Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

cryptolaemus

windows10-2004-x64

3

cryptolaemus

windows11-21h2-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22/04/2024, 00:11 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    47b280fd303a029f5a06e52f779ac026cbe976c18ed12defb6c406084a3f111d.exe

  • Size

    897KB

  • MD5

    4372dd6fa64acf25d73a7c61f7f9d605

  • SHA1

    e1fd6e1a9923df1c308f2ce9f99d9ab215e39cfb

  • SHA256

    47b280fd303a029f5a06e52f779ac026cbe976c18ed12defb6c406084a3f111d

  • SHA512

    5707e556d36d9a4f6e2f9bf7ed2c78ab79db4fd655d7a7e97cd5aa95e72c1a8de10c1427b34c1cd5b79e7aea52f6095d125f117fca1395555a880ce1a9464275

  • SSDEEP

    12288:VqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgapTp:VqDEvCTbMWu7rQYlBQcBiT6rprG8atp

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 14 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of FindShellTrayWindow 28 IoCs
  • Suspicious use of SendNotifyMessage 15 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\47b280fd303a029f5a06e52f779ac026cbe976c18ed12defb6c406084a3f111d.exe
    "C:\Users\Admin\AppData\Local\Temp\47b280fd303a029f5a06e52f779ac026cbe976c18ed12defb6c406084a3f111d.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1496
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/account
      2⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:5032
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd52c13cb8,0x7ffd52c13cc8,0x7ffd52c13cd8
        3⤵
          PID:2480
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1916 /prefetch:2
          3⤵
            PID:2064
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
            3⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:2684
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
            3⤵
              PID:1808
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
              3⤵
                PID:2356
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
                3⤵
                  PID:1984
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3868 /prefetch:1
                  3⤵
                    PID:2764
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4080 /prefetch:1
                    3⤵
                      PID:1460
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
                      3⤵
                        PID:4664
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4124 /prefetch:1
                        3⤵
                          PID:1412
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
                          3⤵
                            PID:1572
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
                            3⤵
                              PID:3472
                            • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6592 /prefetch:8
                              3⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:4772
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
                              3⤵
                                PID:2312
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
                                3⤵
                                  PID:2028
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5896 /prefetch:8
                                  3⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:1188
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,3078975392146111618,1281189988639883532,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3068 /prefetch:2
                                  3⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:3572
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video
                                2⤵
                                • Suspicious use of WriteProcessMemory
                                PID:4584
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffd52c13cb8,0x7ffd52c13cc8,0x7ffd52c13cd8
                                  3⤵
                                    PID:4212
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1932,2993119168274336469,1422210790451353983,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1944 /prefetch:2
                                    3⤵
                                      PID:2384
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1932,2993119168274336469,1422210790451353983,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2008 /prefetch:3
                                      3⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:2468
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
                                    2⤵
                                    • Suspicious use of WriteProcessMemory
                                    PID:4908
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd52c13cb8,0x7ffd52c13cc8,0x7ffd52c13cd8
                                      3⤵
                                        PID:1020
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1988,10455574781451766172,6354816136858101629,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 /prefetch:3
                                        3⤵
                                          PID:4568
                                    • C:\Windows\System32\CompPkgSrv.exe
                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                      1⤵
                                        PID:1880
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:5016

