9be728ee12471a873a602e6b068ab08923e8dfa9c4230d6c7dad90484d42da93

Resubmissions

29/03/2024, 09:46 UTC

240329-lrlkesfa53 1

29/03/2024, 09:43 UTC

240329-lpx6fafa25 4

Analysis

max time kernel
98s
max time network
108s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
29/03/2024, 09:46 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

.html
Size

85KB
MD5

7fc524ae1c3e49ce733a01ffbad3c473
SHA1

5a747aaaf02a77d4cb8bf47c94b6260c75af0a12
SHA256

9be728ee12471a873a602e6b068ab08923e8dfa9c4230d6c7dad90484d42da93
SHA512

38a5e36ce41d98b70a59e2190cdcc220c412d958bf7de548ad8523bfec2290c8df426e4982b4b397b33ee2e8fb61c0eeb878ed0a384577f545d11e9baad4eadc
SSDEEP

1536:ittKoapvFeWilL14eWbvj/XBEehwia9Eys+/q4Y26Z2eDq:ittKntJqwHXeehwiaSm/Z6Z2p

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\.html
1⤵
PID:4328

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=5104 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:1
1⤵
PID:3556

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4984 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:1
1⤵
PID:4192

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5300 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:8
1⤵
PID:1872

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5984 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:1
1⤵
PID:1788

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5472 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:1
1⤵
PID:3248

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=4924 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:1
1⤵
PID:2264

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=5700 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:1
1⤵
PID:416

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5860 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:8
1⤵
PID:4196

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=4000 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:8
1⤵
PID:2140

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5856 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:8
1⤵
PID:740

Network

DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-2.ukwest.cloudapp.azure.com

prod-agic-uw-2.ukwest.cloudapp.azure.com

IN A

51.140.244.186
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-3.ukwest.cloudapp.azure.com
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN Unknown

Response
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

a.mailmunch.co

Remote address:

8.8.8.8:53

Request

a.mailmunch.co

IN A

Response

a.mailmunch.co

IN CNAME

d3ar2nimg19ie1.cloudfront.net

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.109

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.61

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.23

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.2
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

88.221.134.17

a416.dscd.akamai.net

IN A

88.221.135.81
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.186.68
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN Unknown

Response

www.google.com

IN Unknown

h2h3
DNS

connect.facebook.net

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.221.16
DNS

connect.facebook.net

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN Unknown

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net
DNS

152.33.115.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

152.33.115.104.in-addr.arpa

IN PTR

Response

152.33.115.104.in-addr.arpa

IN PTR

a104-115-33-152deploystaticakamaitechnologiescom
DNS

186.244.140.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

186.244.140.51.in-addr.arpa

IN PTR

Response
DNS

227.184.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.184.250.142.in-addr.arpa

IN PTR

Response

227.184.250.142.in-addr.arpa

IN PTR

fra24s12-in-f31e100net
DNS

137.241.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.241.123.92.in-addr.arpa

IN PTR

Response

137.241.123.92.in-addr.arpa

IN PTR

a92-123-241-137deploystaticakamaitechnologiescom
DNS

217.169.138.141.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.169.138.141.in-addr.arpa

IN PTR

Response

217.169.138.141.in-addr.arpa

IN PTR

s217webhostingservernl
DNS

202.185.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.185.250.142.in-addr.arpa

IN PTR

Response

202.185.250.142.in-addr.arpa

IN PTR

fra16s52-in-f101e100net
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

68.186.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.186.250.142.in-addr.arpa

IN PTR

Response

68.186.250.142.in-addr.arpa

IN PTR

fra24s05-in-f41e100net
DNS

232.181.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.181.250.142.in-addr.arpa

IN PTR

Response

232.181.250.142.in-addr.arpa

IN PTR

fra16s56-in-f81e100net
DNS

78.186.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

78.186.250.142.in-addr.arpa

IN PTR

Response

78.186.250.142.in-addr.arpa

IN PTR

fra24s05-in-f141e100net
DNS

16.221.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

16.221.240.157.in-addr.arpa

IN PTR

Response

16.221.240.157.in-addr.arpa

IN PTR

xx-fbcdn-shv-01-lhr8fbcdnnet
DNS

www.facebook.com

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.221.35
DNS

www.facebook.com

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN Unknown

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.186.68
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN Unknown

Response

www.google.com

IN Unknown

h2h3
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.186.68
DNS

171.238.32.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.238.32.23.in-addr.arpa

