hxxps://steamunlocked[.]net/16-ultrakill-free-download/

Analysis

max time kernel
150s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 09:03 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamunlocked.net/16-ultrakill-free-download/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1856	msedge.exe
1856	msedge.exe
4576	msedge.exe
4576	msedge.exe
3376	identity_helper.exe
3376	identity_helper.exe
4620	msedge.exe
4620	msedge.exe
4620	msedge.exe
4620	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe
4576	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4576 wrote to memory of 3404	4576	msedge.exe	85
PID 4576 wrote to memory of 3404	4576	msedge.exe	85
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 2260	4576	msedge.exe	86
PID 4576 wrote to memory of 1856	4576	msedge.exe	87
PID 4576 wrote to memory of 1856	4576	msedge.exe	87
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88
PID 4576 wrote to memory of 4260	4576	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamunlocked.net/16-ultrakill-free-download/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc301346f8,0x7ffc30134708,0x7ffc30134718
  2⤵
  PID:3404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
  2⤵
  PID:4260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:3780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:4128
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5528 /prefetch:8
  2⤵
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5528 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
  2⤵
  PID:844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:3664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,7907538218276600833,13056973240955777990,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5296 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4620

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3516

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4492

Network

DNS

23.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.159.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

241.154.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.154.82.20.in-addr.arpa

IN PTR

Response
DNS

146.78.124.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

146.78.124.51.in-addr.arpa

IN PTR

Response
DNS

1.202.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.202.248.87.in-addr.arpa

IN PTR

Response

1.202.248.87.in-addr.arpa

IN PTR

https-87-248-202-1amsllnwnet
DNS

steamunlocked.net

msedge.exe

Remote address:

8.8.8.8:53

Request

steamunlocked.net

IN A

Response

steamunlocked.net

IN A

104.21.235.153

steamunlocked.net

IN A

104.21.235.154
GET

https://steamunlocked.net/16-ultrakill-free-download/

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /16-ultrakill-free-download/ HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:31 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 12 Oct 2023 08:28:12 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KD3zf2BiXxJwNzM%2BRcIZ2iZsTiioSMHL8f6AdMRL%2BkASmcaJyZTlB%2FocIRX5SaZYd%2FzS7zdc%2F2UKsKjIDLSyG9WOifMLN2IzE8Mqo9ZrQnv5WoBENwep4CkRqXIj4nqhBaxClw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e754b69b796-AMS
content-encoding: br
GET

https://steamunlocked.net/wp-content/cache/wpfc-minified/klllmfe4/9mkvw.css

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/cache/wpfc-minified/klllmfe4/9mkvw.css HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://steamunlocked.net/16-ultrakill-free-download/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:31 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=30908
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=5356800
expires: Thu, 12 Oct 2023 03:10:17 GMT
last-modified: Fri, 28 Jul 2023 02:32:04 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
cf-cache-status: HIT
age: 1230914
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtaXEmctQ7kkSgwu3XxklGRWdYGFuVHZ52hm621IJItGxypSNQSMMoRqaE2XmmCMSaUsvs6etrl8Sp8Hi8nIvspoHMbADMiFBDFIggrn8CLSiprl1g%2FzHfORl4ufiwbipe0Hvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e79ad02b796-AMS
content-encoding: br
GET

https://steamunlocked.net/wp-content/plugins/custom-cache/js/lazy-load.min.js?ver=1.1

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/plugins/custom-cache/js/lazy-load.min.js?ver=1.1 HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://steamunlocked.net/16-ultrakill-free-download/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=5356800
expires: Thu, 28 Sep 2023 05:27:42 GMT
last-modified: Tue, 26 Apr 2022 17:40:38 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1827469
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnG%2BSXdJPje01mJOUF0Yt1SR8hXkSYVaPSEcLtDd8idu%2BJ2QZBTsm5SCta5m7ACFLrCZAgwLlzLpPR70oPsXfP%2FSYsFyxco%2BFSwtbjrep2zt85Fdhz9almeOsQ4hCRgJ%2BbNOhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e79ad04b796-AMS
content-encoding: br
GET