                                        Network

                                        • flag-us
                                          DNS
                                          www.youtube.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          www.youtube.com
                                          IN A
                                          Response
                                          www.youtube.com
                                          IN CNAME
                                          youtube-ui.l.google.com
                                          youtube-ui.l.google.com
                                          IN A
                                          172.217.16.238
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.200.14
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.200.46
                                          youtube-ui.l.google.com
                                          IN A
                                          216.58.201.110
                                          youtube-ui.l.google.com
                                          IN A
                                          216.58.204.78
                                          youtube-ui.l.google.com
                                          IN A
                                          216.58.213.14
                                          youtube-ui.l.google.com
                                          IN A
                                          172.217.169.78
                                          youtube-ui.l.google.com
                                          IN A
                                          172.217.169.46
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.179.238
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.180.14
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.187.206
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.187.238
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.178.14
                                        • flag-us
                                          DNS
                                          www.facebook.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          www.facebook.com
                                          IN A
                                          Response
                                          www.facebook.com
                                          IN CNAME
                                          star-mini.c10r.facebook.com
                                          star-mini.c10r.facebook.com
                                          IN A
                                          157.240.221.35
                                        • flag-us
                                          DNS
                                          accounts.google.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          accounts.google.com
                                          IN A
                                          Response
                                          accounts.google.com
                                          IN A
                                          173.194.69.84
                                        • flag-us
                                          DNS
                                          ctldl.windowsupdate.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          ctldl.windowsupdate.com
                                          IN A
                                          Response
                                          ctldl.windowsupdate.com
                                          IN CNAME
                                          wu-bg-shim.trafficmanager.net
                                          wu-bg-shim.trafficmanager.net
                                          IN CNAME
                                          windowsupdatebg.s.llnwi.net
                                          windowsupdatebg.s.llnwi.net
                                          IN A
                                          87.248.205.0
                                        • flag-us
                                          DNS
                                          ocsp.digicert.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          ocsp.digicert.com
                                          IN A
                                          Response
                                          ocsp.digicert.com
                                          IN CNAME
                                          ocsp.edge.digicert.com
                                          ocsp.edge.digicert.com
                                          IN CNAME
                                          fp2e7a.wpc.2be4.phicdn.net
                                          fp2e7a.wpc.2be4.phicdn.net
                                          IN CNAME
                                          fp2e7a.wpc.phicdn.net
                                          fp2e7a.wpc.phicdn.net
                                          IN A
                                          192.229.221.95
                                        • flag-us
                                          DNS
                                          84.69.194.173.in-addr.arpa
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          84.69.194.173.in-addr.arpa
                                          IN PTR
                                          Response
                                          84.69.194.173.in-addr.arpa
                                          IN PTR
                                          ef-in-f841e100net
                                        • flag-us
                                          DNS
                                          ctldl.windowsupdate.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          ctldl.windowsupdate.com
                                          IN A
                                          Response
                                          ctldl.windowsupdate.com
                                          IN CNAME
                                          wu-bg-shim.trafficmanager.net
                                          wu-bg-shim.trafficmanager.net
                                          IN CNAME
                                          windowsupdatebg.s.llnwi.net
                                          windowsupdatebg.s.llnwi.net
                                          IN A
                                          87.248.205.0
                                        • flag-us
                                          DNS
                                          6.173.189.20.in-addr.arpa
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          6.173.189.20.in-addr.arpa
                                          IN PTR
                                          Response
                                        • flag-us
                                          DNS
                                          www.youtube.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          www.youtube.com
                                          IN A
                                          Response
                                          www.youtube.com
                                          IN CNAME
                                          youtube-ui.l.google.com
                                          youtube-ui.l.google.com
                                          IN A
                                          172.217.16.238
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.200.14
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.200.46
                                          youtube-ui.l.google.com
                                          IN A
                                          216.58.201.110
                                          youtube-ui.l.google.com
                                          IN A
                                          216.58.204.78
                                          youtube-ui.l.google.com
                                          IN A
                                          216.58.213.14
                                          youtube-ui.l.google.com
                                          IN A
                                          172.217.169.78
                                          youtube-ui.l.google.com
                                          IN A
                                          172.217.169.46
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.179.238
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.180.14
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.187.206
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.187.238
                                          youtube-ui.l.google.com
                                          IN A
                                          142.250.178.14
                                        • flag-us
                                          DNS
                                          238.16.217.172.in-addr.arpa
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          238.16.217.172.in-addr.arpa
                                          IN PTR
                                          Response
                                          238.16.217.172.in-addr.arpa
                                          IN PTR
                                          mad08s04-in-f141e100net
                                          238.16.217.172.in-addr.arpa
                                          IN PTR
                                          lhr48s28-in-f14�I
                                        • flag-us
                                          DNS
                                          scontent.xx.fbcdn.net
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          scontent.xx.fbcdn.net
                                          IN A
                                          Response
                                          scontent.xx.fbcdn.net
                                          IN A
                                          163.70.151.21
                                        • flag-us
                                          DNS
                                          www.gstatic.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          www.gstatic.com
                                          IN A
                                          Response
                                          www.gstatic.com
                                          IN A
                                          216.58.212.195
                                        • flag-us
                                          DNS
                                          0.205.248.87.in-addr.arpa
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          0.205.248.87.in-addr.arpa
                                          IN PTR
                                          Response
                                          0.205.248.87.in-addr.arpa
                                          IN PTR
                                          https-87-248-205-0lgwllnwnet
                                        • flag-us
                                          DNS
                                          www.google.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          www.google.com
