Overview

overview

3

Static

static

1

43a2c202fd...8.html

windows7-x64

3

43a2c202fd...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/10/2024, 18:39 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    43a2c202fd06eacbf30ac3de853be069_JaffaCakes118.html

  • Size

    7KB

  • MD5

    43a2c202fd06eacbf30ac3de853be069

  • SHA1

    ce781570bd462d981f0d58caba03caedf7dc91c5

  • SHA256

    68ca1076181dcd5439f2a70d8848e5956215ee365463c955ac2476068be063fa

  • SHA512

    8294e9c45cdc9083696dd23e40dedeea97f54ca632345c8e6a536442429a4c459a2f54a8828ac90552f1096bb20c59939228bbd50af813971c7d3d7d6f1420d5

  • SSDEEP

    192:uapuaVBRW7Fa6rVNvG6KpWs9lPv9NGTRm4j5Er:ZuaVBRW7FZ/vIWs9oRm4i

Score
3/10
discovery

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\43a2c202fd06eacbf30ac3de853be069_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1408
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb5ee046f8,0x7ffb5ee04708,0x7ffb5ee04718
      2⤵
        PID:3668
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
        2⤵
          PID:380
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2880
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
          2⤵
            PID:3940
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
            2⤵
              PID:2720
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
              2⤵
                PID:2072
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
                2⤵
                  PID:2188
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4288 /prefetch:1
                  2⤵
                    PID:4936
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
                    2⤵
                      PID:2480
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 /prefetch:8
                      2⤵
                        PID:1032
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:4100
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4328 /prefetch:1
                        2⤵
                          PID:1460
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4396 /prefetch:1
                          2⤵
                            PID:2928
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
                            2⤵
                              PID:3116
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
                              2⤵
                                PID:820
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
                                2⤵
                                  PID:4888
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
                                  2⤵
                                    PID:3852
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,14947412669803857255,414507546661902955,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 /prefetch:2
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:4892
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:4540
                                  • C:\Windows\System32\CompPkgSrv.exe
                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                    1⤵
                                      PID:1892

