Overview

overview

10

Static

static

10

Xworm-V5.2/NAudio.dll

windows10-2004-x64

1

Xworm-V5.2...on.dll

windows10-2004-x64

1

Xworm-V5.2...ws.dll

windows10-2004-x64

1

Xworm-V5.2...at.dll

windows10-2004-x64

1

Xworm-V5.2...um.dll

windows10-2004-x64

1

Xworm-V5.2...rd.dll

windows10-2004-x64

1

Xworm-V5.2...ss.dll

windows10-2004-x64

1

Xworm-V5.2...er.dll

windows10-2004-x64

1

Xworm-V5.2...er.dll

windows10-2004-x64

1

Xworm-V5.2...er.dll

windows10-2004-x64

1

Xworm-V5.2...DP.dll

windows10-2004-x64

1

Xworm-V5.2...NC.dll

windows10-2004-x64

1

Xworm-V5.2...ry.dll

windows10-2004-x64

1

Xworm-V5.2...ps.dll

windows10-2004-x64

1

Xworm-V5.2...ns.dll

windows10-2004-x64

1

Xworm-V5.2...er.dll

windows10-2004-x64

1

Xworm-V5.2...ps.dll

windows10-2004-x64

1

Xworm-V5.2...ox.dll

windows10-2004-x64

1

Xworm-V5.2...ne.dll

windows10-2004-x64

1

Xworm-V5.2...er.dll

windows10-2004-x64

1

Xworm-V5.2...ns.dll

windows10-2004-x64

1

Xworm-V5.2...me.dll

windows10-2004-x64

1

Xworm-V5.2...ce.dll

windows10-2004-x64

1

Xworm-V5.2...er.dll

windows10-2004-x64

1

Xworm-V5.2...ms.dll

windows10-2004-x64

1

Xworm-V5.2...re.dll

windows10-2004-x64

1

Xworm-V5.2...ry.dll

windows10-2004-x64

1

Xworm-V5.2...it.dll

windows10-2004-x64

1

Xworm-V5.2...op.dll

windows10-2004-x64

1

Xworm-V5.2...xy.dll

windows10-2004-x64

1

Xworm-V5.2...PE.dll

windows10-2004-x64

1

Xworm-V5.2...er.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    438s
  • max time network
    440s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/04/2025, 12:12 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Xworm-V5.2/Plugins/Programs.dll

  • Size

    13KB

  • MD5

    a6734a047b0b57055807a4f33a80d4dd

  • SHA1

    0b3a78b2362b0fd3817770fdc6dd070e3305615c

  • SHA256

    953a8276faa4a18685d09cd9187ed3e409e3cccd7daf34b6097f1eb8d96125a4

  • SHA512

    7292eab25f0e340e78063f32961eff16bb51895ad46cfd09933c0c30e3315129945d111a877a191fc261ad690ad6b02e1f2cabc4ff2fdac962ee272b41dd6dfa

  • SSDEEP

    192:Z3eKcfO/TCOAOG+uCno9SFwN4O4FgkT8zr1P9YD6IW1GX/V3wd0yzSLWVb:8PG/TCXF1SamdnTu5lYTX/NwKyNVb

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Xworm-V5.2\Plugins\Programs.dll,#1
    1⤵
      PID:2504