                                          IN A
                                          Response
                                          www.google.com
                                          IN A
                                          142.250.187.196
                                        • flag-us
                                          DNS
                                          22.236.111.52.in-addr.arpa
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          22.236.111.52.in-addr.arpa
                                          IN PTR
                                          Response
                                        • flag-gb
                                          GET
                                          https://www.youtube.com/account
                                          msedge.exe
                                          Remote address:
                                          172.217.16.238:443
                                          Request
                                          GET /account HTTP/2.0
                                          host: www.youtube.com
                                          sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                          sec-ch-ua-mobile: ?0
                                          dnt: 1
                                          upgrade-insecure-requests: 1
                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                          sec-fetch-site: none
                                          sec-fetch-mode: navigate
                                          sec-fetch-user: ?1
                                          sec-fetch-dest: document
                                          accept-encoding: gzip, deflate, br
                                          accept-language: en-US,en;q=0.9
                                        • flag-nl
                                          GET
                                          https://accounts.google.com/
                                          msedge.exe
                                          Remote address:
                                          173.194.69.84:443
                                          Request
                                          GET / HTTP/2.0
                                          host: accounts.google.com
                                          sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                          sec-ch-ua-mobile: ?0
                                          dnt: 1
                                          upgrade-insecure-requests: 1
                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                          sec-fetch-site: none
                                          sec-fetch-mode: navigate
                                          sec-fetch-user: ?1
                                          sec-fetch-dest: document
                                          accept-encoding: gzip, deflate, br
                                          accept-language: en-US,en;q=0.9
                                        • flag-nl
                                          GET
                                          https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en
                                          msedge.exe
                                          Remote address:
                                          173.194.69.84:443
                                          Request
                                          GET /ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en HTTP/2.0
                                          host: accounts.google.com
                                          dnt: 1
                                          upgrade-insecure-requests: 1
                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                          sec-fetch-site: none
                                          sec-fetch-mode: navigate
                                          sec-fetch-user: ?1
                                          sec-fetch-dest: document
                                          sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                          sec-ch-ua-mobile: ?0
                                          accept-encoding: gzip, deflate, br
                                          accept-language: en-US,en;q=0.9
                                        • flag-nl
                                          GET
                                          https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/signin?action_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJZJ6BQ2aCYElI0evk9nzegV7b2iVGt_V_V7b3Yy4115nlimAzsxZXdHs27etjZNIbgElgeQA
                                          msedge.exe
                                          Remote address:
                                          173.194.69.84:443
                                          Request
                                          GET /InteractiveLogin?continue=https://www.youtube.com/signin?action_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJZJ6BQ2aCYElI0evk9nzegV7b2iVGt_V_V7b3Yy4115nlimAzsxZXdHs27etjZNIbgElgeQA HTTP/2.0
                                          host: accounts.google.com
                                          dnt: 1
                                          upgrade-insecure-requests: 1
                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                          sec-fetch-site: none
                                          sec-fetch-mode: navigate
                                          sec-fetch-user: ?1
                                          sec-fetch-dest: document
                                          sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                          sec-ch-ua-mobile: ?0
                                          sec-ch-ua-full-version: "90.0.818.66"
                                          sec-ch-ua-arch: "x86"
                                          sec-ch-ua-platform: "Windows"
                                          sec-ch-ua-platform-version: "10.0"
                                          sec-ch-ua-model: ""
                                          accept-encoding: gzip, deflate, br
                                          accept-language: en-US,en;q=0.9
                                          cookie: __Host-GAPS=1:tk2lVy7DttwG0BrjnJ2T7ZnuzruBQQ:NfUMFWAbMNWO4jDu
                                        • flag-nl
                                          GET
                                          https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F
                                          msedge.exe
                                          Remote address:
                                          173.194.69.84:443
                                          Request
                                          GET /ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F HTTP/2.0
                                          host: accounts.google.com
                                          dnt: 1
                                          upgrade-insecure-requests: 1
                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                          sec-fetch-site: none
                                          sec-fetch-mode: navigate
                                          sec-fetch-user: ?1
                                          sec-fetch-dest: document
                                          sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                          sec-ch-ua-mobile: ?0
                                          sec-ch-ua-full-version: "90.0.818.66"
                                          sec-ch-ua-arch: "x86"
                                          sec-ch-ua-platform: "Windows"
                                          sec-ch-ua-platform-version: "10.0"
                                          sec-ch-ua-model: ""
                                          accept-encoding: gzip, deflate, br
                                          accept-language: en-US,en;q=0.9
                                          cookie: __Host-GAPS=1:fa4LI50agDIRSFhoUGhJtqpOjlAnjw:r6N2D4BPJY72xiWe
                                        • flag-nl
                                          GET
                                          https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=ARZ0qKINRDr36XyqbrS4NyLUfqZ0rlfFI1W3zGsX7C_tn3E12C4wAijcRjsA0-edmjwAYomcmY4deQ
                                          msedge.exe
                                          Remote address:
                                          173.194.69.84:443
                                          Request
                                          GET /InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=ARZ0qKINRDr36XyqbrS4NyLUfqZ0rlfFI1W3zGsX7C_tn3E12C4wAijcRjsA0-edmjwAYomcmY4deQ HTTP/2.0
                                          host: accounts.google.com
                                          dnt: 1
                                          upgrade-insecure-requests: 1
                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                          sec-fetch-site: none
                                          sec-fetch-mode: navigate
                                          sec-fetch-user: ?1
                                          sec-fetch-dest: document
                                          sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                          sec-ch-ua-mobile: ?0
                                          sec-ch-ua-full-version: "90.0.818.66"
                                          sec-ch-ua-arch: "x86"
                                          sec-ch-ua-platform: "Windows"
                                          sec-ch-ua-platform-version: "10.0"
                                          sec-ch-ua-model: ""
                                          accept-encoding: gzip, deflate, br
                                          accept-language: en-US,en;q=0.9
                                          cookie: __Host-GAPS=1:fa4LI50agDIRSFhoUGhJtqpOjlAnjw:r6N2D4BPJY72xiWe
                                        • flag-us
                                          DNS
                                          video.xx.fbcdn.net
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          video.xx.fbcdn.net
                                          IN A
                                          Response
                                          video.xx.fbcdn.net
                                          IN A
                                          163.70.151.12
                                        • flag-us
                                          DNS
                                          76.32.126.40.in-addr.arpa
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          76.32.126.40.in-addr.arpa
                                          IN PTR
                                          Response
                                        • flag-us
                                          DNS
                                          238.179.250.142.in-addr.arpa
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          238.179.250.142.in-addr.arpa