IN PTR

Response

171.238.32.23.in-addr.arpa

IN PTR

a23-32-238-171deploystaticakamaitechnologiescom
DNS

35.221.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.221.240.157.in-addr.arpa

IN PTR

Response

35.221.240.157.in-addr.arpa

IN PTR

edge-star-mini-shv-01-lhr8facebookcom
DNS

67.185.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.185.250.142.in-addr.arpa

IN PTR

Response

67.185.250.142.in-addr.arpa

IN PTR

fra16s48-in-f31e100net
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

104.115.33.219
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

a.mailmunch.co

Remote address:

8.8.8.8:53

Request

a.mailmunch.co

IN A

Response

a.mailmunch.co

IN CNAME

d3ar2nimg19ie1.cloudfront.net

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.2

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.109

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.23

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.61
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

67.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.31.126.40.in-addr.arpa

IN PTR

Response
DNS

104.219.191.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.219.191.52.in-addr.arpa

IN PTR

Response
DNS

nw-umwatson.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

nw-umwatson.events.data.microsoft.com

IN A

Response

nw-umwatson.events.data.microsoft.com

IN CNAME

blobcollector.events.data.trafficmanager.net

blobcollector.events.data.trafficmanager.net

IN CNAME

onedsblobprdcus16.centralus.cloudapp.azure.com

onedsblobprdcus16.centralus.cloudapp.azure.com

IN A

104.208.16.94
POST

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

Remote address:

104.208.16.94:443

Request

POST /Telemetry.Request HTTP/1.1
Connection: Keep-Alive
Content-Type: application/xml
User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
MSA_DeviceTicket: t=EwC4AlN5BAAUu1V9OkIAK55tj6h8OjaXgvkszYkAAaF3IGMsQU4vWd1rwk6C/31l9Kd7shN34eg9YniMgfZmwdkY2Nc08oiHkloKfDueBNc3OHNH2ba+S6Di0WNtl5HSxuZ6BRY7xckskSEycUi1aVA6gXwkXRY52J6kaprwiRYtLcFbryTDxazDdlHcDPuISI2JSrItUN9dRRpbgh53fPpJMvZYoROqVwsMVEj5bv3z1wHn0TeJz9cqibmNQxgWBSmnSwrRS1NPr7lxCh8EGhk4ps80nJwlg2kszZJosfirn0Yfv+vyLJT/TwgN4DoG+VW7II18ends+p6YHjo6knjcV/v095wyPxNmLrBoJlYpYcrMIPKQNCmN9PueE2oDZgAACD0kI08ypBtMiAFsuREk6tUCiM+s9VTHu4WQEdtsLHFI6Z5AtwyJHicZQ84YcgqRL+Ndph2COJb/buwnE3WQ18Wg+jynXRSZUzfCKKVioiHDQ0qYmo/HjT95TdNZSgwe0yhGdcPmLHtuDVs7EK/hoV6Bny9iWOFCSRJwkzdMYuwfFvh34cQf/UQH8EdNkrF3BylAQJYsGoH/lSYbEP8TmNa27SDnhCItHnP7oE4lzC3lI5n8y/Olypjkr7onsC+jXCw0y9poMDg0/gbU1cKr7j5qr9uozrP/crddSJR7RbzQUdjeJqg6BYCGjqIAj4l1VJoLoV0UZeGQRyK2qrOZD6uKrkFLAX81GS1aQhkRG1D40/ksWvw2PXJPlBLP2o9x/wPqWFVHWMNkG+AowSIVRGqOFLYgTgYdLZi19Xu7M8KKLKDk+wq9NyyihYbY3+AL7wFJ5nR34iaCOdJ4gVvupkEyKifVvkPI+a4POsrPIJHp/cGtj3Cj1xTAmBG9x8qxr3GtACU8wuj9JTg3s9dOJBXZe7gB&p=
Content-Length: 3683
Host: nw-umwatson.events.data.microsoft.com

Response

HTTP/1.1 200 200 OK

Content-Length: 634
Content-Type: text/xml
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Date: Fri, 29 Mar 2024 09:46:38 GMT
DNS

94.16.208.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

94.16.208.104.in-addr.arpa

IN PTR

Response
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

43.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.229.111.52.in-addr.arpa

IN PTR

Response
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

18.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.134.221.88.in-addr.arpa

IN PTR

Response

18.134.221.88.in-addr.arpa

IN PTR

a88-221-134-18deploystaticakamaitechnologiescom
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN Unknown

Response
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.186.68
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN Unknown