https://steamunlocked.net/wp-content/themes/steamunlocked/js/jquery.js?ver=1

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/themes/steamunlocked/js/jquery.js?ver=1 HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://steamunlocked.net/16-ultrakill-free-download/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:31 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cf-polished: origSize=67170
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=5356800
expires: Sat, 23 Sep 2023 07:41:30 GMT
last-modified: Thu, 18 Nov 2021 18:50:39 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
cf-cache-status: HIT
age: 2251441
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRNzE%2Fn1o%2BVSw67YQNgyaiqNNd6qMOEb%2FWSKdVv6%2BhzVfx26HbaAfgDUhBJmtCeg4C30yAT545x%2BpWnGcsQcGybtp%2FJGiJiFxnYMLoyiEr1WHsU7%2BH4S92NVcqx2pfbwkPZcNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e7a0d38b796-AMS
content-encoding: br
GET

https://steamunlocked.net/wp-content/themes/steamunlocked/js/script.min.js?ver=1

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/themes/steamunlocked/js/script.min.js?ver=1 HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://steamunlocked.net/16-ultrakill-free-download/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=5356800
expires: Sat, 23 Sep 2023 07:46:23 GMT
last-modified: Tue, 26 Apr 2022 16:02:20 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2251148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfghsDpa15E%2Fun%2BjJsCvWJufV9tTf8dhN%2FTr61SDKwix4xCB1fDZQuerJWaISS%2B8VIEDKHSK9PQ9SoLv8wRe2Ai27xlamGTPm2XDwdk0sfgUiLiuoljlHnLJWFe2l%2BOXovnFIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e7a5d84b796-AMS
content-encoding: br
GET

https://steamunlocked.net/wp-content/themes/steamunlocked/img/steam-unlocked-logo.png

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/themes/steamunlocked/img/steam-unlocked-logo.png HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://steamunlocked.net/16-ultrakill-free-download/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:31 GMT
content-type: image/png
content-length: 2673
cache-control: public, max-age=5356800
expires: Sat, 30 Sep 2023 07:46:23 GMT
last-modified: Thu, 18 Nov 2021 18:50:39 GMT
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2251148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m35C90NkPtMjH0Cu%2BmjLMgvoVafR6I5Cvo2CsraD1A2u%2FlmymEexElvMG407q7u11NDbJKmtE%2B%2BSAmx403LIlbQX4PfkqswlsBCdDG%2F9CI2E%2FAZ6DvsSQwZ85szQS5b4jeWi7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e7a8d97b796-AMS
GET

https://steamunlocked.net/wp-content/themes/steamunlocked/img/steamunlocked-bg.jpg

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/themes/steamunlocked/img/steamunlocked-bg.jpg HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://steamunlocked.net/wp-content/cache/wpfc-minified/klllmfe4/9mkvw.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:31 GMT
content-type: image/jpeg
content-length: 355250
cache-control: public, max-age=5356800
expires: Sat, 30 Sep 2023 07:46:23 GMT
last-modified: Thu, 18 Nov 2021 18:50:39 GMT
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2251148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20ZJEUGhPviczduNchSXLE70ZMBwhpoTSYIww7VoaQhx1zMkFq8uqC2FA%2BxRVIlwes0OD73OO3mgeL3qLP2yafB0bWZzRnWEzVSVtIkVVF0wC8V2ww0SAnDlQ3cOhbEyJf3pLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e7acdc5b796-AMS
GET

https://steamunlocked.net/wp-content/themes/steamunlocked/img/menu-background.webp

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/themes/steamunlocked/img/menu-background.webp HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://steamunlocked.net/wp-content/cache/wpfc-minified/klllmfe4/9mkvw.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:31 GMT
content-type: image/webp
content-length: 12164
cache-control: public, max-age=5356800
expires: Fri, 13 Oct 2023 08:57:10 GMT
last-modified: Thu, 18 Nov 2021 22:25:15 GMT
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 518900
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHWmYSDBYsirvQKdHum6abkVJ0IJoae8wYcW2L67y%2FHtpMKObbKzseN0a1kwP%2BKbxEasKVHk1qngt4kPiXUgzjyWaD%2Bf4wsXLRZNTyIvB3qJhYsSPG%2FpiuPuVOU7xHNjRI5bEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e7acdc6b796-AMS
GET

https://steamunlocked.net/wp-content/uploads/2023/10/Forza-Motorsport-Free-Download-Steam-82x110.png

