contextual.media.net/nmedianet.js?cid=8CU7483LH

HTTP Response

302
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/pregnancy-diet-218x150.png

http

msedge.exe

635 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/pregnancy-diet-218x150.png

HTTP Response

404
95.100.244.20:443

https://lg3.media.net/bping.php?vgd_len=638&&vgd_cdv=1325&vgd_cage=2&vgd_tsce=L603&vgd_mcf=55869&gdpr=1&mspa=0&wshp=0&prid=8PRHGG6T9&cid=8CU7483LH&crid=131878215&vi=1724650676802227114&ugd=4&lf=6&cc=GB&sc=EN&lper=100&wsip=170785051&r=1724650675618&requrl=file:///C:/Users/Admin/AppData/Local/Temp/c2613437fa6dd46ebd1ac3a0a3654767_JaffaCakes118.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=174&vgd_rakh=1724650676149193896&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01547826482t202408260537&vgd_pgids=1&vgd_wshp=0&vgd_uspa=0&vgda_l1btm=%5B%22URLDC%22%5D&hvsid=00001724650675612032619921927714&gdpr=1&mspa=0&wshp=0&vgd_l2type=scs_newfl&vgd_end=1

tls, http2

msedge.exe

4.6kB
60.7kB
48
63

HTTP Request

GET https://contextual.media.net/nmedianet.js?cid=8CU7483LH

HTTP Response

200

HTTP Request

GET https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=457&&kkdd=n9%7CH%7C9*An&*m=foeMnBVnonqVeeeoffM&dWgA=f&k5gy=V&65~g=V&KW*=fReB&h5Kp=PnVR&KmW=qJNoMqRPL&KgKW=ZevT_lKc7pvSCmW!735KhC%3D%3D&KAmW=fRfqoqefB&5mwp=nVVYeBV&KK=Fu&5K=2H&~hhg5=f&ApUQAi=lmip%3A%2F%2F%2FJ%3A%2FN5pA5%2FCWkm)%2FCggOyhy%2FP0Kyi%2F!pkg%2FKenfRMRolynWWMnprWfyKRyVyRnBMonoIcyllyJyjp5ffqs~hki&)5p=B&i6=f&QdW=M&m6=feqV&kKl=BBqn(&gdmW=gVfBMoqenMqeheVeMVqenVBRo&gdmW5=f&~hki5AK=f&sflct=8569874&ure=1

HTTP Request

GET https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU7483LH&https=1&itype=CM

HTTP Request

GET https://lg3.media.net/bping.php?vgd_len=638&&vgd_cdv=1325&vgd_cage=2&vgd_tsce=L603&vgd_mcf=55869&gdpr=1&mspa=0&wshp=0&prid=8PRHGG6T9&cid=8CU7483LH&crid=131878215&vi=1724650676802227114&ugd=4&lf=6&cc=GB&sc=EN&lper=100&wsip=170785051&r=1724650675618&requrl=file:///C:/Users/Admin/AppData/Local/Temp/c2613437fa6dd46ebd1ac3a0a3654767_JaffaCakes118.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=174&vgd_rakh=1724650676149193896&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p01547826482t202408260537&vgd_pgids=1&vgd_wshp=0&vgd_uspa=0&vgda_l1btm=%5B%22URLDC%22%5D&hvsid=00001724650675612032619921927714&gdpr=1&mspa=0&wshp=0&vgd_l2type=scs_newfl&vgd_end=1

HTTP Response

200

HTTP Response

200

HTTP Response

200
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/food-fitness.png

http

msedge.exe

625 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/food-fitness.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/weight-loss.png

http

msedge.exe

624 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/weight-loss.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/sunlight-1-218x150.png

http

msedge.exe

631 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/sunlight-1-218x150.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/Home-Remedies-for-reducing-freckles-218x150.png

http

msedge.exe

656 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/Home-Remedies-for-reducing-freckles-218x150.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/brest-wo-218x150.jpg

http

msedge.exe

629 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/brest-wo-218x150.jpg

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/Drinking-2-218x150.png

http

msedge.exe

631 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/Drinking-2-218x150.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/10/sperm-218x150.png

http

msedge.exe

626 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/10/sperm-218x150.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/1-2-218x150.png

http

msedge.exe

624 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/1-2-218x150.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/1-1-218x150.png

http

msedge.exe

624 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/1-1-218x150.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/body-Building.png

http

msedge.exe

626 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/body-Building.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/Diet-218x150.jpg