Response

www.google.com

IN Unknown

h2h3
DNS

a.mailmunch.co

Remote address:

8.8.8.8:53

Request

a.mailmunch.co

IN A

Response

a.mailmunch.co

IN CNAME

d3ar2nimg19ie1.cloudfront.net

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.109

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.61

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.23

d3ar2nimg19ie1.cloudfront.net

IN A

52.222.149.2
DNS

a.mailmunch.co

Remote address:

8.8.8.8:53

Request

a.mailmunch.co

IN Unknown

Response

a.mailmunch.co

IN CNAME

d3ar2nimg19ie1.cloudfront.net
DNS

connect.facebook.net

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.221.16
DNS

connect.facebook.net

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN Unknown

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net
DNS

stats.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

142.251.173.155

stats.g.doubleclick.net

IN A

142.251.173.156

stats.g.doubleclick.net

IN A

142.251.173.157

stats.g.doubleclick.net

IN A

142.251.173.154
DNS

stats.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN Unknown

Response
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

www.google.co.uk

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN A

Response

www.google.co.uk

IN A

142.250.185.227
DNS

www.google.co.uk

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN Unknown

Response

www.google.co.uk

IN Unknown

h2h3
DNS

region1.analytics.google.com

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN A

Response

region1.analytics.google.com

IN A

216.239.32.36

region1.analytics.google.com

IN A

216.239.34.36
DNS

region1.analytics.google.com

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN Unknown

Response
DNS

ajax.googleapis.com

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.184.202
DNS

ajax.googleapis.com

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN Unknown

Response
DNS

109.149.222.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

109.149.222.52.in-addr.arpa

IN PTR

Response

109.149.222.52.in-addr.arpa

IN PTR

server-52-222-149-109cdg52r cloudfrontnet
DNS

155.173.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

155.173.251.142.in-addr.arpa

IN PTR

Response

155.173.251.142.in-addr.arpa

IN PTR

wi-in-f1551e100net
DNS

227.185.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.185.250.142.in-addr.arpa

IN PTR

Response

227.185.250.142.in-addr.arpa

IN PTR

fra16s53-in-f31e100net
DNS

36.32.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.32.239.216.in-addr.arpa

IN PTR

Response
DNS

www.facebook.com

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.221.35
DNS

www.facebook.com

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN Unknown

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com
DNS

streaming.jsonmediapacks.com

Remote address:

8.8.8.8:53

Request

streaming.jsonmediapacks.com

IN A

Response

streaming.jsonmediapacks.com

IN A

104.21.13.191

streaming.jsonmediapacks.com

IN A

172.67.133.18
DNS

streaming.jsonmediapacks.com

Remote address:

8.8.8.8:53

Request

streaming.jsonmediapacks.com

IN Unknown

Response

streaming.jsonmediapacks.com

IN Unknown

h3h2h ��C� &G04h �&G04�C�
DNS

forms.mailmunch.co

Remote address:

8.8.8.8:53

Request

forms.mailmunch.co

IN A

Response

forms.mailmunch.co

IN CNAME

forms.mailmunch.co.herokudns.com

forms.mailmunch.co.herokudns.com

IN A

52.204.242.176

forms.mailmunch.co.herokudns.com

IN A

54.157.58.70

forms.mailmunch.co.herokudns.com

IN A

18.205.36.100

forms.mailmunch.co.herokudns.com

IN A

54.162.128.250
DNS

forms.mailmunch.co

Remote address:

8.8.8.8:53

Request

forms.mailmunch.co

IN Unknown

Response

forms.mailmunch.co

IN CNAME

forms.mailmunch.co.herokudns.com
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.186.68
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN Unknown

Response

www.google.com

IN Unknown

h2h3
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.186.68
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

202.184.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.184.250.142.in-addr.arpa

IN PTR

Response

202.184.250.142.in-addr.arpa

IN PTR

fra24s11-in-f101e100net
DNS

191.13.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

191.13.21.104.in-addr.arpa

IN PTR

Response
DNS

64.66.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.66.18.2.in-addr.arpa

IN PTR

Response

64.66.18.2.in-addr.arpa

IN PTR

a2-18-66-64deploystaticakamaitechnologiescom
DNS

176.242.204.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

176.242.204.52.in-addr.arpa

IN PTR

Response

176.242.204.52.in-addr.arpa

IN PTR

ec2-52-204-242-176 compute-1 amazonawscom
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.186.68
DNS

www.fairwork.nu

Remote address:

