hxxp://www[.]glasscubes[.]com

Analysis

max time kernel
145s
max time network
149s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
18/01/2024, 11:27 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.glasscubes.com

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 44 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0daad72014ada01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "411739138"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "21"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com\ = "21"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d80bef292bee784c8e3c940d61fdfeb8000000000200000000001066000000010000200000006b9ef3cdf4a193eae940031430dbfa592870ae6b89bff83045604a733b6f378e000000000e80000000020000200000007577fac5e40ba005c630435d5fb991dc27ee8dc2c90bedcf891fc03f87153ef9900000008dc5e1b83107fc1f273a7e00514cdb018f346979aff38b6ca602460a90cf27f978cee19038110f42ad258bfb94cda62d61a4ae5e50416ef37518b5a6b32d5efe0186ffe7bab0ad32190c8db8d799b7f8111396af8ac8029ffe0a010cdbb9dd12b9a2cb5cc5304a0938dc9092b1c01a80724393f3aa84bc636a01cc35d305d290e391a6ca42624f8d981eb5bcb51ccb6040000000296a8eba3557a6c9f79a76dfabfe6d490781022eb5db3cd1d9058827281d99d139bd0c5e791a3ea6d24b153c0c65f4b29c89a3f141975b49f6f5606bb5c46256	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.google.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com\Total = "21"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9B7C2461-B5F4-11EE-8CD0-DECE4B73D784} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\DOMStorage\google.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3427588347-1492276948-3422228430-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d80bef292bee784c8e3c940d61fdfeb8000000000200000000001066000000010000200000008ca3352677f99171dfdc133c06e9b8705d064b077696b983645d1d0672d7bacf000000000e800000000200002000000082e5cd514f6a0399a8f09c7e111b2b1ddc8a0dc36ae985cbbc56c957fed9274420000000929b35301fd5a5ba1f9866a68b0a370ccbb8b57688456cbb814b1f908cd90ff2400000006ae9587c3907aa2887359acdebede1db92850742c8b16ec6e85030ca060684a605b759368db63ee8329980e5b3046a35a949562e57b92ff586fdff540a94fd33	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2188	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2188	iexplore.exe
2188	iexplore.exe
2688	IEXPLORE.EXE
2688	IEXPLORE.EXE
2688	IEXPLORE.EXE
2688	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2188 wrote to memory of 2688	2188	iexplore.exe	28
PID 2188 wrote to memory of 2688	2188	iexplore.exe	28
PID 2188 wrote to memory of 2688	2188	iexplore.exe	28
PID 2188 wrote to memory of 2688	2188	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" http://www.glasscubes.com
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2188
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2688

Network

DNS

www.glasscubes.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.glasscubes.com

IN A

Response

www.glasscubes.com

IN A

52.222.191.118

www.glasscubes.com

IN A

52.222.191.69

www.glasscubes.com

IN A

52.222.191.105

www.glasscubes.com

IN A

52.222.191.47
GET

http://www.glasscubes.com/

IEXPLORE.EXE

Remote address:

52.222.191.118:80

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Server: CloudFront
Date: Thu, 18 Jan 2024 11:27:51 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.glasscubes.com/
X-Cache: Redirect from cloudfront
Via: 1.1 f2bfcb0e5eaa96cb4b9aaa38ccd55546.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: 4jXQF2YUEmVnRSUgcBKcTTqKjYLYnkd2tqrT-wNLX6fznWEPAoCk8Q==
GET

https://www.glasscubes.com/

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=UTF-8
Content-Length: 7817
Connection: keep-alive
Date: Wed, 17 Jan 2024 20:31:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/5.6.40
X-SilverStripe-Cache: hit at Wed, 17 Jan 2024 20:31:19 +0000
Cache-Control: max-age=86400
Expires: Thu, 18 Jan 2024 20:31:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: _YuLvoiRNyrWkmm1VKDaVxHhnAgXXwM268nMH2RYNmtXfCcIU6jMvw==
Age: 53794
GET

https://www.glasscubes.com/themes/gctheme3/css/carrie_screen.min.css?m=2au

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET /themes/gctheme3/css/carrie_screen.min.css?m=2au HTTP/1.1
Accept: text/css, */*
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css
Content-Length: 30114
Connection: keep-alive
Date: Thu, 04 Jan 2024 15:56:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 20 Oct 2023 12:57:39 GMT
ETag: "20e4f-608256ad0e5c1-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 03 Feb 2024 15:56:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: 5pPHkE_EWhMuBn4VVftUnBArelByItpLtz05mocKg_ITtN81GzIR-w==
Age: 1193494
GET

https://www.glasscubes.com/themes/gctheme3/css/homepage-new.css?v=18

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET /themes/gctheme3/css/homepage-new.css?v=18 HTTP/1.1
Accept: text/css, */*
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css
Content-Length: 5816
Connection: keep-alive
Date: Sun, 14 Jan 2024 07:17:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 20 Dec 2023 16:38:59 GMT
ETag: "a7e5-60cf39eb2daa9-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 13 Feb 2024 07:17:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: JaU0xM_azTFW6im6HnRnbapptvgUp31mKShoAdo86gyq8_KMpR47Aw==
Age: 360597
GET

https://www.glasscubes.com/custom/OC1/images/tick1.png

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET /custom/OC1/images/tick1.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 2428
Connection: keep-alive
Date: Fri, 05 Jan 2024 02:01:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 20 Dec 2022 10:55:12 GMT
ETag: "97c-5f0404525abee"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 04 Feb 2024 02:01:35 GMT
X-Cache: Hit from cloudfront
Via: 1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: msygqN17GZitRNSn2FWBNFvL5ek2FewIqcGXKErFMH7AEQB4YRmvhg==
Age: 1157178
GET

https://www.glasscubes.com/themes/gctheme3/css/icons/icomoon.woff?wze4eb

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET /themes/gctheme3/css/icons/icomoon.woff?wze4eb HTTP/1.1
Accept: */*
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: https://www.glasscubes.com
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: application/font-woff
Content-Length: 36896
Connection: keep-alive
Date: Mon, 15 Jan 2024 08:14:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Feb 2018 12:17:10 GMT
ETag: "9020-5652b17273d80"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 14 Feb 2024 08:14:30 GMT
Access-Control-Allow-Origin: https://www.glasscubes.com
X-Cache: Hit from cloudfront
Via: 1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: rzJIhmF_88zYeMAo32bnCp1JfioPea6zIspue-p1n9dJ8SIuSc4Ycg==
Age: 270804
GET

https://www.glasscubes.com/themes/gctheme3/images/logo.svg

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET /themes/gctheme3/images/logo.svg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/svg+xml
Content-Length: 1589
Connection: keep-alive
Date: Thu, 11 Jan 2024 06:17:39 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 14 Feb 2018 12:16:21 GMT
ETag: "123f-5652b143b8f40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Fri, 10 Jan 2025 06:17:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: lkFFe1ebQw4Z8X8e4ctov6pDxP9HjDEevjLx89W3v0cT-aa68Tylmw==
Age: 623415
GET

https://www.glasscubes.com/themes/gctheme3/images/hero1.png

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET /themes/gctheme3/images/hero1.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 83692
Connection: keep-alive
Date: Fri, 05 Jan 2024 02:01:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 22 Feb 2023 13:36:49 GMT
ETag: "146ec-5f549fcf93fbf"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 04 Feb 2024 02:01:35 GMT
X-Cache: Hit from cloudfront
Via: 1.1 24eb1500b3f80b309dcd7b8a50210a68.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: 6vdhDxYRAtKznvPeieGetqph8nWCI04hzCdOPrSipqbciYxBXgUKyw==
Age: 1157179
GET