                                    Network

                                    • flag-us
                                      DNS
                                      itopelectronicone.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      itopelectronicone.com
                                      IN A
                                      Response
                                    • flag-us
                                      DNS
                                      hb.lycos.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      hb.lycos.com
                                      IN A
                                      Response
                                      hb.lycos.com
                                      IN CNAME
                                      hb.bos.lycos.com
                                      hb.bos.lycos.com
                                      IN A
                                      209.202.254.90
                                    • flag-us
                                      DNS
                                      scripts.lycos.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      scripts.lycos.com
                                      IN A
                                      Response
                                      scripts.lycos.com
                                      IN A
                                      209.202.254.12
                                    • flag-us
                                      DNS
                                      ajax.googleapis.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      ajax.googleapis.com
                                      IN A
                                      Response
                                      ajax.googleapis.com
                                      IN A
                                      142.250.180.10
                                    • flag-gb
                                      GET
                                      http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
                                      msedge.exe
                                      Remote address:
                                      142.250.180.10:80
                                      Request
                                      GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
                                      Host: ajax.googleapis.com
                                      Connection: keep-alive
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      DNT: 1
                                      Accept: */*
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 200 OK
                                      Accept-Ranges: bytes
                                      Content-Encoding: gzip
                                      Access-Control-Allow-Origin: *
                                      Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
                                      Cross-Origin-Resource-Policy: cross-origin
                                      Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
                                      Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
                                      Timing-Allow-Origin: *
                                      Content-Length: 24715
                                      X-Content-Type-Options: nosniff
                                      Server: sffe
                                      X-XSS-Protection: 0
                                      Date: Fri, 11 Oct 2024 04:19:30 GMT
                                      Expires: Sat, 11 Oct 2025 04:19:30 GMT
                                      Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
                                      Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
                                      Content-Type: text/javascript; charset=UTF-8
                                      Vary: Accept-Encoding
                                      Age: 310794
                                    • flag-us
                                      DNS
                                      google.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      google.com
                                      IN A
                                      Response
                                      google.com
                                      IN A
                                      172.217.169.14
                                    • flag-us
                                      DNS
                                      google.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      google.com
                                      IN A
                                      Response
                                      google.com
                                      IN A
                                      172.217.169.14
                                    • flag-us
                                      DNS
                                      104.219.191.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      104.219.191.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      71.31.126.40.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      71.31.126.40.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      10.180.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      10.180.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      10.180.250.142.in-addr.arpa
                                      IN PTR
                                      lhr25s32-in-f101e100net
                                    • flag-us
                                      DNS
                                      95.221.229.192.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      95.221.229.192.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      12.254.202.209.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      12.254.202.209.in-addr.arpa
                                      IN PTR
                                      Response
                                      12.254.202.209.in-addr.arpa
                                      IN PTR
                                      originscriptslycoscom
                                      12.254.202.209.in-addr.arpa
                                      IN PTR
                                      �@
                                    • flag-us
                                      DNS
                                      90.254.202.209.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      90.254.202.209.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      Response
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertisinglycosde
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      searchlycoscomco
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertisinglycoscomve
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      infolycosit
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertisinglycospe
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      searchlycosbe
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      lycosfr
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weatherlycoscomau
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      hbboslycoscom
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      wwwlycosconz
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      infolycosie
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      infolycosch
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weatherlycosin
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      searchlycoscom��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      yellowpages�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weatherlycosdk
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      lottery�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      wwwlycosat
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      daily-comics�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      infolycoscl
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weatherlycoscouk
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather�b
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising�i
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      history�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      gas-prices�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weatherlycosse
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      infolycoscommx
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�b
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      searchlycoscokr
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      lycosno
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising�,
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      �n
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs�E
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      gamesville�J
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      lycosnl
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      horoscope�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      wwwlycoses
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      �b
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�,
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      searchlycosfi
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�i
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      wwwƛ
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      wwwlycosjp
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      redirect�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      lycosca
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertisingƛ
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      searchų
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      infoƛ
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www�E
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertisinglycos�w
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather�n
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertisingų
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      wwwų
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www�b
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      �i
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising�b
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ssl�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobsų
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search�i
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      �
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search�,
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      mail�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www�n
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs�G
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�n
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      infoų
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      �,
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search�E
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�G
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising�n
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      sports�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      �
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather�E
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      companiesonlineorg
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www�G
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather�i
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ƛ
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weatherų
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      jobs��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weatherƛ
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      �
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising�G
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�E
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      recipes�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search�G
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      advertising��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      �E
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      ��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www�,
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      www��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      news�N
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      info�
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      search��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather�G
                                      90.254.202.209.in-addr.arpa
                                      IN PTR
                                      weather��
                                    • flag-us
                                      DNS
                                      133.211.185.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      133.211.185.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      205.47.74.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      205.47.74.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      itopelectronicone.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      itopelectronicone.com
                                      IN A
                                      Response
                                    • flag-us
                                      DNS