8.8.8.8:53

Request

www.fairwork.nu

IN A

Response

www.fairwork.nu

IN A

141.138.169.217
DNS

40.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

40.134.221.88.in-addr.arpa

IN PTR

Response

40.134.221.88.in-addr.arpa

IN PTR

a88-221-134-40deploystaticakamaitechnologiescom
DNS

0.205.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.205.248.87.in-addr.arpa

IN PTR

Response

0.205.248.87.in-addr.arpa

IN PTR

https-87-248-205-0lgwllnwnet

51.140.244.186:443

nav-edge.smartscreen.microsoft.com

tls

17.2kB
17.1kB
45
46
13.107.6.158:443

business.bing.com

tls

2.0kB
9.9kB
18
22
141.138.169.217:443

www.fairwork.nu

tls

931 B
6.0kB
9
8
141.138.169.217:443

www.fairwork.nu

tls

1.1kB
6.4kB
11
13
141.138.169.217:443

www.fairwork.nu

tls

1.1kB
6.3kB
12
11
141.138.169.217:443

www.fairwork.nu

tls

1.1kB
6.4kB
11
13
141.138.169.217:443

www.fairwork.nu

tls

1.2kB
6.3kB
12
11
141.138.169.217:443

www.fairwork.nu

tls

34.8kB
1.1MB
635
831
92.123.241.137:443

www.microsoft.com

tls

2.7kB
22.3kB
24
33
52.222.149.109:445

a.mailmunch.co

260 B
5
141.138.169.217:443

www.fairwork.nu

tls

1.1kB
6.4kB
11
13
88.221.134.17:443

bzib.nelreports.net

tls

2.4kB
6.0kB
11
14
142.250.186.68:443

www.google.com

tls

1.9kB
7.6kB
15
17
157.240.221.16:443

connect.facebook.net

tls

3.9kB
77.9kB
48
70
141.138.169.217:443

www.fairwork.nu

tls

9.5kB
309.1kB
174
247
157.240.221.35:443

www.facebook.com

tls

1.9kB
3.8kB
14
15
52.222.149.61:445

a.mailmunch.co

260 B
5
52.222.149.23:445

a.mailmunch.co

260 B
5
52.222.149.2:445

a.mailmunch.co

260 B
5
13.107.246.64:443

edgestatic.azureedge.net

tls

1.8kB
7.8kB
12
13
13.107.246.64:443

edgestatic.azureedge.net

tls

793 B
311 B
6
5
13.107.246.64:443

edgestatic.azureedge.net

tls

199.3kB
9.3MB
4141
6723
13.107.246.64:443

edgestatic.azureedge.net

tls

7.7kB
272.3kB
117
211
13.107.246.64:443

wcpstatic.microsoft.com

tls

4.2kB
91.0kB
52
78
104.208.16.94:443

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

tls, http

5.9kB
7.6kB
13
11

HTTP Request

POST https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

HTTP Response

200
141.138.169.217:445

www.fairwork.nu

260 B
5
141.138.169.217:443

www.fairwork.nu

tls

57.9kB
1.8MB
1101
1348
141.138.169.217:443

www.fairwork.nu

tls

1.2kB
6.3kB
12
11
52.222.149.109:443

a.mailmunch.co

tls

995 B
6.7kB
9
11
157.240.221.16:443

connect.facebook.net

tls

4.0kB
77.9kB
48
70
52.222.149.109:443

a.mailmunch.co

tls

2.2kB
19.0kB
21
24
142.251.173.155:443

stats.g.doubleclick.net

tls

2.3kB
7.1kB
17
18
216.239.32.36:443

region1.analytics.google.com

tls

2.9kB
7.1kB
15
15
142.250.184.202:443

ajax.googleapis.com

tls

2.3kB
42.2kB
25
38
157.240.221.35:443

www.facebook.com

tls

2.5kB
4.0kB
16
17
2.18.66.64:443

www.bing.com

tls

16.9kB
864.4kB
340
629
52.204.242.176:443

forms.mailmunch.co

tls

2.4kB
6.0kB
12
11
52.222.149.109:443

a.mailmunch.co

tls

1.8kB
7.5kB
13
15
141.138.169.217:443

www.fairwork.nu

tls

7.9kB
214.8kB
123
173
141.138.169.217:443

www.fairwork.nu

tls

980 B
517 B
6
4

8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
199 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