https://www.glasscubes.com/favicon.ico

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/vnd.microsoft.icon
Content-Length: 347
Connection: keep-alive
Date: Thu, 04 Jan 2024 18:55:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 17 Dec 2010 14:37:56 GMT
ETag: "15b-4979c1db5f900"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 03 Feb 2024 18:55:32 GMT
X-Cache: Hit from cloudfront
Via: 1.1 24eb1500b3f80b309dcd7b8a50210a68.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: E4h37k-N1ubVTD_nFtKXR94xlj5Wr7TV6p-scqUnage6h9fV59-FzQ==
Age: 1182743
GET

https://www.glasscubes.com/themes/gctheme3/javascript/page.js?v=1j

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET /themes/gctheme3/javascript/page.js?v=1j HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Length: 50946
Connection: keep-alive
Date: Thu, 04 Jan 2024 15:56:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Jan 2024 15:36:44 GMT
ETag: "24931-60e207fb04e7f-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 03 Feb 2024 15:56:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 24eb1500b3f80b309dcd7b8a50210a68.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: N3FDlyrb3vZK4g5KSVys6BAEnJEGalqnHpGwii6PvMFPzVR4awIENQ==
Age: 1193496
GET

https://www.glasscubes.com/themes/gctheme3/javascript/alltracking.js?v=5j

IEXPLORE.EXE

Remote address:

52.222.191.118:443

Request

GET /themes/gctheme3/javascript/alltracking.js?v=5j HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.glasscubes.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Length: 1075
Connection: keep-alive
Date: Thu, 04 Jan 2024 15:56:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 12 Jul 2023 09:50:43 GMT
ETag: "93d-60047262d6168-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 03 Feb 2024 15:56:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 24eb1500b3f80b309dcd7b8a50210a68.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: SxTMxlEslZFYm-P94T2ix9Al2HKYL2VRAI6FhWlJqfBh7uCKvYGkaw==
Age: 1193496
DNS

www.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

74.125.193.147

www.google.com

IN A

74.125.193.99

www.google.com

IN A

74.125.193.105

www.google.com

IN A

74.125.193.103

www.google.com

IN A

74.125.193.104

www.google.com

IN A

74.125.193.106
GET

https://www.google.com/recaptcha/api.js?render=6Le5ME8aAAAAAHD50m6Wum0EaEvNFl8199Nb3Jh4

IEXPLORE.EXE

Remote address:

74.125.193.147:443

Request

GET /recaptcha/api.js?render=6Le5ME8aAAAAAHD50m6Wum0EaEvNFl8199Nb3Jh4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Expires: Thu, 18 Jan 2024 11:27:54 GMT
Date: Thu, 18 Jan 2024 11:27:54 GMT
Cache-Control: private, max-age=300
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5ME8aAAAAAHD50m6Wum0EaEvNFl8199Nb3Jh4&co=aHR0cHM6Ly93d3cuZ2xhc3NjdWJlcy5jb206NDQz&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fn9rka7y0956

IEXPLORE.EXE

Remote address:

74.125.193.147:443

Request

GET /recaptcha/api2/anchor?ar=1&k=6Le5ME8aAAAAAHD50m6Wum0EaEvNFl8199Nb3Jh4&co=aHR0cHM6Ly93d3cuZ2xhc3NjdWJlcy5jb206NDQz&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fn9rka7y0956 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Embedder-Policy: require-corp
Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 18 Jan 2024 11:27:56 GMT
Content-Security-Policy: script-src 'nonce-Q8EjP5fARZLk_1gH5oLkKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.google.com/js/bg/-b_N4E8g6K3_tsIcGB3290MknJMzMk8ebCzW0Zctc-4.js

IEXPLORE.EXE

Remote address:

74.125.193.147:443

Request

GET /js/bg/-b_N4E8g6K3_tsIcGB3290MknJMzMk8ebCzW0Zctc-4.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5ME8aAAAAAHD50m6Wum0EaEvNFl8199Nb3Jh4&co=aHR0cHM6Ly93d3cuZ2xhc3NjdWJlcy5jb206NDQz&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fn9rka7y0956
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 10516
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 16 Jan 2024 01:43:40 GMT
Expires: Wed, 15 Jan 2025 01:43:40 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 03 Jan 2024 11:00:00 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 207856
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

IEXPLORE.EXE

Remote address:

74.125.193.147:443

Request

GET /recaptcha/api2/webworker.js?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5ME8aAAAAAHD50m6Wum0EaEvNFl8199Nb3Jh4&co=aHR0cHM6Ly93d3cuZ2xhc3NjdWJlcy5jb206NDQz&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fn9rka7y0956
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Cross-Origin-Embedder-Policy: require-corp
Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
Expires: Thu, 18 Jan 2024 11:27:56 GMT
Date: Thu, 18 Jan 2024 11:27:56 GMT
Cache-Control: private, max-age=300
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&_u=YADAAEAAAAAAACAAI~&z=565267835

IEXPLORE.EXE

Remote address:

74.125.193.147:443

Request

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&_u=YADAAEAAAAAAACAAI~&z=565267835 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 18 Jan 2024 11:27:58 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

assets.calendly.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

assets.calendly.com

IN A

Response

assets.calendly.com

IN A

104.18.41.175

assets.calendly.com

IN A

172.64.146.81
GET

https://assets.calendly.com/assets/external/widget.js

IEXPLORE.EXE

Remote address:

104.18.41.175:443

Request

GET /assets/external/widget.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: assets.calendly.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 18 Jan 2024 11:27:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 84767de4fc5a776b-LHR
CF-Cache-Status: HIT
Age: 68
Cache-Control: public, max-age=300
ETag: W/"3be18f0a18cf9980a421cf1577f639f4"
Expires: Fri, 19 Jan 2024 11:27:58 GMT
Last-Modified: Mon, 15 Jan 2024 16:18:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cf-Bgj: minify
X-Content-Type-Options: nosniff
Set-Cookie: __cf_bm=vXXnO5nqT7XEBE.7uJbly_gescYjUVO9oWTqXlQoxKs-1705577278-1-AcF7Ku0Cp6ZnKGU3mtwnHebfpIS6m2QD5Y7DXSoC3RAOK3k6NLiKh8LEierQgGuEG1mitfdMvC7EtFrLfe7rUAY=; path=/; expires=Thu, 18-Jan-24 11:57:58 GMT; domain=.calendly.com; HttpOnly; Secure; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
DNS

www.clarity.ms

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.clarity.ms

IN A

Response

www.clarity.ms

IN CNAME

clarity.azurefd.net

clarity.azurefd.net

IN CNAME

star-azurefd-prod.trafficmanager.net

star-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0016.t-0009.t-msedge.net

shed.dual-low.part-0016.t-0009.t-msedge.net

IN CNAME

part-0016.t-0009.t-msedge.net

part-0016.t-0009.t-msedge.net

IN A

13.107.246.44

part-0016.t-0009.t-msedge.net

IN A

13.107.213.44
GET

https://www.clarity.ms/tag/hy304ys9cf

IEXPLORE.EXE

Remote address:

13.107.246.44:443

Request

GET /tag/hy304ys9cf HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.clarity.ms
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 18 Jan 2024 11:27:57 GMT
Content-Type: application/x-javascript
Content-Length: 650
Connection: keep-alive
Cache-Control: no-cache, no-store
Expires: -1
Set-Cookie: CLID=c1bc741c5c5a4825a80c2807cf6d8389.20240118.20250117; expires=Fri, 17 Jan 2025 11:27:57 GMT; path=/; secure; samesite=none; httponly
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-azure-ref: 20240118T112757Z-tbvh8rsa5t7r30z2sz0hnxg56000000000ag00000000gx5b
X-Cache: CONFIG_NOCACHE
Accept-Ranges: bytes
GET

https://www.clarity.ms/s/0.7.20/clarity.js

IEXPLORE.EXE

Remote address:

13.107.246.44:443

Request

GET /s/0.7.20/clarity.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.clarity.ms
Connection: Keep-Alive
Cookie: CLID=c1bc741c5c5a4825a80c2807cf6d8389.20240118.20250117

Response

HTTP/1.1 200 OK

Date: Thu, 18 Jan 2024 11:27:57 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
Vary: Accept-Encoding
Vary: Accept-Encoding
Last-Modified: Wed, 17 Jan 2024 09:38:21 GMT
ETag: W/"0x8DC17400B6A7365"
x-ms-request-id: c12c3f2e-201e-0051-532d-49b357000000
x-ms-version: 2018-03-28
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
x-azure-ref: 20240118T112757Z-tbvh8rsa5t7r30z2sz0hnxg56000000000ag00000000gx67
X-Cache: TCP_HIT
Content-Encoding: gzip
DNS

apps.identrust.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

96.17.179.184

a1952.dscq.akamai.net

IN A

96.17.179.205
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

IEXPLORE.EXE

Remote address:

96.17.179.184:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 18 Jan 2024 12:27:57 GMT
Date: Thu, 18 Jan 2024 11:27:57 GMT
Connection: keep-alive
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

IEXPLORE.EXE

Remote address:

96.17.179.184:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 18 Jan 2024 12:27:57 GMT
Date: Thu, 18 Jan 2024 11:27:57 GMT
Connection: keep-alive
DNS

c.clarity.ms

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

c.clarity.ms

IN A

Response

c.clarity.ms

IN CNAME

c.msn.com

c.msn.com

IN CNAME

c-msn-com-nsatc.trafficmanager.net

c-msn-com-nsatc.trafficmanager.net

IN A

68.219.88.97
DNS

unpkg.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

unpkg.com

IN A

Response

unpkg.com

IN A

104.16.124.175

unpkg.com

IN A

104.16.125.175

unpkg.com

IN A

104.16.122.175

unpkg.com

IN A

104.16.123.175

unpkg.com

IN A

104.16.126.175
GET

https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

IEXPLORE.EXE

Remote address:

104.16.124.175:443

Request

GET /web-vitals@2.1.0/dist/web-vitals.umd.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: unpkg.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Thu, 18 Jan 2024 11:27:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-origin: *
content-encoding: gzip
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "11c8-h8MN9BiDN1TuDYM8xSzz31D62dA"
via: 1.1 fly.io
fly-request-id: 01HGCEPJH9QSNRE66QYRRFWE6E-lhr
CF-Cache-Status: HIT
Age: 4352156
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 84767de8985323ea-LHR
DNS

region1.analytics.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN A

Response

region1.analytics.google.com

IN A

216.239.32.36

region1.analytics.google.com

IN A

216.239.34.36
DNS

stats.g.doubleclick.net

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

209.85.203.157

stats.g.doubleclick.net

IN A

209.85.203.154

stats.g.doubleclick.net

IN A

209.85.203.155

stats.g.doubleclick.net

IN A

209.85.203.156
DNS

www.google.co.uk

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN A

Response

www.google.co.uk

IN A

172.253.116.94
GET

https://region1.analytics.google.com/g/collect?v=2&tid=G-YBEJ94G693&gtm=45je41a0v883799404z8839654729&_p=1705577275052&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=364193609.1705577276&ul=en-us&sr=1280x720&_s=1&sid=1705577275&sct=1&seg=0&dl=https%3A%2F%2Fwww.glasscubes.com%2F&dt=The%20Easiest%20Way%20to%20Collaborate%20with%20People%20Inside%20or%20Outside%20of%20Your%20Company&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4694

IEXPLORE.EXE

Remote address:

216.239.32.36:443

Request

GET /g/collect?v=2&tid=G-YBEJ94G693&gtm=45je41a0v883799404z8839654729&_p=1705577275052&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=364193609.1705577276&ul=en-us&sr=1280x720&_s=1&sid=1705577275&sct=1&seg=0&dl=https%3A%2F%2Fwww.glasscubes.com%2F&dt=The%20Easiest%20Way%20to%20Collaborate%20with%20People%20Inside%20or%20Outside%20of%20Your%20Company&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4694 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: region1.analytics.google.com
Connection: Keep-Alive

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Thu, 18 Jan 2024 11:27:58 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/plain
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YBEJ94G693&cid=364193609.1705577276&gtm=45je41a0v883799404z8839654729&aip=1&dma=0&gcd=11l1l1l1l1&z=1977574773

IEXPLORE.EXE

Remote address:

172.253.116.94:443

Request

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YBEJ94G693&cid=364193609.1705577276&gtm=45je41a0v883799404z8839654729&aip=1&dma=0&gcd=11l1l1l1l1&z=1977574773 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.co.uk
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 18 Jan 2024 11:27:58 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&_u=YADAAEAAAAAAACAAI~&z=565267835

IEXPLORE.EXE

Remote address:

172.253.116.94:443

Request

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&_u=YADAAEAAAAAAACAAI~&z=565267835 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.co.uk
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 18 Jan 2024 11:27:58 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YBEJ94G693&cid=364193609.1705577276&gtm=45je41a0v883799404z8839654729&aip=1&dma=0&gcd=11l1l1l1l1

IEXPLORE.EXE

Remote address:

209.85.203.157:443

Request

GET /g/collect?v=2&tid=G-YBEJ94G693&cid=364193609.1705577276&gtm=45je41a0v883799404z8839654729&aip=1&dma=0&gcd=11l1l1l1l1 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: stats.g.doubleclick.net
Connection: Keep-Alive

Response

HTTP/1.1 204 No Content

Access-Control-Allow-Origin: *
Date: Thu, 18 Jan 2024 11:27:58 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/plain
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&gjid=982763907&_gid=1793948082.1705577276&_u=YADAAEAAAAAAACAAI~&z=851516131

IEXPLORE.EXE

Remote address:

209.85.203.157:443

Request

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&gjid=982763907&_gid=1793948082.1705577276&_u=YADAAEAAAAAAACAAI~&z=851516131 HTTP/1.1
Accept: */*
Content-Type: text/plain
Referer: https://www.glasscubes.com/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: stats.g.doubleclick.net
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Thu, 18 Jan 2024 11:27:58 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: text/plain
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 7
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

x2.c.lencr.org

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

x2.c.lencr.org

IN A

Response

x2.c.lencr.org

IN CNAME

crl.root-x1.letsencrypt.org.edgekey.net

crl.root-x1.letsencrypt.org.edgekey.net

IN CNAME

e8652.dscx.akamaiedge.net

e8652.dscx.akamaiedge.net

IN A

173.222.13.40
DNS

widget.trustpilot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

widget.trustpilot.com

IN A

Response

widget.trustpilot.com

IN A

52.222.191.71

widget.trustpilot.com

IN A

52.222.191.16

widget.trustpilot.com

IN A

52.222.191.101

widget.trustpilot.com

IN A

52.222.191.109
DNS

snap.licdn.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

snap.licdn.com

IN A

Response

snap.licdn.com

IN CNAME

od.linkedin.edgesuite.net

od.linkedin.edgesuite.net

IN CNAME

a1916.dscg2.akamai.net

a1916.dscg2.akamai.net

IN A

88.221.135.104

a1916.dscg2.akamai.net

IN A

88.221.134.88
DNS

x2.c.lencr.org

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

x2.c.lencr.org

IN A

Response

x2.c.lencr.org

IN CNAME

crl.root-x1.letsencrypt.org.edgekey.net

crl.root-x1.letsencrypt.org.edgekey.net

IN CNAME

e8652.dscx.akamaiedge.net

e8652.dscx.akamaiedge.net

IN A

173.222.13.40
GET

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

IEXPLORE.EXE

Remote address:

52.222.191.71:443

Request

GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: widget.trustpilot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Content-Length: 6759
Connection: keep-alive
Last-Modified: Thu, 26 Oct 2023 12:27:20 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Thu, 18 Jan 2024 04:49:22 GMT
Cache-Control: max-age=86400
ETag: "15864ce88fa79a3e954417d0c3396798"
X-Cache: Hit from cloudfront
Via: 1.1 89cb17d5508c310becf7cc7817d0599c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: dFHHhjF5zwip7Kcln-ODPWb9KkzvD1u8S6q0pxUAn8rT4503OfXoUQ==
Age: 23919
GET

https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?businessunitId=51929a4f00006400052c105b&templateId=539ad60defb9600b94d7df2c

IEXPLORE.EXE

Remote address:

52.222.191.71:443

Request

GET /trustboxes/539ad60defb9600b94d7df2c/index.html?businessunitId=51929a4f00006400052c105b&templateId=539ad60defb9600b94d7df2c HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: https://www.glasscubes.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: widget.trustpilot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html
Content-Length: 3697
Connection: keep-alive
Last-Modified: Mon, 08 May 2023 11:40:09 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Wed, 17 Jan 2024 23:53:09 GMT
Cache-Control: max-age=86400
ETag: "83355578cdf883e1c6aef6f07b55893f"
X-Cache: Hit from cloudfront
Via: 1.1 89cb17d5508c310becf7cc7817d0599c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: 6JPhk4T46C4JMgJtPoGJU9efmUp2GAHSMBjlkgrn_rXdF2GWap8tfA==
Age: 41692
GET

https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/main.js

IEXPLORE.EXE

Remote address:

52.222.191.71:443

Request

GET /trustboxes/539ad60defb9600b94d7df2c/main.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?businessunitId=51929a4f00006400052c105b&templateId=539ad60defb9600b94d7df2c
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: widget.trustpilot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Content-Length: 31225
Connection: keep-alive
Last-Modified: Mon, 08 May 2023 11:40:32 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Thu, 18 Jan 2024 03:32:32 GMT
Cache-Control: max-age=86400
ETag: "ca22c561f1c9f617000f630be33bded1"
X-Cache: Hit from cloudfront
Via: 1.1 89cb17d5508c310becf7cc7817d0599c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: uk7gPx3wBJwJEKE-7W5N-NE7Uvc0eoskWIi1xAtf5X0p6D_bttzW0Q==
Age: 28642
GET

https://widget.trustpilot.com/stats/TrustboxImpression?reviewLanguages=en&stars=5&theme=light&styleWidth=100%25&styleHeight=400px&locale=en-GB&url=https%3A%2F%2Fwww.glasscubes.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%206.1%3B%20WOW64%3B%20Trident%2F7.0%3B%20SLCC2%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.5.30729%3B%20.NET%20CLR%203.0.30729%3B%20Media%20Center%20PC%206.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20InfoPath.3%3B%20rv%3A11.0)%20like%20Gecko&language=en-US&platform=Win32&nosettings=1&businessUnitId=51929a4f00006400052c105b&widgetId=539ad60defb9600b94d7df2c

IEXPLORE.EXE

Remote address:

52.222.191.71:443

Request

GET /stats/TrustboxImpression?reviewLanguages=en&stars=5&theme=light&styleWidth=100%25&styleHeight=400px&locale=en-GB&url=https%3A%2F%2Fwww.glasscubes.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%206.1%3B%20WOW64%3B%20Trident%2F7.0%3B%20SLCC2%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.5.30729%3B%20.NET%20CLR%203.0.30729%3B%20Media%20Center%20PC%206.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20InfoPath.3%3B%20rv%3A11.0)%20like%20Gecko&language=en-US&platform=Win32&nosettings=1&businessUnitId=51929a4f00006400052c105b&widgetId=539ad60defb9600b94d7df2c HTTP/1.1
Accept: */*
Content-Type: application/x-www-form-urlencoded
Referer: https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?businessunitId=51929a4f00006400052c105b&templateId=539ad60defb9600b94d7df2c#reviewLanguages=en&stars=5&theme=light&styleWidth=100%25&styleHeight=400px&locale=en-GB
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: widget.trustpilot.com
Connection: Keep-Alive

Response

HTTP/1.1 204 No Content

Connection: keep-alive
Cache-Control: no-store,no-cache
Date: Thu, 18 Jan 2024 11:28:00 GMT
Pragma: no-cache
Server: Kestrel
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Cache: Miss from cloudfront
Via: 1.1 89cb17d5508c310becf7cc7817d0599c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C2
X-Amz-Cf-Id: bkwuBxHf5-4AJ5DS1c90r1Kc5gMG-BPKlalOP3fkacWrDtvfutFWPQ==
GET

http://x2.c.lencr.org/

IEXPLORE.EXE

Remote address:

173.222.13.40:80

Request

GET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x2.c.lencr.org

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: application/pkix-crl
Last-Modified: Fri, 04 Aug 2023 20:57:56 GMT
ETag: "64cd6654-12c"
Cache-Control: max-age=3600
Expires: Thu, 18 Jan 2024 12:27:58 GMT
Date: Thu, 18 Jan 2024 11:27:58 GMT
Content-Length: 300
Connection: keep-alive
GET

http://x2.c.lencr.org/

IEXPLORE.EXE

Remote address:

173.222.13.40:80

Request

GET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x2.c.lencr.org

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: application/pkix-crl
Last-Modified: Fri, 04 Aug 2023 20:57:56 GMT
ETag: "64cd6654-12c"
Cache-Control: max-age=3600
Expires: Thu, 18 Jan 2024 12:27:58 GMT
Date: Thu, 18 Jan 2024 11:27:58 GMT
Content-Length: 300
Connection: keep-alive
DNS

h.clarity.ms

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

h.clarity.ms

IN A

Response

h.clarity.ms

IN CNAME

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

IN A

52.224.31.34
DNS

www.microsoft.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.16.233.202

52.222.191.118:80

www.glasscubes.com

IEXPLORE.EXE

466 B
92 B
10
2
52.222.191.118:80

http://www.glasscubes.com/

http

IEXPLORE.EXE

529 B
740 B
6
4

HTTP Request

GET http://www.glasscubes.com/

HTTP Response

301
52.222.191.118:443

https://www.glasscubes.com/themes/gctheme3/images/logo.svg

tls, http

IEXPLORE.EXE

5.0kB
99.2kB
54
84

HTTP Request

GET https://www.glasscubes.com/

HTTP Response

200

HTTP Request

GET https://www.glasscubes.com/themes/gctheme3/css/carrie_screen.min.css?m=2au

HTTP Response

200

HTTP Request

GET https://www.glasscubes.com/themes/gctheme3/css/homepage-new.css?v=18

HTTP Response

200

HTTP Request

GET https://www.glasscubes.com/custom/OC1/images/tick1.png

HTTP Response

200

HTTP Request

GET https://www.glasscubes.com/themes/gctheme3/css/icons/icomoon.woff?wze4eb

HTTP Response

200

HTTP Request

GET https://www.glasscubes.com/themes/gctheme3/images/logo.svg

HTTP Response

200
52.222.191.118:443

www.glasscubes.com

tls

IEXPLORE.EXE

1.1kB
7.6kB
12
13
52.222.191.118:443

https://www.glasscubes.com/themes/gctheme3/javascript/alltracking.js?v=5j

tls, http

IEXPLORE.EXE

4.9kB
150.2kB
67
115

HTTP Request

GET https://www.glasscubes.com/themes/gctheme3/images/hero1.png

HTTP Response

200

HTTP Request

GET https://www.glasscubes.com/favicon.ico

HTTP Response

200

HTTP Request

GET https://www.glasscubes.com/themes/gctheme3/javascript/page.js?v=1j

HTTP Response

200

HTTP Request

GET https://www.glasscubes.com/themes/gctheme3/javascript/alltracking.js?v=5j

HTTP Response

200
74.125.193.147:443

www.google.com

tls

IEXPLORE.EXE

1.0kB
4.7kB
16
9
74.125.193.147:443

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&_u=YADAAEAAAAAAACAAI~&z=565267835

tls, http

IEXPLORE.EXE

4.4kB
50.2kB
37
54

HTTP Request

GET https://www.google.com/recaptcha/api.js?render=6Le5ME8aAAAAAHD50m6Wum0EaEvNFl8199Nb3Jh4