                                          IN PTR
                                          Response
                                          238.179.250.142.in-addr.arpa
                                          IN PTR
                                          lhr25s31-in-f141e100net
                                        • flag-us
                                          DNS
                                          self.events.data.microsoft.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          self.events.data.microsoft.com
                                          IN A
                                          Response
                                          self.events.data.microsoft.com
                                          IN CNAME
                                          self-events-data.trafficmanager.net
                                          self-events-data.trafficmanager.net
                                          IN CNAME
                                          onedscolprdwus05.westus.cloudapp.azure.com
                                          onedscolprdwus05.westus.cloudapp.azure.com
                                          IN A
                                          20.189.173.6
                                        • flag-us
                                          DNS
                                          95.221.229.192.in-addr.arpa
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          95.221.229.192.in-addr.arpa
                                          IN PTR
                                          Response
                                        • flag-us
                                          DNS
                                          play.google.com
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          play.google.com
                                          IN A
                                          Response
                                          play.google.com
                                          IN A
                                          142.250.179.238
                                        • flag-us
                                          DNS
                                          accounts.google.com
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          accounts.google.com
                                          IN A
                                          Response
                                          accounts.google.com
                                          IN A
                                          173.194.69.84
                                        • flag-us
                                          DNS
                                          195.212.58.216.in-addr.arpa
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          195.212.58.216.in-addr.arpa
                                          IN PTR
                                          Response
                                          195.212.58.216.in-addr.arpa
                                          IN PTR
                                          lhr25s27-in-f31e100net
                                          195.212.58.216.in-addr.arpa
                                          IN PTR
                                          ams16s21-in-f3�H
                                          195.212.58.216.in-addr.arpa
                                          IN PTR
                                          ams16s21-in-f195�H
                                        • flag-us
                                          DNS
                                          accounts.google.com
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          accounts.google.com
                                          IN A
                                          Response
                                          accounts.google.com
                                          IN A
                                          173.194.69.84
                                        • flag-us
                                          DNS
                                          scontent-lhr6-2.xx.fbcdn.net
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          scontent-lhr6-2.xx.fbcdn.net
                                          IN A
                                          Response
                                          scontent-lhr6-2.xx.fbcdn.net
                                          IN A
                                          163.70.151.21
                                        • flag-us
                                          DNS
                                          nexusrules.officeapps.live.com
                                          msedge.exe
                                          Remote address:
                                          8.8.8.8:53
                                          Request
                                          nexusrules.officeapps.live.com
                                          IN A
                                          Response
                                          nexusrules.officeapps.live.com
                                          IN CNAME
                                          prod.nexusrules.live.com.akadns.net
                                          prod.nexusrules.live.com.akadns.net
                                          IN A
                                          52.111.236.22
                                        • flag-gb
                                          GET
                                          https://www.google.com/favicon.ico
                                          msedge.exe
                                          Remote address:
                                          142.250.187.196:443
                                          Request
                                          GET /favicon.ico HTTP/2.0
                                          host: www.google.com
                                          sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                          dnt: 1
                                          sec-ch-ua-mobile: ?0
                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                          sec-ch-ua-arch: "x86"
                                          sec-ch-ua-full-version: "90.0.818.66"
                                          sec-ch-ua-platform-version: "10.0"
                                          sec-ch-ua-model:
                                          sec-ch-ua-platform: "Windows"
                                          accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                          sec-fetch-site: same-site
                                          sec-fetch-mode: no-cors
                                          sec-fetch-dest: image
                                          referer: https://accounts.google.com/
                                          accept-encoding: gzip, deflate, br
                                          accept-language: en-US,en;q=0.9
                                          cookie: NID=513=EVVOTyfvP_COrtZXpUAPiYPV7BlcEpYW4eYIO4Bus44lWGj-Mqs_E6JFZ56OzwmMsK03AozP45agW0wDWBYCpaTUNc6Tpd-WXJ78SUGp1H9sKZSSqJyZwQhFcnV77jROwmAOkDkDQITUUC7J896LHsvi712C36bD5C4uyjqPM3o
                                        • flag-gb
                                          OPTIONS
                                          https://play.google.com/log?format=json&hasfast=true&authuser=0
                                          msedge.exe
                                          Remote address:
                                          142.250.179.238:443
                                          Request
                                          OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                          host: play.google.com
                                          accept: */*
                                          access-control-request-method: POST
                                          access-control-request-headers: x-goog-authuser
                                          origin: https://accounts.google.com
                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                          sec-fetch-mode: cors
                                          sec-fetch-site: same-site
                                          sec-fetch-dest: empty
                                          referer: https://accounts.google.com/
                                          accept-encoding: gzip, deflate, br
                                          accept-language: en-US,en;q=0.9
                                        • flag-gb
                                          POST
                                          https://www.facebook.com/ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__comet_req=15&__hs=19835.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7360477536528017801&__req=c&__rev=1012942505&__s=%3A%3A5rui5x&__spin_b=trunk&__spin_r=1012942505&__spin_t=1713744722&__user=0&dpr=1&jazoest=2983&lsd=AVpcfdIbOTU&ph=C3
                                          msedge.exe
                                          Remote address:
                                          157.240.221.35:443
                                          Request
                                          POST /ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__comet_req=15&__hs=19835.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7360477536528017801&__req=c&__rev=1012942505&__s=%3A%3A5rui5x&__spin_b=trunk&__spin_r=1012942505&__spin_t=1713744722&__user=0&dpr=1&jazoest=2983&lsd=AVpcfdIbOTU&ph=C3 HTTP/2.0
                                          host: www.facebook.com
                                          content-length: 960
                                          sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
                                          sec-ch-ua-platform-version: "10.0"
                                          dnt: 1
                                          sec-ch-ua-model:
                                          sec-ch-ua-mobile: ?0
                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
                                          content-type: multipart/form-data; boundary=----WebKitFormBoundaryEVS6bifYj9tfcFEA
                                          accept: */*
                                          origin: https://www.facebook.com
                                          sec-fetch-site: same-origin
                                          sec-fetch-mode: cors
                                          sec-fetch-dest: empty
                                          referer: https://www.facebook.com/video
                                          accept-encoding: gzip, deflate, br
                                          accept-language: en-US,en;q=0.9
                                        • 172.217.16.238:443
                                          https://www.youtube.com/account
                                          tls, http2
                                          msedge.exe
                                          2.0kB
                                           9.8kB
                                           18
                                          20