    Network

    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.ax-0001.ax-msedge.net
      g-bing-com.ax-0001.ax-msedge.net
      IN CNAME
      ax-0001.ax-msedge.net
      ax-0001.ax-msedge.net
      IN A
      150.171.28.10
      ax-0001.ax-msedge.net
      IN A
      150.171.27.10
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid=
      Remote address:
      150.171.28.10:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MUID=14C76616357D6828383273D0349D695F; domain=.bing.com; expires=Fri, 01-May-2026 12:23:15 GMT; path=/; SameSite=None; Secure; Priority=High;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 8CB315043AB94B359AC85DAD31D731FE Ref B: LON04EDGE1017 Ref C: 2025-04-06T12:23:15Z
      date: Sun, 06 Apr 2025 12:23:14 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid=
      Remote address:
      150.171.28.10:443
      Request
      GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=14C76616357D6828383273D0349D695F
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MSPTC=fo1it1B0vXIMEQNOoH53lE8RCQYFa3XdjNt8E00GZMQ; domain=.bing.com; expires=Fri, 01-May-2026 12:23:15 GMT; path=/; Partitioned; secure; SameSite=None
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 11FAF0739C1D4A098CADD158E9E89577 Ref B: LON04EDGE1017 Ref C: 2025-04-06T12:23:15Z
      date: Sun, 06 Apr 2025 12:23:14 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid=
      Remote address:
      150.171.28.10:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=14C76616357D6828383273D0349D695F; MSPTC=fo1it1B0vXIMEQNOoH53lE8RCQYFa3XdjNt8E00GZMQ
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 9E57AA8292FF4BD983B3600264370A3E Ref B: LON04EDGE1017 Ref C: 2025-04-06T12:23:15Z
      date: Sun, 06 Apr 2025 12:23:14 GMT
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
      Response
      tse1.mm.bing.net
      IN CNAME
      mm-mm.bing.net.trafficmanager.net
      mm-mm.bing.net.trafficmanager.net
      IN CNAME
      ax-0001.ax-msedge.net
      ax-0001.ax-msedge.net
      IN A
      150.171.28.10
      ax-0001.ax-msedge.net
      IN A
      150.171.27.10
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239357296555_1NQZO136EN197N4N8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239357296555_1NQZO136EN197N4N8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 193575
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 24B2113398E9451A937AD2FF79F32F0E Ref B: LON04EDGE0812 Ref C: 2025-04-06T12:23:45Z
      date: Sun, 06 Apr 2025 12:23:44 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239360265013_1UVY69FM05I7V26BP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239360265013_1UVY69FM05I7V26BP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 674070
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: FF16C0C211394175B7FA2F3D016E2D95 Ref B: LON04EDGE0812 Ref C: 2025-04-06T12:23:45Z
      date: Sun, 06 Apr 2025 12:23:44 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239339388224_1CNCLDFOO6A6DWYFX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239339388224_1CNCLDFOO6A6DWYFX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 762590
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: E10E898EE4E34D639F1B13A0F41A0AE3 Ref B: LON04EDGE0812 Ref C: 2025-04-06T12:23:45Z
      date: Sun, 06 Apr 2025 12:23:44 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239339388225_1B60QSS9I6SIVS5TS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239339388225_1B60QSS9I6SIVS5TS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 543571
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 1E5DEE55FF034E25A2C6FC71650A0F43 Ref B: LON04EDGE0812 Ref C: 2025-04-06T12:23:45Z
      date: Sun, 06 Apr 2025 12:23:44 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239357296561_1OO0GI7LQYW9WHHBG&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239357296561_1OO0GI7LQYW9WHHBG&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 669559
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: B4EDFA967A81463EA9372960DCE845B4 Ref B: LON04EDGE0812 Ref C: 2025-04-06T12:23:45Z
      date: Sun, 06 Apr 2025 12:23:44 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239360265014_1I9L6MC65FHDFQ9Z7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      150.171.28.10:443
      Request
      GET /th?id=OADD2.10239360265014_1I9L6MC65FHDFQ9Z7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 195935
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 11D36B1012894306A6A76FCF05F23DF7 Ref B: LON04EDGE0812 Ref C: 2025-04-06T12:23:45Z
      date: Sun, 06 Apr 2025 12:23:45 GMT
    • flag-us
      DNS
      c.pki.goog
      Remote address:
      8.8.8.8:53
      Request
      c.pki.goog
      IN A
      Response
      c.pki.goog
      IN CNAME
      pki-goog.l.google.com
      pki-goog.l.google.com
      IN A
      142.250.187.227
    • flag-gb
      GET
      http://c.pki.goog/r/r1.crl
      Remote address:
      142.250.187.227:80
      Request
      GET /r/r1.crl HTTP/1.1
      Cache-Control: max-age = 3000
      Connection: Keep-Alive
      Accept: */*
      If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: c.pki.goog
      Response
      HTTP/1.1 200 OK
      Accept-Ranges: bytes
      Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
      Cross-Origin-Resource-Policy: cross-origin
      Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
      Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
      Content-Length: 993
      X-Content-Type-Options: nosniff
      Server: sffe
      X-XSS-Protection: 0
      Date: Sun, 06 Apr 2025 12:07:39 GMT
      Expires: Sun, 06 Apr 2025 12:57:39 GMT
      Cache-Control: public, max-age=3000
      Age: 996
      Last-Modified: Thu, 03 Apr 2025 14:18:00 GMT
      Content-Type: application/pkix-crl
      Vary: Accept-Encoding
    • 150.171.28.10:443
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid=
      tls, http2
      2.0kB
       9.4kB
       22
      19

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=2f1472353c914618b75b41688a2b0b5d&localId=w:09BB4BB9-3D46-9058-C614-E54E12C4002F&deviceId=6966581029011528&anid=

      HTTP Response

      204
    • 150.171.28.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       6.9kB
       15
      13
    • 150.171.28.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       6.9kB
       15
      13
    • 150.171.28.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       6.9kB
       15
      13
    • 150.171.28.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       7.4kB
       16
      13
    • 150.171.28.10:443
      https://tse1.mm.bing.net/th?id=OADD2.10239360265014_1I9L6MC65FHDFQ9Z7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      tls, http2
      108.6kB
       3.1MB
       2289
      2284

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239357296555_1NQZO136EN197N4N8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239360265013_1UVY69FM05I7V26BP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239339388224_1CNCLDFOO6A6DWYFX&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239339388225_1B60QSS9I6SIVS5TS&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239357296561_1OO0GI7LQYW9WHHBG&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239360265014_1I9L6MC65FHDFQ9Z7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Response

      200
    • 142.250.187.227:80
      http://c.pki.goog/r/r1.crl
      http
      476 B
       1.9kB
       6
      5

      HTTP Request

      GET http://c.pki.goog/r/r1.crl

      HTTP Response

      200
    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
       148 B
       1
      1

      DNS Request

      g.bing.com

      DNS Response

      150.171.28.10
      150.171.27.10

    • 8.8.8.8:53
      tse1.mm.bing.net
      dns
      62 B
       170 B
       1
      1

      DNS Request

      tse1.mm.bing.net

      DNS Response

      150.171.28.10
      150.171.27.10

    • 8.8.8.8:53
      c.pki.goog
      dns
      56 B
       107 B
       1
      1

      DNS Request

      c.pki.goog

      DNS Response

      142.250.187.227

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.