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/uploads/2023/10/Forza-Motorsport-Free-Download-Steam-82x110.png HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://steamunlocked.net/16-ultrakill-free-download/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga_4WGMGP0QM8=GS1.1.1697101526.1.0.1697101526.0.0.0
cookie: _ga=GA1.1.1097638823.1697101527

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:32 GMT
content-type: image/png
content-length: 17404
cache-control: public, max-age=5356800
expires: Thu, 19 Oct 2023 06:07:54 GMT
last-modified: Thu, 05 Oct 2023 05:18:17 GMT
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 615458
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vv8ocY%2BwezJ1c%2FdtT%2B8c%2FpjJE1wQq6lEVmR59ba4lSA9SStL2omW6uJrvHFJ1wjc1pCjhfkgTvliNoJBlIzDsUlw3PkQ2rvOX%2BMApiBqQ5oA8OrAYMOL%2F1u8q5lFhApVQbxfEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e831a5bb796-AMS
GET

https://steamunlocked.net/wp-content/uploads/2023/10/Tony-Hawks-Pro-Skater-1-2-Free-Download-Steam-82x110.png

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/uploads/2023/10/Tony-Hawks-Pro-Skater-1-2-Free-Download-Steam-82x110.png HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://steamunlocked.net/16-ultrakill-free-download/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga_4WGMGP0QM8=GS1.1.1697101526.1.0.1697101526.0.0.0
cookie: _ga=GA1.1.1097638823.1697101527

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:32 GMT
content-type: image/png
content-length: 17284
cache-control: public, max-age=5356800
expires: Tue, 03 Oct 2023 23:13:57 GMT
last-modified: Tue, 19 Sep 2023 21:55:53 GMT
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1936294
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iR9MZK0bqs8L4W7yd6UqepymzZqZrv6XDpBR0ipr041Y7%2BUVfTobccxPxNUzIiOEfeuQ2gR8tq51Z2Ij0alm8xsyio7PuB0BUANeqyXrHJ0oEv0%2BvOV8YFTHKBp9O4iHX5kZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e831a5db796-AMS
GET

https://steamunlocked.net/wp-content/uploads/2023/09/Payday-3-Free-Download-Steam-82x110.png

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/uploads/2023/09/Payday-3-Free-Download-Steam-82x110.png HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://steamunlocked.net/16-ultrakill-free-download/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga_4WGMGP0QM8=GS1.1.1697101526.1.0.1697101526.0.0.0
cookie: _ga=GA1.1.1097638823.1697101527

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:32 GMT
content-type: image/png
content-length: 22427
cache-control: public, max-age=5356800
expires: Wed, 18 Oct 2023 04:52:09 GMT
last-modified: Tue, 03 Oct 2023 23:16:21 GMT
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 706403
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFOsUC3TGkV11v1j2THQtOnZYRKDPN%2BQcB4fPZcIkvEdxtFOOWCLe%2BU4RuWqJAOo4%2FWRsdh382FWzA%2BLJCn7eC62%2FrNUBLna9aOEmGJzCFUeoKcrYsIEZK1Xi6kxkvWS%2BuUM1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e831a5cb796-AMS
GET

https://steamunlocked.net/wp-content/uploads/2018/07/cropped-free-steam-games-32x32.png

msedge.exe

Remote address:

104.21.235.153:443

Request

GET /wp-content/uploads/2018/07/cropped-free-steam-games-32x32.png HTTP/2.0
host: steamunlocked.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://steamunlocked.net/16-ultrakill-free-download/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga_4WGMGP0QM8=GS1.1.1697101526.1.0.1697101526.0.0.0
cookie: _ga=GA1.1.1097638823.1697101527