51.140.244.186
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
243 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
171 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
8.8.8.8:53

www.fairwork.nu

dns

61 B
134 B
1
1

DNS Request

www.fairwork.nu
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

a.mailmunch.co

dns

60 B
167 B
1
1

DNS Request

a.mailmunch.co

DNS Response

52.222.149.109

52.222.149.61

52.222.149.23

52.222.149.2
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

88.221.134.17

88.221.135.81
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.186.68
8.8.8.8:53

www.google.com

dns

60 B
85 B
1
1

DNS Request

www.google.com
142.250.186.68:443

www.google.com

https

3.0kB
7.2kB
8
8
8.8.8.8:53

connect.facebook.net

dns

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

157.240.221.16
8.8.8.8:53

connect.facebook.net

dns

66 B
155 B
1
1

DNS Request

connect.facebook.net
8.8.8.8:53

152.33.115.104.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

152.33.115.104.in-addr.arpa
8.8.8.8:53

186.244.140.51.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

186.244.140.51.in-addr.arpa
8.8.8.8:53

227.184.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

227.184.250.142.in-addr.arpa
8.8.8.8:53

137.241.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

137.241.123.92.in-addr.arpa
8.8.8.8:53

217.169.138.141.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

217.169.138.141.in-addr.arpa
8.8.8.8:53

202.185.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.185.250.142.in-addr.arpa
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

68.186.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

68.186.250.142.in-addr.arpa
8.8.8.8:53

232.181.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

232.181.250.142.in-addr.arpa
8.8.8.8:53

78.186.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

78.186.250.142.in-addr.arpa
8.8.8.8:53

16.221.240.157.in-addr.arpa

dns

73 B
117 B
1
1

DNS Request

16.221.240.157.in-addr.arpa
157.240.221.16:443

connect.facebook.net

https

1.7kB
4.5kB
5
8
8.8.8.8:53

www.facebook.com

dns

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.221.35
8.8.8.8:53

www.facebook.com

dns

62 B
136 B
1
1

DNS Request

www.facebook.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.186.68
8.8.8.8:53

www.google.com

dns

60 B
85 B
1
1

DNS Request

www.google.com
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.186.68
142.250.186.68:443

www.google.com

https

3.6kB
9.1kB
8
12
8.8.8.8:53

171.238.32.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

171.238.32.23.in-addr.arpa
8.8.8.8:53

35.221.240.157.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

35.221.240.157.in-addr.arpa
8.8.8.8:53

67.185.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

67.185.250.142.in-addr.arpa
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
245 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
273 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

104.115.33.219
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

a.mailmunch.co

dns

60 B
167 B
1
1

DNS Request

a.mailmunch.co

DNS Response

52.222.149.2

52.222.149.109

52.222.149.23

52.222.149.61
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
265 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
280 B
1
1

DNS Request

wcpstatic.microsoft.com
8.8.8.8:53

67.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

67.31.126.40.in-addr.arpa
8.8.8.8:53

104.219.191.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

104.219.191.52.in-addr.arpa
8.8.8.8:53

nw-umwatson.events.data.microsoft.com

dns

83 B
214 B
1
1

DNS Request

nw-umwatson.events.data.microsoft.com

DNS Response

104.208.16.94
8.8.8.8:53

94.16.208.104.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

94.16.208.104.in-addr.arpa
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
8.8.8.8:53

43.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

43.229.111.52.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

18.134.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

18.134.221.88.in-addr.arpa
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
8.8.8.8:53

www.fairwork.nu

dns

61 B
134 B
1
1

DNS Request

www.fairwork.nu
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.186.68
8.8.8.8:53

www.google.com

dns

60 B
85 B
1
1

DNS Request

www.google.com
8.8.8.8:53

a.mailmunch.co

dns

60 B
167 B
1
1

DNS Request

a.mailmunch.co

DNS Response

52.222.149.109

52.222.149.61

52.222.149.23

52.222.149.2
8.8.8.8:53

a.mailmunch.co

dns

60 B
183 B
1
1

DNS Request

a.mailmunch.co
8.8.8.8:53

connect.facebook.net

dns

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

157.240.221.16
8.8.8.8:53

connect.facebook.net

dns

66 B
155 B
1
1

DNS Request

connect.facebook.net
142.250.186.68:443

www.google.com

https

3.6kB
8.4kB
11
13
8.8.8.8:53

stats.g.doubleclick.net

dns

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

142.251.173.155

142.251.173.156

142.251.173.157

142.251.173.154
8.8.8.8:53

stats.g.doubleclick.net

dns

69 B
129 B
1
1

DNS Request

stats.g.doubleclick.net
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
157.240.221.16:443