                                      200.163.202.172.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      200.163.202.172.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      15.164.165.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      15.164.165.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      98.117.19.2.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      98.117.19.2.in-addr.arpa
                                      IN PTR
                                      Response
                                      98.117.19.2.in-addr.arpa
                                      IN PTR
                                      a2-19-117-98deploystaticakamaitechnologiescom
                                    • flag-us
                                      DNS
                                      itopelectronicone.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      itopelectronicone.com
                                      IN A
                                      Response
                                    • flag-us
                                      DNS
                                      77.190.18.2.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      77.190.18.2.in-addr.arpa
                                      IN PTR
                                      Response
                                      77.190.18.2.in-addr.arpa
                                      IN PTR
                                      a2-18-190-77deploystaticakamaitechnologiescom
                                    • flag-us
                                      DNS
                                      29.243.111.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      29.243.111.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      itopelectronicone.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      itopelectronicone.com
                                      IN A
                                      Response
                                    • flag-us
                                      DNS
                                      tse1.mm.bing.net
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      tse1.mm.bing.net
                                      IN A
                                      Response
                                      tse1.mm.bing.net
                                      IN CNAME
                                      mm-mm.bing.net.trafficmanager.net
                                      mm-mm.bing.net.trafficmanager.net
                                      IN CNAME
                                      ax-0001.ax-msedge.net
                                      ax-0001.ax-msedge.net
                                      IN A
                                      150.171.27.10
                                      ax-0001.ax-msedge.net
                                      IN A
                                      150.171.28.10
                                    • flag-us
                                      GET
                                      https://tse1.mm.bing.net/th?id=OADD2.10239317301033_1LC8H97PHI36W759M&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                                      Remote address:
                                      150.171.27.10:443
                                      Request
                                      GET /th?id=OADD2.10239317301033_1LC8H97PHI36W759M&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                                      host: tse1.mm.bing.net
                                      accept: */*
                                      accept-encoding: gzip, deflate, br
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                      Response
                                      HTTP/2.0 200
                                      cache-control: public, max-age=2592000
                                      content-length: 800536
                                      content-type: image/jpeg
                                      x-cache: TCP_HIT
                                      access-control-allow-origin: *
                                      access-control-allow-headers: *
                                      access-control-allow-methods: GET, POST, OPTIONS
                                      timing-allow-origin: *
                                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                      x-msedge-ref: Ref A: 8829DC4A92BF4A55A679222D919764E7 Ref B: LON601060105042 Ref C: 2024-10-14T18:41:05Z
                                      date: Mon, 14 Oct 2024 18:41:04 GMT
                                    • flag-us
                                      GET
                                      https://tse1.mm.bing.net/th?id=OADD2.10239340418544_1U65HGUXV07UFEU5B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                                      Remote address:
                                      150.171.27.10:443
                                      Request
                                      GET /th?id=OADD2.10239340418544_1U65HGUXV07UFEU5B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                                      host: tse1.mm.bing.net
                                      accept: */*
                                      accept-encoding: gzip, deflate, br
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                      Response
                                      HTTP/2.0 200
                                      cache-control: public, max-age=2592000
                                      content-length: 601383
                                      content-type: image/jpeg
                                      x-cache: TCP_HIT
                                      access-control-allow-origin: *
                                      access-control-allow-headers: *
                                      access-control-allow-methods: GET, POST, OPTIONS
                                      timing-allow-origin: *
                                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                      x-msedge-ref: Ref A: 8EA1D32FF89A400B89A6C644AFD51C8B Ref B: LON601060105042 Ref C: 2024-10-14T18:41:05Z
                                      date: Mon, 14 Oct 2024 18:41:04 GMT
                                    • flag-us
                                      GET
                                      https://tse1.mm.bing.net/th?id=OADD2.10239360432890_1TOC5U5IB565A9QI0&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                                      Remote address:
                                      150.171.27.10:443
                                      Request
                                      GET /th?id=OADD2.10239360432890_1TOC5U5IB565A9QI0&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                                      host: tse1.mm.bing.net
                                      accept: */*
                                      accept-encoding: gzip, deflate, br
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                      Response
                                      HTTP/2.0 200
                                      cache-control: public, max-age=2592000
                                      content-length: 747785
                                      content-type: image/jpeg
                                      x-cache: TCP_HIT
                                      access-control-allow-origin: *
                                      access-control-allow-headers: *
                                      access-control-allow-methods: GET, POST, OPTIONS
                                      timing-allow-origin: *
                                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                      x-msedge-ref: Ref A: E12EBB0AF65E4B729BFDD02F8EC52A62 Ref B: LON601060105042 Ref C: 2024-10-14T18:41:05Z
                                      date: Mon, 14 Oct 2024 18:41:04 GMT
                                    • flag-us
                                      GET
                                      https://tse1.mm.bing.net/th?id=OADD2.10239340418543_1PQIQEA9PYCCTOZ9T&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                                      Remote address:
                                      150.171.27.10:443
                                      Request
                                      GET /th?id=OADD2.10239340418543_1PQIQEA9PYCCTOZ9T&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                                      host: tse1.mm.bing.net
                                      accept: */*
                                      accept-encoding: gzip, deflate, br
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                      Response
                                      HTTP/2.0 200
                                      cache-control: public, max-age=2592000
                                      content-length: 748526
                                      content-type: image/jpeg
                                      x-cache: TCP_HIT
                                      access-control-allow-origin: *
                                      access-control-allow-headers: *
                                      access-control-allow-methods: GET, POST, OPTIONS
                                      timing-allow-origin: *
                                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                      x-msedge-ref: Ref A: 9BCF95867B924E3A86DA99E8A7A14F6A Ref B: LON601060105042 Ref C: 2024-10-14T18:41:05Z
                                      date: Mon, 14 Oct 2024 18:41:04 GMT
                                    • flag-us
                                      GET
                                      https://tse1.mm.bing.net/th?id=OADD2.10239360432892_19VCX0OIIPQAUNJ24&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                                      Remote address:
                                      150.171.27.10:443
                                      Request
                                      GET /th?id=OADD2.10239360432892_19VCX0OIIPQAUNJ24&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                                      host: tse1.mm.bing.net
                                      accept: */*
                                      accept-encoding: gzip, deflate, br
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                      Response
                                      HTTP/2.0 200
                                      cache-control: public, max-age=2592000
                                      content-length: 695371
                                      content-type: image/jpeg
                                      x-cache: TCP_HIT
                                      access-control-allow-origin: *
                                      access-control-allow-headers: *
                                      access-control-allow-methods: GET, POST, OPTIONS
                                      timing-allow-origin: *
                                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                      x-msedge-ref: Ref A: 7E534ED2E6E748A185B316FAEECA73DD Ref B: LON601060105042 Ref C: 2024-10-14T18:41:05Z
                                      date: Mon, 14 Oct 2024 18:41:04 GMT
                                    • flag-us
                                      GET
                                      https://tse1.mm.bing.net/th?id=OADD2.10239317301466_1PCHXC6THHPTM3TTR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                                      Remote address:
                                      150.171.27.10:443
                                      Request
                                      GET /th?id=OADD2.10239317301466_1PCHXC6THHPTM3TTR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                                      host: tse1.mm.bing.net
                                      accept: */*
                                      accept-encoding: gzip, deflate, br
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                      Response
                                      HTTP/2.0 200
                                      cache-control: public, max-age=2592000
                                      content-length: 566742
                                      content-type: image/jpeg
                                      x-cache: TCP_HIT
                                      access-control-allow-origin: *
                                      access-control-allow-headers: *
                                      access-control-allow-methods: GET, POST, OPTIONS
                                      timing-allow-origin: *
                                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                      x-msedge-ref: Ref A: AF2F74B205FC4DCF945C60F943D6EC0D Ref B: LON601060105042 Ref C: 2024-10-14T18:41:05Z
                                      date: Mon, 14 Oct 2024 18:41:05 GMT
                                    • flag-us
                                      DNS
                                      58.99.105.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      58.99.105.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      10.27.171.150.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      10.27.171.150.in-addr.arpa
                                      IN PTR
                                      Response
                                    • 142.250.180.10:80
                                      http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
                                      http
                                      msedge.exe
                                      1.0kB
                                       14.1kB
                                       15
                                      13