Response

HTTP/2.0 200

date: Thu, 12 Oct 2023 09:05:32 GMT
content-type: image/png
content-length: 632
cache-control: public, max-age=5356800
expires: Sat, 30 Sep 2023 07:47:57 GMT
last-modified: Thu, 18 Nov 2021 18:50:42 GMT
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2251055
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOnhqAbFBinpXfhzcHcDBQzPhiwvkGaeUV0AFt6oH7AWyOubb%2FeAxZwNFLsAYZyv%2FKm8v%2F1DyhhbgKQfTV5iZdiN1nWs8zc5CZTVp9rrwz4r%2FS4rfrdjm1mW5PtXwZQmU6AbBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 814e2e83eaa9b796-AMS
DNS

153.235.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

153.235.21.104.in-addr.arpa

IN PTR

Response
DNS

106.208.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

106.208.58.216.in-addr.arpa

IN PTR

Response

106.208.58.216.in-addr.arpa

IN PTR

sof01s11-in-f1061e100net

106.208.58.216.in-addr.arpa

IN PTR

ams17s08-in-f10�J
DNS

131.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.179.250.142.in-addr.arpa

IN PTR

Response

131.179.250.142.in-addr.arpa

IN PTR

ams17s10-in-f31e100net
DNS

8.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.36.251.142.in-addr.arpa

IN PTR

Response

8.36.251.142.in-addr.arpa

IN PTR

ams15s44-in-f81e100net
DNS

region1.google-analytics.com

msedge.exe

Remote address:

8.8.8.8:53

Request

region1.google-analytics.com

IN A

Response

region1.google-analytics.com

IN A

216.239.34.36

region1.google-analytics.com

IN A

216.239.32.36
POST

https://region1.google-analytics.com/g/collect?v=2&tid=G-4WGMGP0QM8&gtm=45je3ab0&_p=783846642&cid=1097638823.1697101527&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&_s=1&sid=1697101526&sct=1&seg=0&dl=https%3A%2F%2Fsteamunlocked.net%2F16-ultrakill-free-download%2F&dt=ULTRAKILL%20Free%20Download%20(v2023.04.28)%20%C2%BB%20STEAMUNLOCKED&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

msedge.exe

Remote address:

216.239.34.36:443

Request

POST /g/collect?v=2&tid=G-4WGMGP0QM8&gtm=45je3ab0&_p=783846642&cid=1097638823.1697101527&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&_s=1&sid=1697101526&sct=1&seg=0&dl=https%3A%2F%2Fsteamunlocked.net%2F16-ultrakill-free-download%2F&dt=ULTRAKILL%20Free%20Download%20(v2023.04.28)%20%C2%BB%20STEAMUNLOCKED&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/2.0
host: region1.google-analytics.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://steamunlocked.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://steamunlocked.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

36.34.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.34.239.216.in-addr.arpa

IN PTR

Response
DNS

198.1.85.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.1.85.104.in-addr.arpa

IN PTR

Response

198.1.85.104.in-addr.arpa

IN PTR

a104-85-1-198deploystaticakamaitechnologiescom
DNS

205.47.74.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.47.74.20.in-addr.arpa

IN PTR

Response
DNS

9.228.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.228.82.20.in-addr.arpa

IN PTR

Response
DNS

158.240.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.240.127.40.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

1.208.79.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.208.79.178.in-addr.arpa

IN PTR

Response

1.208.79.178.in-addr.arpa

IN PTR

https-178-79-208-1amsllnwnet
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

126.178.238.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

126.178.238.8.in-addr.arpa

IN PTR

Response
DNS

59.128.231.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.128.231.4.in-addr.arpa