connect.facebook.net

https

1.8kB
4.7kB
5
10
142.250.186.68:443

www.google.com

https

3.9kB
9.0kB
11
13
8.8.8.8:53

www.google.co.uk

dns

62 B
78 B
1
1

DNS Request

www.google.co.uk

DNS Response

142.250.185.227
8.8.8.8:53

www.google.co.uk

dns

62 B
87 B
1
1

DNS Request

www.google.co.uk
142.250.185.227:443

www.google.co.uk

https

4.7kB
6.3kB
17
7
142.251.173.155:443

stats.g.doubleclick.net

https

1.6kB
6.5kB
4
8
8.8.8.8:53

region1.analytics.google.com

dns

74 B
106 B
1
1

DNS Request

region1.analytics.google.com

DNS Response

216.239.32.36

216.239.34.36
8.8.8.8:53

region1.analytics.google.com

dns

74 B
124 B
1
1

DNS Request

region1.analytics.google.com
8.8.8.8:53

ajax.googleapis.com

dns

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.184.202
8.8.8.8:53

ajax.googleapis.com

dns

65 B
122 B
1
1

DNS Request

ajax.googleapis.com
8.8.8.8:53

109.149.222.52.in-addr.arpa

dns

73 B
131 B
1
1

DNS Request

109.149.222.52.in-addr.arpa
8.8.8.8:53

155.173.251.142.in-addr.arpa

dns

74 B
108 B
1
1

DNS Request

155.173.251.142.in-addr.arpa
8.8.8.8:53

227.185.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

227.185.250.142.in-addr.arpa
8.8.8.8:53

36.32.239.216.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

36.32.239.216.in-addr.arpa
142.250.185.227:443

www.google.co.uk

https

3.8kB
3
8.8.8.8:53

www.facebook.com

dns

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.221.35
8.8.8.8:53

www.facebook.com

dns

62 B
136 B
1
1

DNS Request

www.facebook.com
8.8.8.8:53

streaming.jsonmediapacks.com

dns

74 B
106 B
1
1

DNS Request

streaming.jsonmediapacks.com

DNS Response

104.21.13.191

172.67.133.18
8.8.8.8:53

streaming.jsonmediapacks.com

dns

74 B
147 B
1
1

DNS Request

streaming.jsonmediapacks.com
104.21.13.191:443

streaming.jsonmediapacks.com

https

3.6kB
8.5kB
10
14
8.8.8.8:53

forms.mailmunch.co

dns

64 B
174 B
1
1

DNS Request

forms.mailmunch.co

DNS Response

52.204.242.176

54.157.58.70

18.205.36.100

54.162.128.250
8.8.8.8:53

forms.mailmunch.co

dns

64 B
175 B
1
1

DNS Request

forms.mailmunch.co
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.186.68
8.8.8.8:53

www.google.com

dns

60 B
85 B
1
1

DNS Request

www.google.com
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.186.68
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
142.250.186.68:443

www.google.com

https

26.1kB
87.7kB
69
103
8.8.8.8:53

202.184.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.184.250.142.in-addr.arpa
8.8.8.8:53

191.13.21.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

191.13.21.104.in-addr.arpa
8.8.8.8:53

64.66.18.2.in-addr.arpa

dns

69 B
131 B
1
1

DNS Request

64.66.18.2.in-addr.arpa
8.8.8.8:53

176.242.204.52.in-addr.arpa

dns

73 B
129 B
1
1

DNS Request

176.242.204.52.in-addr.arpa
142.250.186.68:443

www.google.com

https

3.8kB
15.5kB
11
16
216.239.32.36:443

region1.analytics.google.com

https

3.3kB
7.3kB
11
17
224.0.0.251:5353

204 B
3
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.186.68
8.8.8.8:53

www.fairwork.nu

dns

61 B
77 B
1
1

DNS Request

www.fairwork.nu

DNS Response

141.138.169.217
157.240.221.35:443

www.facebook.com

https

2.9kB
4.8kB
6
10
142.250.184.202:443

ajax.googleapis.com

https

2.9kB
6.5kB
5
8
2.18.66.64:443

www.bing.com

https

1.7kB
5.3kB
7
10
142.250.186.68:443

www.google.com

https

1.7kB
2.5kB
6
5
104.21.13.191:443

streaming.jsonmediapacks.com

https

3.0kB
3.2kB
7
7
8.8.8.8:53

40.134.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

40.134.221.88.in-addr.arpa
8.8.8.8:53

0.205.248.87.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

0.205.248.87.in-addr.arpa

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request