                                      HTTP Request

                                      GET http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

                                      HTTP Response

                                      200
                                    • 209.202.254.12:80
                                      scripts.lycos.com
                                      msedge.exe
                                      282 B
                                       208 B
                                       6
                                      5
                                    • 209.202.254.90:80
                                      hb.lycos.com
                                      msedge.exe
                                      282 B
                                       208 B
                                       6
                                      5
                                    • 8.8.8.8:53
                                      90.254.202.209.in-addr.arpa
                                      dns
                                      369 B
                                       4.5kB
                                       7
                                      7

                                      DNS Request

                                      90.254.202.209.in-addr.arpa

                                    • 150.171.27.10:443
                                      tse1.mm.bing.net
                                      tls, http2
                                      1.2kB
                                       6.9kB
                                       15
                                      13
                                    • 150.171.27.10:443
                                      tse1.mm.bing.net
                                      tls, http2
                                      1.2kB
                                       6.9kB
                                       15
                                      13
                                    • 150.171.27.10:443
                                      tse1.mm.bing.net
                                      tls, http2
                                      1.2kB
                                       6.9kB
                                       15
                                      13
                                    • 150.171.27.10:443
                                      https://tse1.mm.bing.net/th?id=OADD2.10239317301466_1PCHXC6THHPTM3TTR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                                      tls, http2
                                      172.9kB
                                       4.3MB
                                       3114
                                      3108

                                      HTTP Request

                                      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301033_1LC8H97PHI36W759M&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                                      HTTP Request

                                      GET https://tse1.mm.bing.net/th?id=OADD2.10239340418544_1U65HGUXV07UFEU5B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                                      HTTP Request

                                      GET https://tse1.mm.bing.net/th?id=OADD2.10239360432890_1TOC5U5IB565A9QI0&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                                      HTTP Request

                                      GET https://tse1.mm.bing.net/th?id=OADD2.10239340418543_1PQIQEA9PYCCTOZ9T&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                                      HTTP Request

                                      GET https://tse1.mm.bing.net/th?id=OADD2.10239360432892_19VCX0OIIPQAUNJ24&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                                      HTTP Response

                                      200

                                      HTTP Response

                                      200

                                      HTTP Response

                                      200

                                      HTTP Response

                                      200

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301466_1PCHXC6THHPTM3TTR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                                      HTTP Response