IN PTR

Response
DNS

123.10.44.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

123.10.44.20.in-addr.arpa

IN PTR

Response

104.21.235.153:443

https://steamunlocked.net/wp-content/uploads/2018/07/cropped-free-steam-games-32x32.png

tls, http2

msedge.exe

12.5kB
499.9kB
220
406

HTTP Request

GET https://steamunlocked.net/16-ultrakill-free-download/

HTTP Response

200

HTTP Request

GET https://steamunlocked.net/wp-content/cache/wpfc-minified/klllmfe4/9mkvw.css

HTTP Request

GET https://steamunlocked.net/wp-content/plugins/custom-cache/js/lazy-load.min.js?ver=1.1

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://steamunlocked.net/wp-content/themes/steamunlocked/js/jquery.js?ver=1

HTTP Response

200

HTTP Request

GET https://steamunlocked.net/wp-content/themes/steamunlocked/js/script.min.js?ver=1

HTTP Response

200

HTTP Request

GET https://steamunlocked.net/wp-content/themes/steamunlocked/img/steam-unlocked-logo.png

HTTP Response

200

HTTP Request

GET https://steamunlocked.net/wp-content/themes/steamunlocked/img/steamunlocked-bg.jpg

HTTP Request

GET https://steamunlocked.net/wp-content/themes/steamunlocked/img/menu-background.webp

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://steamunlocked.net/wp-content/uploads/2023/10/Forza-Motorsport-Free-Download-Steam-82x110.png

HTTP Request

GET https://steamunlocked.net/wp-content/uploads/2023/10/Tony-Hawks-Pro-Skater-1-2-Free-Download-Steam-82x110.png

HTTP Request

GET https://steamunlocked.net/wp-content/uploads/2023/09/Payday-3-Free-Download-Steam-82x110.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://steamunlocked.net/wp-content/uploads/2018/07/cropped-free-steam-games-32x32.png

HTTP Response

200
104.21.235.153:443

steamunlocked.net

tls, http2

msedge.exe

989 B
5.1kB
9
8
216.239.34.36:443

https://region1.google-analytics.com/g/collect?v=2&tid=G-4WGMGP0QM8&gtm=45je3ab0&_p=783846642&cid=1097638823.1697101527&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&_s=1&sid=1697101526&sct=1&seg=0&dl=https%3A%2F%2Fsteamunlocked.net%2F16-ultrakill-free-download%2F&dt=ULTRAKILL%20Free%20Download%20(v2023.04.28)%20%C2%BB%20STEAMUNLOCKED&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

tls, http2

msedge.exe

2.0kB
6.7kB
14
14

HTTP Request

POST https://region1.google-analytics.com/g/collect?v=2&tid=G-4WGMGP0QM8&gtm=45je3ab0&_p=783846642&cid=1097638823.1697101527&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&_s=1&sid=1697101526&sct=1&seg=0&dl=https%3A%2F%2Fsteamunlocked.net%2F16-ultrakill-free-download%2F&dt=ULTRAKILL%20Free%20Download%20(v2023.04.28)%20%C2%BB%20STEAMUNLOCKED&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