HTTP Response

200

HTTP Request

GET https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5ME8aAAAAAHD50m6Wum0EaEvNFl8199Nb3Jh4&co=aHR0cHM6Ly93d3cuZ2xhc3NjdWJlcy5jb206NDQz&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fn9rka7y0956

HTTP Response

200

HTTP Request

GET https://www.google.com/js/bg/-b_N4E8g6K3_tsIcGB3290MknJMzMk8ebCzW0Zctc-4.js

HTTP Response

200

HTTP Request

GET https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

HTTP Response

200

HTTP Request

GET https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&_u=YADAAEAAAAAAACAAI~&z=565267835

HTTP Response

200
104.18.41.175:443

https://assets.calendly.com/assets/external/widget.js

tls, http

IEXPLORE.EXE

1.5kB
25.9kB
19
27

HTTP Request

GET https://assets.calendly.com/assets/external/widget.js

HTTP Response

200
104.18.41.175:443

assets.calendly.com

tls

IEXPLORE.EXE

802 B
5.4kB
11
10
13.107.246.44:443

https://www.clarity.ms/s/0.7.20/clarity.js

tls, http

IEXPLORE.EXE

2.1kB
32.8kB
22
33

HTTP Request

GET https://www.clarity.ms/tag/hy304ys9cf

HTTP Response

200

HTTP Request

GET https://www.clarity.ms/s/0.7.20/clarity.js

HTTP Response

200
13.107.246.44:443

www.clarity.ms

tls

IEXPLORE.EXE

791 B
5.5kB
10
11
96.17.179.184:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

IEXPLORE.EXE

369 B
1.6kB
5
4

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
96.17.179.184:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

IEXPLORE.EXE

369 B
1.6kB
5
4

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
68.219.88.97:443

c.clarity.ms

tls

IEXPLORE.EXE

691 B
6.7kB
8
8
68.219.88.97:443

c.clarity.ms

tls

IEXPLORE.EXE

697 B
6.9kB
8
9
104.16.124.175:443

https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

tls, http

IEXPLORE.EXE

1.2kB
6.7kB
12
14

HTTP Request

GET https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

HTTP Response

200
104.16.124.175:443

unpkg.com

tls

IEXPLORE.EXE

746 B
3.4kB
10
9
216.239.32.36:443

region1.analytics.google.com

tls

IEXPLORE.EXE

719 B
5.2kB
9
9
216.239.32.36:443

https://region1.analytics.google.com/g/collect?v=2&tid=G-YBEJ94G693&gtm=45je41a0v883799404z8839654729&_p=1705577275052&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=364193609.1705577276&ul=en-us&sr=1280x720&_s=1&sid=1705577275&sct=1&seg=0&dl=https%3A%2F%2Fwww.glasscubes.com%2F&dt=The%20Easiest%20Way%20to%20Collaborate%20with%20People%20Inside%20or%20Outside%20of%20Your%20Company&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4694

tls, http

IEXPLORE.EXE

1.5kB
6.0kB
10
10

HTTP Request

GET https://region1.analytics.google.com/g/collect?v=2&tid=G-YBEJ94G693&gtm=45je41a0v883799404z8839654729&_p=1705577275052&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=364193609.1705577276&ul=en-us&sr=1280x720&_s=1&sid=1705577275&sct=1&seg=0&dl=https%3A%2F%2Fwww.glasscubes.com%2F&dt=The%20Easiest%20Way%20to%20Collaborate%20with%20People%20Inside%20or%20Outside%20of%20Your%20Company&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4694

HTTP Response

204
172.253.116.94:443

www.google.co.uk

tls

IEXPLORE.EXE

983 B
4.7kB
15
9
172.253.116.94:443

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&_u=YADAAEAAAAAAACAAI~&z=565267835

tls, http

IEXPLORE.EXE

1.8kB
6.7kB
13
14

HTTP Request

GET https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YBEJ94G693&cid=364193609.1705577276&gtm=45je41a0v883799404z8839654729&aip=1&dma=0&gcd=11l1l1l1l1&z=1977574773

HTTP Response

200

HTTP Request

GET https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&_u=YADAAEAAAAAAACAAI~&z=565267835

HTTP Response

200
209.85.203.157:443

stats.g.doubleclick.net

tls

IEXPLORE.EXE

714 B
5.0kB
9
9
209.85.203.157:443

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&gjid=982763907&_gid=1793948082.1705577276&_u=YADAAEAAAAAAACAAI~&z=851516131

tls, http

IEXPLORE.EXE

1.8kB
5.9kB
11
10

HTTP Request

GET https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YBEJ94G693&cid=364193609.1705577276&gtm=45je41a0v883799404z8839654729&aip=1&dma=0&gcd=11l1l1l1l1

HTTP Response

204

HTTP Request

POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9161810-1&cid=364193609.1705577276&jid=1186233462&gjid=982763907&_gid=1793948082.1705577276&_u=YADAAEAAAAAAACAAI~&z=851516131

HTTP Response

200
52.222.191.71:443

https://widget.trustpilot.com/stats/TrustboxImpression?reviewLanguages=en&stars=5&theme=light&styleWidth=100%25&styleHeight=400px&locale=en-GB&url=https%3A%2F%2Fwww.glasscubes.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%206.1%3B%20WOW64%3B%20Trident%2F7.0%3B%20SLCC2%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.5.30729%3B%20.NET%20CLR%203.0.30729%3B%20Media%20Center%20PC%206.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20InfoPath.3%3B%20rv%3A11.0)%20like%20Gecko&language=en-US&platform=Win32&nosettings=1&businessUnitId=51929a4f00006400052c105b&widgetId=539ad60defb9600b94d7df2c

tls, http

IEXPLORE.EXE

4.4kB
53.1kB
34
47

HTTP Request

GET https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

HTTP Response

200

HTTP Request

GET https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/index.html?businessunitId=51929a4f00006400052c105b&templateId=539ad60defb9600b94d7df2c

HTTP Response

200

HTTP Request

GET https://widget.trustpilot.com/trustboxes/539ad60defb9600b94d7df2c/main.js

HTTP Response

200

HTTP Request

GET https://widget.trustpilot.com/stats/TrustboxImpression?reviewLanguages=en&stars=5&theme=light&styleWidth=100%25&styleHeight=400px&locale=en-GB&url=https%3A%2F%2Fwww.glasscubes.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%206.1%3B%20WOW64%3B%20Trident%2F7.0%3B%20SLCC2%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.5.30729%3B%20.NET%20CLR%203.0.30729%3B%20Media%20Center%20PC%206.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20InfoPath.3%3B%20rv%3A11.0)%20like%20Gecko&language=en-US&platform=Win32&nosettings=1&businessUnitId=51929a4f00006400052c105b&widgetId=539ad60defb9600b94d7df2c