http

msedge.exe

625 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/Diet-218x150.jpg

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/How-woman-should-care-of-her-health-during-Mensuration-Cycleheading-1-218x150.png

http

msedge.exe

690 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/How-woman-should-care-of-her-health-during-Mensuration-Cycleheading-1-218x150.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/probotics-1.png

http

msedge.exe

624 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/probotics-1.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/mesotha.png

http

msedge.exe

620 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/mesotha.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/10/1-324x160.png

http

msedge.exe

622 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/10/1-324x160.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/10/aging-324x160.jpg

http

msedge.exe

626 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/10/aging-324x160.jpg

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/10/sperm-324x160.png

http

msedge.exe

626 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/10/sperm-324x160.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/pregnancy-diet-324x160.png

http

msedge.exe

635 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/pregnancy-diet-324x160.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/Benefits-of-Drinking-Water-324x160.png

http

msedge.exe

647 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/Benefits-of-Drinking-Water-324x160.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/1-2-324x160.png

http

msedge.exe

624 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/1-2-324x160.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/brest-wo-100x70.jpg

http

msedge.exe

628 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/brest-wo-100x70.jpg

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/pregnancy-diet-100x70.png

http

msedge.exe

634 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/pregnancy-diet-100x70.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/breast-100x70.png

http

msedge.exe

626 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/breast-100x70.png

HTTP Response

404
3.94.41.167:80

http://www.medigaphealth.com/wp-content/uploads/2016/09/medigap.png

http

msedge.exe

620 B
349 B
5
4

HTTP Request

GET http://www.medigaphealth.com/wp-content/uploads/2016/09/medigap.png

HTTP Response

404
150.171.27.10:443

tse1.mm.bing.net

tls, http2

1.2kB
6.9kB
15
13
150.171.27.10:443

tse1.mm.bing.net

tls, http2

1.2kB
6.9kB
15
13
150.171.27.10:443

tse1.mm.bing.net

tls, http2

1.2kB
6.9kB
15
13
150.171.27.10:443

https://tse1.mm.bing.net/th?id=OADD2.10239317301604_1H6WK0590WT095LZX&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

tls, http2

96.6kB
2.6MB
1914
1908

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301013_1R2AO9YZ4I5BGB4K2&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239339388101_1QVDUIA0VRXO5VJJA&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239339388102_168Q3Q8H82BSBY644&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301446_1EN88Z1GJDY90F0IF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301195_10TKS815IX0MOD3NX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301604_1H6WK0590WT095LZX&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Response