                                      200
                                    • 150.171.27.10:443
                                      tse1.mm.bing.net
                                      tls, http2
                                      1.2kB
                                       6.9kB
                                       15
                                      12
                                    • 8.8.8.8:53
                                      itopelectronicone.com
                                      dns
                                      msedge.exe
                                      67 B
                                       140 B
                                       1
                                      1

                                      DNS Request

                                      itopelectronicone.com

                                    • 8.8.8.8:53
                                      hb.lycos.com
                                      dns
                                      msedge.exe
                                      58 B
                                       95 B
                                       1
                                      1

                                      DNS Request

                                      hb.lycos.com

                                      DNS Response

                                      209.202.254.90

                                    • 8.8.8.8:53
                                      scripts.lycos.com
                                      dns
                                      msedge.exe
                                      63 B
                                       79 B
                                       1
                                      1

                                      DNS Request

                                      scripts.lycos.com

                                      DNS Response

                                      209.202.254.12

                                    • 8.8.8.8:53
                                      ajax.googleapis.com
                                      dns
                                      msedge.exe
                                      65 B
                                       81 B
                                       1
                                      1

                                      DNS Request

                                      ajax.googleapis.com

                                      DNS Response

                                      142.250.180.10

                                    • 8.8.8.8:53
                                      google.com
                                      dns
                                      msedge.exe
                                      56 B
                                       72 B
                                       1
                                      1

                                      DNS Request

                                      google.com

                                      DNS Response

                                      172.217.169.14

                                    • 8.8.8.8:53
                                      google.com
                                      dns
                                      msedge.exe
                                      56 B
                                       72 B
                                       1
                                      1

                                      DNS Request

                                      google.com

                                      DNS Response

                                      172.217.169.14

                                    • 8.8.8.8:53
                                      104.219.191.52.in-addr.arpa
                                      dns
                                      73 B
                                       147 B
                                       1
                                      1

                                      DNS Request

                                      104.219.191.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      71.31.126.40.in-addr.arpa
                                      dns
                                      71 B
                                       157 B
                                       1
                                      1

                                      DNS Request

                                      71.31.126.40.in-addr.arpa

                                    • 8.8.8.8:53
                                      10.180.250.142.in-addr.arpa
                                      dns
                                      73 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      10.180.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      95.221.229.192.in-addr.arpa
                                      dns
                                      73 B
                                       144 B
                                       1
                                      1

                                      DNS Request

                                      95.221.229.192.in-addr.arpa

                                    • 8.8.8.8:53
                                      12.254.202.209.in-addr.arpa
                                      dns
                                      73 B
                                       125 B
                                       1
                                      1

                                      DNS Request

                                      12.254.202.209.in-addr.arpa

                                    • 8.8.8.8:53
                                      90.254.202.209.in-addr.arpa
                                      dns
                                      73 B
                                       73 B
                                       1
                                      1

                                      DNS Request

                                      90.254.202.209.in-addr.arpa

                                    • 224.0.0.251:5353
                                      590 B
                                       9
                                    • 8.8.8.8:53
                                      133.211.185.52.in-addr.arpa
                                      dns
                                      73 B
                                       147 B
                                       1
                                      1

                                      DNS Request

                                      133.211.185.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      205.47.74.20.in-addr.arpa
                                      dns
                                      71 B
                                       157 B
                                       1
                                      1

                                      DNS Request

                                      205.47.74.20.in-addr.arpa

                                    • 8.8.8.8:53
                                      itopelectronicone.com
                                      dns
                                      msedge.exe
                                      67 B
                                       140 B
                                       1
                                      1

                                      DNS Request

                                      itopelectronicone.com

                                    • 8.8.8.8:53
                                      200.163.202.172.in-addr.arpa
                                      dns
                                      74 B
                                       160 B
                                       1
                                      1

                                      DNS Request

                                      200.163.202.172.in-addr.arpa

                                    • 8.8.8.8:53
                                      15.164.165.52.in-addr.arpa
                                      dns
                                      72 B
                                       146 B
                                       1
                                      1

                                      DNS Request

                                      15.164.165.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      98.117.19.2.in-addr.arpa
                                      dns
                                      70 B
                                       133 B
                                       1
                                      1

                                      DNS Request

                                      98.117.19.2.in-addr.arpa

                                    • 8.8.8.8:53
                                      itopelectronicone.com
                                      dns
                                      msedge.exe
                                      67 B
                                       140 B
                                       1
                                      1

                                      DNS Request

                                      itopelectronicone.com

                                    • 8.8.8.8:53
                                      77.190.18.2.in-addr.arpa
                                      dns
                                      70 B
                                       133 B
                                       1
                                      1