                                          HTTP Request

                                          GET https://www.youtube.com/account
                                        • 157.240.221.35:443
                                          www.facebook.com
                                          tls
                                          msedge.exe
                                          64.0kB
                                           263.4kB
                                           200
                                          252
                                        • 173.194.69.84:443
                                          https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=ARZ0qKINRDr36XyqbrS4NyLUfqZ0rlfFI1W3zGsX7C_tn3E12C4wAijcRjsA0-edmjwAYomcmY4deQ
                                          tls, http2
                                          msedge.exe
                                          3.6kB
                                           12.2kB
                                           29
                                          34

                                          HTTP Request

                                          GET https://accounts.google.com/

                                          HTTP Request

                                          GET https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en

                                          HTTP Request

                                          GET https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/signin?action_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJZJ6BQ2aCYElI0evk9nzegV7b2iVGt_V_V7b3Yy4115nlimAzsxZXdHs27etjZNIbgElgeQA

                                          HTTP Request

                                          GET https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2F&followup=https%3A%2F%2Faccounts.google.com%2F

                                          HTTP Request

                                          GET https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/&followup=https://accounts.google.com/&passive=1209600&ifkv=ARZ0qKINRDr36XyqbrS4NyLUfqZ0rlfFI1W3zGsX7C_tn3E12C4wAijcRjsA0-edmjwAYomcmY4deQ
                                        • 173.194.69.84:443
                                          accounts.google.com
                                          msedge.exe
                                          98 B
                                           52 B
                                           2
                                          1
                                        • 163.70.151.21:443
                                          scontent.xx.fbcdn.net
                                          tls
                                          msedge.exe
                                          1.8kB
                                           3.8kB
                                           15
                                          16
                                        • 163.70.151.21:443
                                          static.xx.fbcdn.net
                                          tls
                                          msedge.exe
                                          897 B
                                           2.6kB
                                           7
                                          5
                                        • 163.70.151.21:443
                                          static.xx.fbcdn.net
                                          tls
                                          msedge.exe
                                          58.0kB
                                           2.0MB
                                           1026
                                          1555
                                        • 163.70.151.21:443
                                          static.xx.fbcdn.net
                                          tls
                                          msedge.exe
                                          989 B
                                           2.9kB
                                           9
                                          7
                                        • 142.250.187.196:443
                                          https://www.google.com/favicon.ico
                                          tls, http2
                                          msedge.exe
                                          2.1kB
                                           7.7kB
                                           15
                                          16

                                          HTTP Request

                                          GET https://www.google.com/favicon.ico
                                        • 142.250.179.238:443
                                          https://play.google.com/log?format=json&hasfast=true&authuser=0
                                          tls, http2
                                          msedge.exe
                                          1.8kB
                                           8.7kB
                                           16
                                          19

                                          HTTP Request

                                          OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                                        • 52.111.243.29:443
                                          322 B
                                           7
                                        • 157.240.221.35:443
                                          https://www.facebook.com/ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__comet_req=15&__hs=19835.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7360477536528017801&__req=c&__rev=1012942505&__s=%3A%3A5rui5x&__spin_b=trunk&__spin_r=1012942505&__spin_t=1713744722&__user=0&dpr=1&jazoest=2983&lsd=AVpcfdIbOTU&ph=C3
                                          tls, http2
                                          msedge.exe
                                          3.0kB
                                           3.9kB
                                           14
                                          12