HTTP Response

204
52.222.191.71:443

widget.trustpilot.com

tls

IEXPLORE.EXE

844 B
6.6kB
11
12
173.222.13.40:80

http://x2.c.lencr.org/

http

IEXPLORE.EXE

350 B
1.4kB
5
4

HTTP Request

GET http://x2.c.lencr.org/

HTTP Response

200
88.221.135.104:443

snap.licdn.com

tls

IEXPLORE.EXE

395 B
219 B
5
5
88.221.135.104:443

snap.licdn.com

tls

IEXPLORE.EXE

395 B
219 B
5
5
173.222.13.40:80

http://x2.c.lencr.org/

http

IEXPLORE.EXE

350 B
1.4kB
5
4

HTTP Request

GET http://x2.c.lencr.org/

HTTP Response

200
52.224.31.34:443

h.clarity.ms

tls

IEXPLORE.EXE

789 B
5.9kB
10
10
88.221.135.104:443

snap.licdn.com

tls

IEXPLORE.EXE

357 B
219 B
5
5
88.221.135.104:443

snap.licdn.com

tls

IEXPLORE.EXE

357 B
219 B
5
5
88.221.135.104:443

snap.licdn.com

tls

IEXPLORE.EXE

288 B
219 B
5
5
88.221.135.104:443

snap.licdn.com

tls

IEXPLORE.EXE

288 B
219 B
5
5
88.221.135.104:443

snap.licdn.com

IEXPLORE.EXE

242 B
144 B
5
3
88.221.135.104:443

snap.licdn.com

IEXPLORE.EXE

190 B
92 B
4
2
52.224.31.34:443

h.clarity.ms

tls

IEXPLORE.EXE

821 B
5.9kB
10
10
52.224.31.34:443

h.clarity.ms

tls

IEXPLORE.EXE

769 B
5.7kB
9
9
52.224.31.34:443

h.clarity.ms

tls

IEXPLORE.EXE

821 B
5.9kB
10
10
52.224.31.34:443

h.clarity.ms

tls

IEXPLORE.EXE

821 B
5.9kB
10
10
52.224.31.34:443

h.clarity.ms

tls

IEXPLORE.EXE

821 B
5.9kB
10
10
68.219.88.97:443

c.clarity.ms

tls

IEXPLORE.EXE

723 B
6.7kB
8
8
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.8kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.8kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

785 B
7.9kB
9
13

8.8.8.8:53

www.glasscubes.com

dns

IEXPLORE.EXE

64 B
128 B
1
1

DNS Request

www.glasscubes.com

DNS Response

52.222.191.118

52.222.191.69

52.222.191.105

52.222.191.47
8.8.8.8:53

www.google.com

dns

IEXPLORE.EXE

60 B
156 B
1
1

DNS Request

www.google.com

DNS Response

74.125.193.147

74.125.193.99

74.125.193.105

74.125.193.103

74.125.193.104

74.125.193.106
8.8.8.8:53

assets.calendly.com

dns

IEXPLORE.EXE

65 B
97 B
1
1

DNS Request

assets.calendly.com

DNS Response

104.18.41.175

172.64.146.81
8.8.8.8:53

www.clarity.ms

dns

IEXPLORE.EXE

60 B
240 B
1
1

DNS Request

www.clarity.ms

DNS Response

13.107.246.44

13.107.213.44
8.8.8.8:53

apps.identrust.com

dns

IEXPLORE.EXE

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

96.17.179.184

96.17.179.205
8.8.8.8:53

c.clarity.ms

dns

IEXPLORE.EXE

58 B
145 B
1
1

DNS Request

c.clarity.ms

DNS Response

68.219.88.97
8.8.8.8:53

unpkg.com

dns

IEXPLORE.EXE

55 B
135 B
1
1

DNS Request

unpkg.com

DNS Response

104.16.124.175

104.16.125.175

104.16.122.175

104.16.123.175

104.16.126.175
8.8.8.8:53

region1.analytics.google.com

dns

IEXPLORE.EXE

74 B
106 B
1
1

DNS Request

region1.analytics.google.com

DNS Response

216.239.32.36

216.239.34.36
8.8.8.8:53

stats.g.doubleclick.net

dns

IEXPLORE.EXE

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

209.85.203.157

209.85.203.154

209.85.203.155

209.85.203.156
8.8.8.8:53

www.google.co.uk

dns

IEXPLORE.EXE

62 B
78 B
1
1

DNS Request

www.google.co.uk

DNS Response

172.253.116.94
8.8.8.8:53

x2.c.lencr.org

dns

IEXPLORE.EXE

60 B
165 B
1
1

DNS Request

x2.c.lencr.org

DNS Response

173.222.13.40
8.8.8.8:53

widget.trustpilot.com

dns

IEXPLORE.EXE

67 B
131 B
1
1

DNS Request

widget.trustpilot.com

DNS Response

52.222.191.71

52.222.191.16

52.222.191.101

52.222.191.109
8.8.8.8:53

snap.licdn.com

dns

IEXPLORE.EXE

60 B
164 B
1
1

DNS Request

snap.licdn.com

DNS Response

88.221.135.104

88.221.134.88
8.8.8.8:53

x2.c.lencr.org

dns

IEXPLORE.EXE

60 B
165 B
1
1

DNS Request

x2.c.lencr.org

DNS Response

173.222.13.40
8.8.8.8:53

h.clarity.ms

dns

IEXPLORE.EXE

58 B
139 B
1
1

DNS Request

h.clarity.ms

DNS Response

52.224.31.34
8.8.8.8:53

www.microsoft.com

dns

iexplore.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.16.233.202

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
25e52bb4c1a86f766a38198c5c9f5d3e

SHA1
0197db4df7ce36245745eff8143681586d190bd1

SHA256
26fad341f9f03e63f12405414c22207d2c146a8a0348d16a6593c540e8efd23c

SHA512
fc8fdf613c49d58c6341db2ed873bb14bbdc14c4a0bc878b834fe6afb9636b296644770bff7e11fb0e2f42ef09c544f177028b54a684786052238f205df3f72d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
c10d104d431e9a4cd2f2e75d3ce465d1

SHA1
bbe6c09bf883330cedfaf3e11b79ff17a701300e

SHA256
f2afe3237e06f282b3641f616353f7f263cfc76136904b52b1a88b07f246ea65

SHA512
6b82ceb58b0e3c786a27fe9c38f36a30d237b1b7177c9be37fa368a6887be4184782889a01a428008fe2a09b05dad6a5b25e02752bb774efc20b3d36f02d0de0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9717ddc711adf4b8a616a5643868c040

SHA1
03074651ab30c5dfb3932b023fa688f581ba1827

SHA256
cd877aa2355cdee6e17f6720b3792969f718f45ede967bb092d1e7563b3ee4ef

SHA512
ce0e2983cc927deefda70b4a33c59309852dd7c28943a77f57117ce2dc78bb808138ed72f24dac01f401fb30bae114dd6a4c3d340bf901dcc9251baecbf0bcf8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c718208b3d9619fdd19ae8d4abce9dac

SHA1
23a2d187d8796938c998add05c338872c13ff50d

SHA256
a04267d2481cf64527b6087f97917ca69e8f631bc6e1f848689e25ba70c0d118

SHA512
cd63f68c3ee28b6721afd2fa464ed9808c1e4de87c6cc207e3727cb9786c5ed567fdf78e03ce592d621a98e56800ecb3c418b1ed98abaee3816b186f7aa86bfd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e55a32d5e4a5d2aa081a621455b6b094

SHA1
dc92c56f132f95f2e0ca9f8fa37991064a92c848

SHA256
2feda0a00de7c5f922a279531439b97b20383b9dc16857bc03ed143156bd56cd

SHA512
69e5f6fca9cd8b127bb066162d52e2baa5fd9e6814e379c5fb411959148c1986a49302bf589cc31e32e2ea2aa5ef1fda3b61b1751de24a24b730da53ca854147

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
499fe0c5e42a82bffa72b9e92495d9ff

SHA1
d64d6da98bf661e8f6958f4c10fbd7ac63aa20d6

SHA256
e94f051205144528b18687fd7a40298eb814536e2a96e0f31cedb59e7e0d3baf

SHA512
6deeb75d65f7b0b5634c07c8e1b90a154311e3e0be29f979f545780e4d9a406279539310189e488f8ea601735e65d24f8045ef34a7c6584f182b41fa6386d5c9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d5e855f26863d8d5b5d28f44987fbc90