8.8.8.8:53

23.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

23.159.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

241.154.82.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

241.154.82.20.in-addr.arpa
8.8.8.8:53

146.78.124.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

146.78.124.51.in-addr.arpa
8.8.8.8:53

1.202.248.87.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

1.202.248.87.in-addr.arpa
8.8.8.8:53

steamunlocked.net

dns

msedge.exe

63 B
95 B
1
1

DNS Request

steamunlocked.net

DNS Response

104.21.235.153

104.21.235.154
8.8.8.8:53

153.235.21.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

153.235.21.104.in-addr.arpa
8.8.8.8:53

106.208.58.216.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

106.208.58.216.in-addr.arpa
8.8.8.8:53

131.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

131.179.250.142.in-addr.arpa
8.8.8.8:53

8.36.251.142.in-addr.arpa

dns

71 B
109 B
1
1

DNS Request

8.36.251.142.in-addr.arpa
8.8.8.8:53

region1.google-analytics.com

dns

msedge.exe

74 B
106 B
1
1

DNS Request

region1.google-analytics.com

DNS Response

216.239.34.36

216.239.32.36
8.8.8.8:53

36.34.239.216.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

36.34.239.216.in-addr.arpa
8.8.8.8:53

198.1.85.104.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

198.1.85.104.in-addr.arpa
8.8.8.8:53

205.47.74.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

205.47.74.20.in-addr.arpa
8.8.8.8:53

9.228.82.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

9.228.82.20.in-addr.arpa
224.0.0.251:5353

msedge.exe

522 B
8
8.8.8.8:53

158.240.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

158.240.127.40.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

1.208.79.178.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

1.208.79.178.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

126.178.238.8.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

126.178.238.8.in-addr.arpa
8.8.8.8:53

59.128.231.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

59.128.231.4.in-addr.arpa
8.8.8.8:53

123.10.44.20.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

123.10.44.20.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
16c2a9f4b2e1386aab0e353614a63f0d

SHA1
6edd3be593b653857e579cbd3db7aa7e1df3e30f

SHA256
0f7c58a653ae1f3999627721bad03793edc1e9d12e8f5253c30b61b8478f5c81

SHA512
aba1ed22c7b9ae1942d69a7cd7a618597300ae5c56be88187ddec6227df056f81c1d9217778d87fa8c36402bce7275d707118ff62d3a241297738da434556e06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
0cdf57845a23623c37fa8d32ee6c3b58

SHA1
270137d8bb3ce3952e54c061849373c1af305ff7

SHA256
7763e4b9d0184b7a515db2a0125b2dba1bd7ebce85408765be3fcac038c1b023

SHA512
ecac3e60cff131f0ad66ba86d332f59c258dd7869f15cc76700c07948c249cde99fdd891bb1bbfda5fd45ee2b42db64f5cb3332fdb08db9c0ac903c3113ee5e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
6b6e0a832359e2b5626c3cee012f4ef5

SHA1
9e383e7d90a281d8bdbf3b47955db827f49c710a

SHA256
f8520fcf288fa2f3bdc1a58490bd73457fe11d38901ec0a27bf2a739516314de

SHA512
991fa24ece794f914987cb4bea6c3b2721323af5a26611b04cc90a1ba11d8671618a8147d89e327f41db34f8ace846bef0583f34b261d418dbd6824693f9e89d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c4c8ab179499ba2b5a7e1b0598f4bdd4

SHA1
3853eb3b23c68efed8f79be07379a468a456f306

SHA256
f5f5583f9e22a5f346d3ec40cdecd674a705f5225793646c99a29f85060a7ca9

SHA512
ea448461e02e0c6a1f339dc9115fb038ebafa36f2fd1568af174d919106a0c6dbb89f679be0507f612ecf0f3101b7b8907a9e1e4e09fdc6891c4155cdc3f56ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
3be4be843f9468abf244781acd569d62

SHA1
6cb3459ee48634bab2909752ba9dcdff0afa8845

SHA256
19c7d7329b1e8c264a75150b819245888c97f5b701e409c308f46b191a75b052

SHA512
58e124443fafaa8701fcc480546b8aba3a4c6e8e1b3ffc29d59acf236ebea1029d768f062705fcb7ba073fd33fcbf2dc38bb7ca515ad594621e9968a50766e1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
699e3636ed7444d9b47772e4446ccfc1

SHA1
db0459ca6ceeea2e87e0023a6b7ee06aeed6fded

SHA256
9205233792628ecf0d174de470b2986abf3adfed702330dc54c4a76c9477949a

SHA512
d5d4c08b6aec0f3e3506e725decc1bdf0b2e2fb50703c36d568c1ea3c3ab70720f5aec9d49ad824505731eb64db399768037c9f1be655779ed77331a7bab1d51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
54cf8f3f9ce8f54c5dd808da8cfb2738

SHA1
3917ecd81e1bc6e24d59155ce7ac3529276fe855

SHA256
b29b068665aac1389410860b7ac23f8216be1743bdee024572fb26a61bcd88ae

SHA512
b447627b42dd85e4b628fa9fd4c9df81cf4e0ffd3f00c3ee038b8278dcca75083409bd0f264ef63b452ceaa4cc19b0d70ead2d52797fae05bcb2a16ebacc32ac

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.