                                          HTTP Request

                                          POST https://www.facebook.com/ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__comet_req=15&__hs=19835.HYP%3Acomet_loggedout_pkg.2.1..0.0&__hsi=7360477536528017801&__req=c&__rev=1012942505&__s=%3A%3A5rui5x&__spin_b=trunk&__spin_r=1012942505&__spin_t=1713744722&__user=0&dpr=1&jazoest=2983&lsd=AVpcfdIbOTU&ph=C3
                                        • 8.8.8.8:53
                                          www.youtube.com
                                          dns
                                          msedge.exe
                                          532 B
                                           1.3kB
                                           8
                                          8

                                          DNS Request

                                          www.youtube.com

                                          DNS Response

                                          172.217.16.238
                                          142.250.200.14
                                          142.250.200.46
                                          216.58.201.110
                                          216.58.204.78
                                          216.58.213.14
                                          172.217.169.78
                                          172.217.169.46
                                          142.250.179.238
                                          142.250.180.14
                                          142.250.187.206
                                          142.250.187.238
                                          142.250.178.14

                                          DNS Request

                                          www.facebook.com

                                          DNS Response

                                          157.240.221.35

                                          DNS Request

                                          accounts.google.com

                                          DNS Response

                                          173.194.69.84

                                          DNS Request

                                          ctldl.windowsupdate.com

                                          DNS Response

                                          87.248.205.0

                                          DNS Request

                                          ocsp.digicert.com

                                          DNS Response

                                          192.229.221.95

                                          DNS Request

                                          84.69.194.173.in-addr.arpa

                                          DNS Request

                                          ctldl.windowsupdate.com

                                          DNS Response

                                          87.248.205.0

                                          DNS Request

                                          6.173.189.20.in-addr.arpa

                                        • 8.8.8.8:53
                                          www.youtube.com
                                          dns
                                          msedge.exe
                                          465 B
                                           955 B
                                           7
                                          7

                                          DNS Request

                                          www.youtube.com

                                          DNS Response

                                          172.217.16.238
                                          142.250.200.14
                                          142.250.200.46
                                          216.58.201.110
                                          216.58.204.78
                                          216.58.213.14
                                          172.217.169.78
                                          172.217.169.46
                                          142.250.179.238
                                          142.250.180.14
                                          142.250.187.206
                                          142.250.187.238
                                          142.250.178.14

                                          DNS Request

                                          238.16.217.172.in-addr.arpa

                                          DNS Request

                                          scontent.xx.fbcdn.net

                                          DNS Response

                                          163.70.151.21

                                          DNS Request

                                          www.gstatic.com

                                          DNS Response

                                          216.58.212.195

                                          DNS Request

                                          0.205.248.87.in-addr.arpa

                                          DNS Request

                                          www.google.com

                                          DNS Response

                                          142.250.187.196

                                          DNS Request

                                          22.236.111.52.in-addr.arpa

                                        • 173.194.69.84:443
                                          accounts.google.com
                                          https
                                          msedge.exe
                                          47.2kB
                                           248.7kB
                                           123
                                          242
                                        • 8.8.8.8:53
                                          video.xx.fbcdn.net
                                          dns
                                          msedge.exe
                                          285 B
                                           544 B
                                           4
                                          4

                                          DNS Request

                                          video.xx.fbcdn.net

                                          DNS Response

                                          163.70.151.12

                                          DNS Request

                                          76.32.126.40.in-addr.arpa

                                          DNS Request

                                          238.179.250.142.in-addr.arpa

                                          DNS Request

                                          self.events.data.microsoft.com

                                          DNS Response

                                          20.189.173.6

                                        • 8.8.8.8:53
                                          95.221.229.192.in-addr.arpa
                                          dns
                                          199 B
                                           302 B
                                           3
                                          3

                                          DNS Request

                                          95.221.229.192.in-addr.arpa

                                          DNS Request

                                          play.google.com

                                          DNS Response

                                          142.250.179.238

                                          DNS Request

                                          accounts.google.com

                                          DNS Response

                                          173.194.69.84

                                        • 8.8.8.8:53
                                          195.212.58.216.in-addr.arpa
                                          dns
                                          138 B
                                           252 B
                                           2
                                          2

                                          DNS Request

                                          195.212.58.216.in-addr.arpa

                                          DNS Request

                                          accounts.google.com

                                          DNS Response

                                          173.194.69.84

                                        • 8.8.8.8:53
                                          scontent-lhr6-2.xx.fbcdn.net
                                          dns
                                          msedge.exe
                                          150 B
                                           231 B
                                           2
                                          2

                                          DNS Request

                                          scontent-lhr6-2.xx.fbcdn.net

                                          DNS Response

                                          163.70.151.21

                                          DNS Request

                                          nexusrules.officeapps.live.com

                                          DNS Response

                                          52.111.236.22

                                        • 224.0.0.251:5353
                                          msedge.exe
                                          513 B
                                           8
                                        • 142.250.179.238:443
                                          play.google.com
                                          https
                                          msedge.exe
                                          11.3kB
                                           11.3kB
                                           30
                                          37
                                        • 173.194.69.84:443
                                          accounts.google.com
                                          https
                                          msedge.exe
                                          3.3kB
                                           4.3kB
                                           12
                                          13
                                        • 173.194.69.84:443
                                          accounts.google.com
                                          https
                                          msedge.exe
                                          2.7kB
                                           3.6kB
                                           8
                                          8

                                        MITRE ATT&CK Enterprise v15

                                        Replay Monitor

                                        Loading Replay Monitor...