SHA1
53d7d6500d57d1bb83472c637ce7cc3bcb4aa643

SHA256
fae41a00548c52bdb16359ea4c9f5b4d57aecbfeed0a217968d12e8f585b02a6

SHA512
ff1d83fc3a70a46abfe13d10845a1361b0c6c86ed17f6aa695ad9120a829edd2192d95493fb28bad398da6a640bef7e82064f6810f1ade6b092cfe40248329f0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ef48f6222c71084c6b44b4526d21e529

SHA1
d9e33249dfed3b42b454c6223225cbc92f20b613

SHA256
75834bd09f54d3800bdddf27e25c0162944874f8f3e44294f11109b4c286a4a7

SHA512
fbd4487a630f8ca3e6d380acea920cd197805bf2de9cd1e67a3dcd11c64238e83cde3c04907774d61879b556b5c3ef42a6e04f6d11a612220f0d8b430eb7d971

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ee54184e7755b5ba37a711c8d0b42f68

SHA1
924a5044a0be8ab77e6d8d53cb511e08e3b34b17

SHA256
65cf715bd1ea281748bed728829ba2afacdc3bd05cece0a727625e78c359c391

SHA512
11508ab75f9620ca6b1f74e78a5511970a606ca3df51db37fec32d058224a9af04f4ca5c94b2ba3c2849bac852b76791a2fa8a21db5531f51bf1af12c6a402ab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7c13706697eb321c7cd5fd01190712f3

SHA1
8982f64d23db085ba8733a68903fc612847fb15a

SHA256
4b2ff0049852fa7248bb84cdb27846249c3c6359a1392a0315c719b0288abcff

SHA512
a9e9ee4f8d167a50be48a9bdf37556fb8bf2ce4268522b07b3640e3fffa06f29be77cbc718819716e7ab6e4d1f0e4a4a02f037e27bc6d094990606e5bd3d29d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a351260a2a5ffd6beacd5a29597229ac

SHA1
6948a78c5976b491d2085c1a7675d4510aa24395

SHA256
6b5cf66f1d9d9541be734ab2ad07477ae02d5a4404c2ccd313538a678497273e

SHA512
5c54d2f075cca218555898c525e9e2cf3cb552c4fbac6dc4162350e5dd133611d3d77b05c4c56c1a678d4e8380346d302acff7b2dc559b614ea0690f7217e64f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2bec3d6bbfe2a19e763b8244e38f378f

SHA1
d432f7deba7444abb193bebe65679c40bf8b6e8f

SHA256
7dc1852cbe9c8e6f598d8c047a274df773b76231e1282f3d5c0036513d25363d

SHA512
cd80fd49f56b31f7c4246c2ba818988fdde8d8b0e9f6f46d133b3d5642260860ba1541c97c537f2ed0ac09591b1540fd9d72aee0ac2fe34ed5a08be0c407e205

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5d2f8da2b754ff49bd5cc69705d904e4

SHA1
529b78d329af5902faa2232453475c3af439b6cc

SHA256
f2d9c54cbe37d72510c5212ab7338f548172c668d56c5ef43b467ad96f54d120

SHA512
4e52816f02546d26e1b66a429c765115aec4dc71b34fbdfe19e40ed8bec92a9606c7903480a5c9e1d6eb8700a3f38fd6a365dddb510beaf1027ad0abd3f13ffd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c71eadba5f03b69268422c5721fde4a3

SHA1
7ae46df713c3f17597945649639017d7c36df293

SHA256
373c8574d7a8909681ce72c7622fef359cef9b834ce6e45822452bf2c9e9c2bc

SHA512
2c691f08c9e727d97545b8cae53a1f7730fefd893a753557fa8738f86fcad27527c39ba38f8ee0066aab39b948fd1a516534fc59151562d3c922e06ce765efa0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a0410537daa1727b8755f344c4bedd91

SHA1
7f007cc95df43e2990a9c2ea19e61e94872a9a45

SHA256
d3bb11b4e17d32e925de8e571c5b4e50a04ca41d736ef09e921eeadff8f99eb9

SHA512
a2d1955754a1fc1c3e685a7db7b0b8cf96db2334562ec8609c7d83cafd6489e08d3b65f0ac511fd1839d94d4d517827391d0ba85434171aaa853ca3b17ba7ad1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5ec80e48b78dac22ba51a409d981d34e

SHA1
c3e5211894e47a7bed1b976a1bdf61451482e6c0

SHA256
17d73af0ea31bdaffda985d924666056037aedd531dabc72b6fae632878d1199

SHA512
8bbd1636f7183213687f08ff5fe76dfbaeea202d9ea5c985b77e48ba89bafa75f68918b3a9c6a1b1a8256834a22df5f903463b1b4930652673461328d6a82ebe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b90d25383a7598c5d703ed72eabb669b

SHA1
d26139a1fe11bc09757d1902464f4400565b3158

SHA256
9732d8892d749f86d0cb8aff90224e528094cc3bb2784b7aef201039570adce4

SHA512
438174fb628740bef574a7f5c2f321e3d2b720c5b6a5c20b52c3d964e599c901fb8401ab28268b56aba98615e4b1c82cba91503826c622dc3822a33ecfd156cb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c52eb7f8000da7f707db57d956056516

SHA1
f7e287adcba178745a6184de4fc5b54aeef47e2a

SHA256
84cce60238f9231be0a58ab47eb17f40e163c7ad2265c059df343521e4c4e2cc

SHA512
3b1d853dff8cded98eefdad2c7ddf02440f1edafd7db6cd8d88fa6e2188d8e9c13b8a8722e7c355e82e34f91be2421703ee0f64e82ee7ef5e9e9a17e6db9998a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1965ffcd94b3205b3a372f3a25e3c881

SHA1
ecf962043b359882987c539119260214f8d43f63

SHA256
e2edb675536cc9ada63e213d118cc4b7973a2f7836d81bf778ce71018d20ed2b

SHA512
fd8fe4cfcd6670274ddf14440653f4684ff08abe2b28e1a2b6c187cfe62ab41d40d2183409ec1d9be99057bfe647292c8e5d123ecb8b96968ff40b556911a2b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
49db9e8c20b9502fcfc9e767e798ffa2

SHA1
ef7dd5bd948e8da1b30782a3d59fc10edc162dce

SHA256
84c2cf042f59ea3f091a3db6978bad5886d32216dc3baadd994c60fd12a5153b

SHA512
70774b1aafd6a604401b022b08c3dc27b942f469bfcaf7ae03cf2d5deaf19b8d84ed6f64e244e5c65b68b82c96aa5cde2489a35266014f3c3b7be4dc5f7efb6d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ba8c4b8e4c57eb40ca9e0f7b58406d75

SHA1
804a95908ab17b031b96aaa9e36ad825b1fb0e4e

SHA256
2e0834366f6f4670fe4312ae53cfbc45a50a14a5f4acd8bc40b6ef30c1fd94bf

SHA512
076023e2b0e5ad8e59d57a4213ebdf8e62b91cef7eae57e8703a2c86d64fc92d0c477fad9bd01874113c49b214ab9f88e088a921a09ef0fbd7418b996defeed2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cbdfcee30a367471a9a214ccd6301eca

SHA1
37be246dda9efcf7c632a664360e33cf94ede59a

SHA256
187a4cdf2963760b74956d245f05a96743982bf46bbd313741fc37f7c9e993e7

SHA512
c049c92e984d1cc7ec2ba5700db20edeae04ec6f3cbb5ef126763f680e9c23631b398d2542227b79c1a02cafad8cdf85a26f4bd4810f3879af58a954d29b7367

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d28883321ebb7b49977e0b1325e300aa

SHA1
fa5306413e1b7aa62ce84cda733dbe0c0131ca41

SHA256
ddfd1a3a1cea778ede2cd4b5ed9359d92318f47d54245b85391403df3ae59d94

SHA512
ed4f7265c145e0eefedd6fe443e91b99bb372726e2bfea20fbe4111b5417597fae3812229289e4dc53834929411583dad9dd9e7820fbc460312b70d1a610ea68