200
150.171.27.10:443

tse1.mm.bing.net

tls, http2

1.2kB
6.9kB
15
13

8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

www.medigaphealth.com

dns

msedge.exe

67 B
197 B
1
1

DNS Request

www.medigaphealth.com

DNS Response

3.94.41.167

52.86.6.113
8.8.8.8:53

www.hugedomains.com

dns

msedge.exe

65 B
113 B
1
1

DNS Request

www.hugedomains.com

DNS Response

104.26.6.37

104.26.7.37

172.67.70.191
8.8.8.8:53

4.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

4.159.190.20.in-addr.arpa
8.8.8.8:53

73.144.22.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

73.144.22.2.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

234.75.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

234.75.250.142.in-addr.arpa
8.8.8.8:53

a.nel.cloudflare.com

dns

msedge.exe

66 B
82 B
1
1

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1
35.190.80.1:443

a.nel.cloudflare.com

https

msedge.exe

3.0kB
3.9kB
4
6
8.8.8.8:53

131.178.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

131.178.250.142.in-addr.arpa
8.8.8.8:53

37.6.26.104.in-addr.arpa

dns

70 B
132 B
1
1

DNS Request

37.6.26.104.in-addr.arpa
8.8.8.8:53

167.41.94.3.in-addr.arpa

dns

70 B
123 B
1
1

DNS Request

167.41.94.3.in-addr.arpa
8.8.8.8:53

1.80.190.35.in-addr.arpa

dns

70 B
120 B
1
1

DNS Request

1.80.190.35.in-addr.arpa
8.8.8.8:53

0.gravatar.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

0.gravatar.com

DNS Response

192.0.73.2
8.8.8.8:53

contextual.media.net

dns

msedge.exe

66 B
82 B
1
1

DNS Request

contextual.media.net

DNS Response

95.100.244.20
8.8.8.8:53

lg3.media.net

dns

msedge.exe

59 B
75 B
1
1

DNS Request

lg3.media.net

DNS Response

95.100.244.20
8.8.8.8:53

174.20.217.172.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

174.20.217.172.in-addr.arpa
8.8.8.8:53

2.73.0.192.in-addr.arpa

dns

69 B
134 B
1
1

DNS Request

2.73.0.192.in-addr.arpa
8.8.8.8:53

20.244.100.95.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

20.244.100.95.in-addr.arpa
8.8.8.8:53

57.169.31.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

57.169.31.20.in-addr.arpa
224.0.0.251:5353

msedge.exe

564 B
9
8.8.8.8:53

97.17.167.52.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

97.17.167.52.in-addr.arpa
8.8.8.8:53

28.118.140.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

28.118.140.52.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

171.39.242.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

171.39.242.20.in-addr.arpa
8.8.8.8:53

147.142.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

147.142.123.92.in-addr.arpa
35.190.80.1:443

a.nel.cloudflare.com

https

msedge.exe

8.3kB
2.6kB
13
10
8.8.8.8:53

172.214.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.214.232.199.in-addr.arpa
8.8.8.8:53

29.243.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

29.243.111.52.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

62 B
170 B
1
1

DNS Request

tse1.mm.bing.net

DNS Response

150.171.27.10

150.171.28.10
8.8.8.8:53

10.27.171.150.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

10.27.171.150.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\6d2df3a0-5b96-45cc-94db-3988fad24010.tmp

Filesize
10KB

MD5
ac76b489e70523556438b43dae491a0d

SHA1
57a8c017d5bdbebf0f6444f6d92de91c235c5a14

SHA256
22cbfabfa1bf6e6f6afd0826b0374c3a08f61074c3a8942f6e53bc81140d739d

SHA512
2eecdabc421a076adcc6177b9327eb36d70cb3dcf876fb937e04901947456cc3f23b00d9b7cd022e58bd3fd4eaf49379282e832654c252f27970904eed52e71f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9b008261dda31857d68792b46af6dd6d

SHA1
e82dc88e2d1da2df7cb19d79a0346b9bb90d52b3

SHA256
9ac598d4f8170f7e475d84103aead9e3c23d5f2d292741a7f56a17bde8b6f7da

SHA512
78853091403a06beeec4998e2e3a4342111895ffd485f7f7cd367741a4883f7a25864cba00a6c86f27dc0c9ce9d04f08011ecc40c8ae9383d33274739ac39f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0446fcdd21b016db1f468971fb82a488

SHA1
726b91562bb75f80981f381e3c69d7d832c87c9d

SHA256
62c5dc18b25e758f3508582a7c58bb46b734a774d97fc0e8a20614235caa8222

SHA512
1df7c085042266959f1fe0aedc5f6d40ceba485b54159f51f0c38f17bb250b79ea941b735e1b6faf219f23fe8ab65ac4557f545519d52d5416b89ad0f9047a31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
830B

MD5
dbb7598d3b4d348b4c3679e380cd874d

SHA1
cb6039de9ea2b0605390a4c2c0a472a8f9cfc9c8

SHA256
24ec06ab18b087cb40f267378cff190e54dea7cccda3bc48703f9c3bbc70c51d

SHA512
9e62500841aa9f9bd942ce14cd1ed086b3d55f38aff19215a7d54607981a41a9470160144e547efca3694e57924c07102811958b32ab7c21268cea24dc0fe516

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ae069ce1f403338c393162a2d37c3aa4

SHA1
a4f5e25b89390e6478de51ce57f4c675ef0f1bc6

SHA256
a71ecf868d71a74b29e53a24d918bc9a7a9575ae7f5717e4ab41adbe232fef56

SHA512
07838e635b5dc10c8434b1d34994a54170ee6a5f9dfa0a07f5bac086ecf42f09863be124310e6ffd4f3789ed6c9e3cdafeb7e33a774bb5d7895d94ec48a076e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a62c3fdd06559be1a51bd90d476071e0

SHA1
1826dfdeac6e27d80d00b384bfffec924d399f54

SHA256
a9a7828678ff1abe4bfdb2c6526a705a00866d165c7497d7185cfb2fa255933f

SHA512
86a253f63021cff842fdcab5935280b126a90c625fd0a0093efcc98c70ebc0f2c9aee833b7f9fb9ada4d7ec006789a388bef8c927921fe8245d2f296d37c058f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request