                                        Downloads

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                          Filesize

                                          152B

                                          MD5

                                          696ffba7b83ecf008523e96918f200d9

                                          SHA1

                                          970d90e22c8b3674fc33cdd1913c51ef28514255

                                          SHA256

                                          dc6dacd725d7385b2e4db1f488d93f2840d2289efdaaf3737849304d1ab9ba34

                                          SHA512

                                          f8528683b70b58376f3eba3338fa6b462c9e9248c72524573005cff6397a0556bdcc2fdc2ebb020ba8218bc8174ba552002f223a245dfe3d3688826d24d63237

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                          Filesize

                                          152B

                                          MD5

                                          54caf18c2cda579e0dad6a9fc5179562

                                          SHA1

                                          357d25de14903392900d034e37f5918b522e17c9

                                          SHA256

                                          28d77529de92eb605d8afee0e133a7d08e13d4386e5e38d63e2da34623eaad6b

                                          SHA512

                                          88da5a33df9d82408afb8344ec7dbaf7686435fdb55eccfb85d5560f39861e84cef5d71949d5efe7a191778e6be755a8448f3fc3d7043007037f9f5227e10210

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                          Filesize

                                          1KB

                                          MD5

                                          2a7c3e12a39c43c416107b3142cf2469

                                          SHA1

                                          26cfd318cea62ae3070fe8c79665e0a22a6ed814

                                          SHA256

                                          02b2c345813d98d00122cc5bc2097cfdad67c3670e1ef2e16ab94e06453d7825

                                          SHA512

                                          3a4ea78a22e66e3eb3adeec440de0a010c62e9c472beaf186d00701e5208bf636530e888a1dfbdc6ef647001ae32bf8278dc74d5be8d03fb5b62ce676345d4e3

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                          Filesize

                                          1KB

                                          MD5

                                          ac71105ebd88b063f27613693751ef35

                                          SHA1

                                          2c7563c436dd797fe31368c5d86cb1c5a1536609

                                          SHA256

                                          f058ae2d6feb22de6ae18c8984133a5eccb596fae808834aeb47d2dcbfbaa62b

                                          SHA512

                                          93240c271306d21f40159323b8bb444a0f62c34721eb0e27a769f700d3e8dc1dcbb1d725a4a4cfb28a6dd49481886062126ecfb9aec8f8465ff4b670382244cd

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                          Filesize

                                          1KB

                                          MD5

                                          194ad6189f787ddac39d4ca84e2a9e50

                                          SHA1

                                          19fb43ef9c84bd62291790ca92eb3e7b5345f3dc

                                          SHA256

                                          d3731faa007738d85483880da77471982b7817c0696414ed432f380453b88478

                                          SHA512

                                          8246f21a27a8271cdc766640d4e80d042400a263524aedb2b1d1298245d0479a37c4c14e3960ce33a187df29ddb78606efd63655c3c1bec7dd3420b2bdb35588

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                          Filesize

                                          6KB

                                          MD5

                                          1250174550707d18cbdac08a67eda33d

                                          SHA1

                                          bffd8a19a74ff0b641c422fd7aa8f2026793c56d

                                          SHA256

                                          e2048f992988e797a29b9d4d7c7bc111afeb21d1f8ff64f05507137decad7127

                                          SHA512

                                          27555882c91474350e6e516e19d573b68c95dc28a09a9bf5d0b847530ea427655a920103b0d857695f68f6e4a6bcaa32ea255cef15241d7ce80554cb1304420c

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                          Filesize

                                          7KB

                                          MD5

                                          33cde43d446b4fca24c81badd5760e1d

                                          SHA1

                                          b2a57434e25dd551ca802f9d865c26b10d9c027e

                                          SHA256

                                          07f798a24f4f45d8ad1bd3aed717cd6e56094c3fd39c99b59e9dbf41b3d789b4

                                          SHA512

                                          4d7b00a2ae0cac7594604515efe9ea9b378e1e4bfb6043ec5ce020d0fc5226faa9f94c319e0fdea367a871ce85e97420c5161c97d1d625b793a8ac1b8f651528

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                          Filesize

                                          539B

                                          MD5

                                          022b4de26be95ae1bc1afceaff4d0424

                                          SHA1

                                          ad7b13b241ed2558bc2705589683d8928d81bcab

                                          SHA256

                                          e6f67147c1cb5fce495ff48c3f9adb3641b6de6a8c6c1426602570b522485b45

                                          SHA512

                                          21386c01b1acba97621b1c02728b484d54d345a563e803ed10b56ceeef81027cbe7d38daf9871956dad01178d1ba4f66c8ef550e68a4991781b37d82f157aa42

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                          Filesize