                                      DNS Request

                                      77.190.18.2.in-addr.arpa

                                    • 8.8.8.8:53
                                      29.243.111.52.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      29.243.111.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      itopelectronicone.com
                                      dns
                                      msedge.exe
                                      67 B
                                       140 B
                                       1
                                      1

                                      DNS Request

                                      itopelectronicone.com

                                    • 8.8.8.8:53
                                      tse1.mm.bing.net
                                      dns
                                      62 B
                                       170 B
                                       1
                                      1

                                      DNS Request

                                      tse1.mm.bing.net

                                      DNS Response

                                      150.171.27.10
                                      150.171.28.10

                                    • 8.8.8.8:53
                                      58.99.105.20.in-addr.arpa
                                      dns
                                      71 B
                                       157 B
                                       1
                                      1

                                      DNS Request

                                      58.99.105.20.in-addr.arpa

                                    • 8.8.8.8:53
                                      10.27.171.150.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      10.27.171.150.in-addr.arpa

                                    MITRE ATT&CK Enterprise v15

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                      Filesize

                                      152B

                                      MD5

                                      8749e21d9d0a17dac32d5aa2027f7a75

                                      SHA1

                                      a5d555f8b035c7938a4a864e89218c0402ab7cde

                                      SHA256

                                      915193bd331ee9ea7c750398a37fbb552b8c5a1d90edec6293688296bda6f304

                                      SHA512

                                      c645a41180ed01e854f197868283f9b40620dbbc813a1c122f6870db574ebc1c4917da4d320bdfd1cc67f23303a2c6d74e4f36dd9d3ffcfa92d3dfca3b7ca31a

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                      Filesize

                                      152B

                                      MD5

                                      34d2c4f40f47672ecdf6f66fea242f4a

                                      SHA1

                                      4bcad62542aeb44cae38a907d8b5a8604115ada2

                                      SHA256

                                      b214e3affb02a2ea4469a8bbdfa8a179e7cc57cababd83b4bafae9cdbe23fa33

                                      SHA512

                                      50fba54ec95d694211a005d0e3e6cf5b5677efa16989cbf854207a1a67e3a139f32b757c6f2ce824a48f621440b93fde60ad1dc790fcec4b76edddd0d92a75d6

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\086cf1cb-a0b3-47e3-a4f1-edadee01e8ee.tmp
                                      Filesize

                                      6KB

                                      MD5

                                      c3ffe25fdc8ee4fa85ad3e829ea417fb

                                      SHA1

                                      ae7160606e367b2cff8a389a24caa8501a5f2ce0

                                      SHA256

                                      37f22006ce5b625101beb6f506753faf3618d96552b5e69830dcdb91b1013dbc

                                      SHA512

                                      b553e2acdaedaba01372b93343391c2c5c338024b5ef884dfdbdffd8db34f4948d23a3fefd3822e1612257a5f377c5dd3595e42066be5dac66b5ed9169e61b54

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                      Filesize

                                      6KB

                                      MD5

                                      3c1473dfe7c7e72f6271822c387aad9f

                                      SHA1

                                      16c81bdf607af787aa084e97282fd7a26cec12bc

                                      SHA256

                                      e4cdd2f1a7b7ea25cb6713ca00d5157e02a7e806654dc5e968a636701b3d1b46

                                      SHA512

                                      48ea86f125f499acf41ac55cc72d738ead4fa1e84ec49f3f8ac4928044bbe646103e3b62202c62dc53ef9e587f96eae568ec27166bd85d30c5f9f6a66c671af9

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                      Filesize

                                      16B

                                      MD5

                                      6752a1d65b201c13b62ea44016eb221f

                                      SHA1

                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                      SHA256

                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                      SHA512

                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                      Filesize

                                      10KB

                                      MD5

                                      5ced15e428f2c0f8eb8b4c1249a141b7

                                      SHA1

                                      c2929192bbdd8ff7ae3fbe933010db30b2df5bd3

                                      SHA256

                                      b4b185e7427f29dae27c806f049ff76d2a1608f06598f86a5f960d7dd2a99b50

                                      SHA512

                                      a00ad6ff65e44f7497f6bc131433cf01147d762e242da086e962677468bbf2ed3e6322531bd23464c5852116eeb6098f8974241d45e1bacbd0f2384c87767dcd

                                      Download Submit

                                    We care about your privacy.

                                    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.