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
14d674be525c0cbdbaf36a9715264adf

SHA1
e5e20a8b0c8fb04dd827b75994d0c0d3ed68c9e1

SHA256
f86142d9b22648d30cf1cb4cc2efd117fab5073f854f29d6907dc061a79c8492

SHA512
cd10a454e99396cb144f87b496403b497684e46edbae7eb92bd8045a2405200c5701c77616d10378b3b22862f05e6eef59aee72560603491163d0fbf173f28e4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0bdf14e0fd74cb83db712c78eed0eeda

SHA1
4300ca42cb1f436d20eb9ac9772797471e49b41f

SHA256
aac055c084ce42bd4fe37b114608ebcadd433830f09e7a7f06e674377dc2687d

SHA512
08e70a2aca6b094ebf70de9d139e0265d7ea23eb47f243b2a4147444eeb38db026824508a5129bb9d6fb6ec1c93dcf14df92b85afcaaffb05fe4372904339367

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
2b3e0b66190c4fc848ebd3bae878ccfe

SHA1
11c67efdd459559744aee7247a8908b22f114af2

SHA256
89c0d2142117c298e7d5635f5a46fa328bd486a8308b3e034923c1519a544da5

SHA512
3e7a1ee24a21cb2f2edfc778c7fe9c673c0c3022bc794635a8e8bc299dbf1650dabb146b0d726c30bd150b5b41e554710d4be68729300b80391fab602e6a0f55

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
70246a558f87a66e6fa5d8134306bd0d

SHA1
2c857f400d46bdeeec9614d359dc8518e3fd984b

SHA256
9459696958210b719634b992aa1052ef5f61dab09a72736cea1928e26f909cca

SHA512
3eb45007ad28305712716a2f1f14d46ea55c64d7813d54dad5d9825d767e079fb64b030f95f55dd971d8098fd1e350509a8057183f6485236d2919047b5b82ec

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
272aeea42ecec882473f97185d9ff306

SHA1
21e771f9734d74fb9da45182e3ce37211e587fdc

SHA256
d718710d6de40b9e1b9507e3844e7f22df5cded8c77a9f879a66c1782872cda2

SHA512
a00ae839a179a97133c0b64ba463e1cac7ca2fe6221574046f5d812d64f37434a5b3e54a6a3005619417ab0a28d3aca8ea2e7f762577a4bdc061dd113d1035d4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
df942613352129808ddd215863c6a626

SHA1
c2e006797db23aa15203f41f50f2d62175e96a6c

SHA256
fa3671765db9bed948622e485f0ce74ae4dd37f1de5c408b60f5474609ffd2c5

SHA512
f1abe6993ba7e2d5c2860cbc6202ae2c109b1342304a26acaa5678942b02fa7cf90edb268a5e46dc964d1b18b46f202c56f87293d5eb16eacb7bcfb94bf287b0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e4832c3b6ab0928015ce05cbb007b297

SHA1
0ae058ad23bf8d71d8a8e5f8efcc6333e214a512

SHA256
d1b77b7b671a76776b744c2379f30a9f291f1e4f29d05900b95ba1393c95ca47

SHA512
8ed49ce25b04e17edcd762eaa57394cae8915d00e7399eb998bea96c97af20f75f23e19f740d82e636240ade209bb665236659148f516daae70151601bcc468b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b4b64fbbc8289991b461d67fed19fae4

SHA1
315d2d5ed87a4492f932ec0248849b0c7d3ae19e

SHA256
318f0ed9f2fd739b8c7772215311aee856616233480d3ed326fe985438a657d5

SHA512
86ee32d2b79f4aef0c84f09030e2ff62e54c68f542f772b45d7e15668a94930fb7b53cf875e134ab8f19c51e09aa9e21b65ab70fc319c8a86eab4a8b777adc81

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fb5bb1562f4c9d8b4ab63b8a7e587081

SHA1
032252c3924e0b54d358f9c408bdb3f1392f311f

SHA256
a8ab1b6da7f153cfa4932a7deeae6d00c569f50e759b9937edff1fe4f65df531

SHA512
3cc548846bcf4fca06a74aac5cc41a1294ea36fa576eb5f5bc8624687106060a6ee4a897eee730fbef050a36b99a352adf17d1e283501618c86ea9b8ecb6c114

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5778459ac1544d290624abb6ae5f4cd0

SHA1
0ac9675b2c811be038fe6bda58efd5994fd56c99

SHA256
7862d06f97a5b8c2f70dcb688246df678b2400042eee7b27fdc2b54e2a9b613c

SHA512
5d10b722e19c21288cd8da18d0193bdfee8663350783f781ea48fa67d96e3c5ead6fcf59480d567789b030a390f4e35512748b474e2f6607f7eae6754f09c53d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b040e4c16c41e5a015a30b7916cfa24a

SHA1
c3fc0fd2e4eb4444341a9c868e0fb5b72bc8d8b3

SHA256
55fb38db29cecfcf61f0eaa0e17ebf5ec9388009c3ed51b4bb6b2f13b0550f9c

SHA512
ead27b13f4845a34f94747f0478898decfb1e6cdd4f19820f257f5bde961d3f3a1800134932ae0b998b090571a13bb93df6ceeb82e6cdb87a9e13f754d9d7f5f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
51f2f6463cdae6e3cbdfac70c3757dac

SHA1
99fb536c4187c72f84755e52c47cd07e540de062

SHA256
8eca692a74569bffd0ab008034eaeec7946db210f4a485cb2a7f473794120388

SHA512
73a85e5daac242d1c307758f251a3bbbfbec585dc51794f68b8cff223ebdbf9d9921acbbfb28701d2e1807b528727a21ba78fb7613979711c1ccd19376c39bb8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
a5b3c9b3318035a17da31bbedfb282eb

SHA1
81968191732edec87be392363e480a21be0be7d0

SHA256
a19aa4794c211fc610befcdc31a953aa0053e97bfa549b5270e6cba50498b02c

SHA512
f63c133bb53308fbe0f80214cd3f40b8a342e2d1412d08c64d4a9f725811797c38fe488a18358864d2b7daff0529ded339595b36fc9f83ee30de160973cf636b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0ptx2pp\imagestore.dat

Filesize
469B

MD5
1074881a3e76f3ae0226d697ee88ac16

SHA1
a7bda39742a5250d307d644d385dfb2093f303dd

SHA256
af37154670906b78d2044e930a29b201d037744043807791f272d61b6d8abc94

SHA512
796f36ec1822cfcc039f52d817791610e37005884fde071d1cd21675dd87ed8b4b6bbfa5040fd91b067d8b8bac079712fce29eb21e26e7403df3fd86100cc132

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\recaptcha__en[1].js

Filesize
503KB

MD5
f989b2a4486b04edff93aef40f36584e

SHA1
02234ba0b3dda2cccd38470f35da5494069b1186

SHA256
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

SHA512
d725f9b39f13794bf0ce57f5821a49eecf2a0b55c73efbf218826c9f001514fe5c6fd290d553638c36ebc7d6bd0fab29c0307f00e894ab9d0353093e2288752f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\favicon[1].ico

Filesize
347B

MD5
7a02c5b8780c2b732edea25a6370468d

SHA1
519a843a25c43c996cf8250c8979d733467063c8

SHA256
3cd328316ddc04633021be75d740641432c86706132ef8d7ae46f3cf8c1b2b2c

SHA512
56e1dae8dd1fe12d8d988dd2d32145e35ed43160b68402af77372ac3dfb3add5b336619067669d59494cb65ad70a6a6cb6c5db23516ba82e4ade8710fcd618db

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab7F8E.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar8230.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request