                                          539B

                                          MD5

                                          f88dc5091ab511e3de0217daf5fd042c

                                          SHA1

                                          e245cbb5bfb277879518809d6cb9f707e3368706

                                          SHA256

                                          69d3841432fd07ddee2b80e5c3d693fadfb47453c431aa28b28cc01c82c86406

                                          SHA512

                                          a8caae76bd1c52439bf7e1c389b30187305f5ca98429bd290bec15d3840d286328e4627092680ef9c3ff993efaa694da4832fb860250f907ee04368c023b2a2c

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                          Filesize

                                          539B

                                          MD5

                                          b0a9393e58dde80603c603042ff142aa

                                          SHA1

                                          4a8b86e71338982abdfbe6632a5b43eb467a5a5b

                                          SHA256

                                          e4819e1c03c6e2d243c92ace96efafbe16264620035bce5738bc8a880dff3473

                                          SHA512

                                          8eedfc21c2c4c6faea44463ab6c1dbfce36fb63f2da07ea1119ff3fb62302fca503860f28b856b026b83151688eabd64f33d5fbe7c5c03f2a5e0d40b9eb0eb71

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                          Filesize

                                          539B

                                          MD5

                                          9b676d5fd6453daf0c1ecc2c5ee3793a

                                          SHA1

                                          152d72fa87d59f0aad984134fce8d718097da42b

                                          SHA256

                                          ea561368ccfa882d7b529eb528871756e46ea9ada3799128f9804f6bf0ffafa1

                                          SHA512

                                          7f2e3cd4d6f8f0af356ee67dcf79040dae6043f9ddbf235f4dc763c04eae2ae123f7eba9803e963609f8d2505a7c2fb4bda0b685c4fca5bf05bd09241bff40a4

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                          Filesize

                                          539B

                                          MD5

                                          03eadf4199b124be8cb4b013ee42fa82

                                          SHA1

                                          6cc9b44b75b14c92e5a495e43ece96eb2060fa58

                                          SHA256

                                          63107928d721135dbcf8f4eb79ffeb9db177b8a433ff2bb0d300d2d33f85e3f1

                                          SHA512

                                          b0807f6658f16a6412025a62a673eb958c0821c3609690baf9bb14312fa1948cfbbba8c0185fc3ed1788199c8ae8e50cf04fe12cba5df996fd5c88dbcf2d5bf6

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5799fe.TMP
                                          Filesize

                                          539B

                                          MD5

                                          99839e6998fa5779e2ee4231b2ea14be

                                          SHA1

                                          11298c550fc7fe8a30c82ca667372320a2b6cbc2

                                          SHA256

                                          58dbef924695294144e350daf4ab57ccbe6634f477ba4e3fbb12fad48aaf85f8

                                          SHA512

                                          de6255ae33e99f3d4db76cff3ad8158d0d9a93a7a927f31f2741e7cf7bd147217812a8d2170facb0d5939e23198aeebefa4e4fb1a3482f14d049ab95279db86c

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                          Filesize

                                          16B

                                          MD5

                                          46295cac801e5d4857d09837238a6394

                                          SHA1

                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                          SHA256

                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                          SHA512

                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                          Filesize

                                          16B

                                          MD5

                                          206702161f94c5cd39fadd03f4014d98

                                          SHA1

                                          bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                          SHA256

                                          1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                          SHA512

                                          0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                          Filesize

                                          8KB

                                          MD5

                                          844a92d1a144d28b0536cb2a8e2cb290

                                          SHA1

                                          017b35b2ce3c2e3187b937c920128f22528eb3dd

                                          SHA256

                                          32ffea72000bc57702653a20291052a358ffb66d0e491548f6b4c4fcc76b1612

                                          SHA512

                                          8cf4312e315d8013a810670d53f4ea3b9cfbf715852f55bcb9d7109af325653376b7592da0e2d3fe7175704d7399ea863a4db45766651deeb70d5518c87172c3

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                          Filesize

                                          11KB

                                          MD5

                                          ab83e537bfad3087f0027bde1f9df141

                                          SHA1

                                          ce8e893bdec9166fe85d239e0c2cce979da94c80

                                          SHA256

                                          0484feaad57044446f2d768633bd805edf5ff409c8692b8abc09d07a2c116b69

                                          SHA512

                                          e73dde1178cae48dfddc13541d98179f8a1bf3f54326169c52f759ed939cba60ebed5e8449b2c8624608ff184c3342246729b1e2a6990ac7f7962d8c5ff45cde

                                          Download Submit

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                          Filesize

                                          8KB

                                          MD5

                                          316ad7da90961b320dd2b24144002387

                                          SHA1

                                          f650920aa35a4c7f436382a7ecf5cd63ba76e6e6

                                          SHA256

                                          bf97d9618fb370148b29e9c3e0e5c14210ae1c15d881936ea56f908b149886d8

                                          SHA512

                                          00f35d16ab4acf999449723881e42497b92b66a3f5d330351ec806e82f78c7ad5baa150d5e448b4790a73bbb33048680a236bb601717beea4023d9e5da7dfe5c

                                          Download Submit

                                        We care about your privacy.

                                        This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.