Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
138s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
26/04/2024, 14:19 UTC
Static task
static1
Behavioral task
behavioral1
Sample
00f5b34ae2fbe2fbe7b1919aeea39294_JaffaCakes118.html
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
00f5b34ae2fbe2fbe7b1919aeea39294_JaffaCakes118.html
Resource
win10v2004-20240226-en
General
-
Target
00f5b34ae2fbe2fbe7b1919aeea39294_JaffaCakes118.html
-
Size
33KB
-
MD5
00f5b34ae2fbe2fbe7b1919aeea39294
-
SHA1
998cb25061b2631d7058aaef4182686549aa0620
-
SHA256
02fc04e41dfa1d0e69229c694f6266ca7f366d2dae7270a6f4ef9f82d09004fd
-
SHA512
a0da071af20ffb88c45646b9fe5593441fad7922ef6fd4f0e7cb03d882457b77db7c3c9b66e8a2572bcd90a4e5186b5d7f133bbb1e86022526630b6bf3e533e2
-
SSDEEP
768:wK4xuX0yRj312UaIRj/9xxZHB4+cntEpUsqjmOu3N:wKuuX0yRj3VB4+cntEpUsqjmOu3N
Malware Config
Signatures
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\00f5b34ae2fbe2fbe7b1919aeea39294_JaffaCakes118.html1⤵PID:4480
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3960 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:11⤵PID:2604
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4996 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:11⤵PID:4976
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5728 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:81⤵PID:4400
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=748 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:11⤵PID:560
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5892 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:81⤵PID:4136
Network
-
Remote address:8.8.8.8:53Requestbusiness.bing.comIN AResponsebusiness.bing.comIN CNAMEbusiness-bing-com.b-0005.b-msedge.netbusiness-bing-com.b-0005.b-msedge.netIN CNAMEb-0005.b-dc-msedge.netb-0005.b-dc-msedge.netIN A13.107.9.158
-
Remote address:8.8.8.8:53Requestbusiness.bing.comIN UnknownResponsebusiness.bing.comIN CNAMEbusiness-bing-com.b-0005.b-msedge.net
-
Remote address:8.8.8.8:53Requestnav-edge.smartscreen.microsoft.comIN AResponsenav-edge.smartscreen.microsoft.comIN CNAMEtm-prod-wd-csp-edge.trafficmanager.nettm-prod-wd-csp-edge.trafficmanager.netIN CNAMEprod-agic-uw-2.ukwest.cloudapp.azure.comprod-agic-uw-2.ukwest.cloudapp.azure.comIN A51.140.244.186
-
Remote address:8.8.8.8:53Requestnav-edge.smartscreen.microsoft.comIN UnknownResponsenav-edge.smartscreen.microsoft.comIN CNAMEtm-prod-wd-csp-edge.trafficmanager.nettm-prod-wd-csp-edge.trafficmanager.netIN CNAMEprod-agic-us-1.uksouth.cloudapp.azure.com
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A2.21.17.194
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A2.21.17.194
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN UnknownResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.net
-
Remote address:8.8.8.8:53Requestwww.c-hatas.comIN AResponsewww.c-hatas.comIN A185.151.196.51
-
Remote address:8.8.8.8:53Requestwww.c-hatas.comIN UnknownResponse
-
Remote address:8.8.8.8:53Request150.1.37.23.in-addr.arpaIN PTRResponse150.1.37.23.in-addr.arpaIN PTRa23-37-1-150deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request158.9.107.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request186.244.140.51.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestbzib.nelreports.netIN AResponsebzib.nelreports.netIN CNAMEbzib.nelreports.net.akamaized.netbzib.nelreports.net.akamaized.netIN CNAMEa416.dscd.akamai.neta416.dscd.akamai.netIN A104.109.143.23a416.dscd.akamai.netIN A104.109.143.24
-
Remote address:8.8.8.8:53Requestbzib.nelreports.netIN UnknownResponsebzib.nelreports.netIN CNAMEbzib.nelreports.net.akamaized.netbzib.nelreports.net.akamaized.netIN CNAMEa416.dscd.akamai.net
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A2.21.17.194
-
GEThttp://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-extRemote address:216.58.204.74:80RequestGET /css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 26 Apr 2024 14:19:59 GMT
Date: Fri, 26 Apr 2024 14:19:59 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Fri, 26 Apr 2024 14:19:59 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
-
GEThttp://fonts.googleapis.com/css?family=Rubik%3A100%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=4.8.8Remote address:216.58.204.74:80RequestGET /css?family=Rubik%3A100%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=4.8.8 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 26 Apr 2024 14:19:59 GMT
Date: Fri, 26 Apr 2024 14:19:59 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Fri, 26 Apr 2024 14:19:59 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
-
Remote address:8.8.8.8:53Request194.17.21.2.in-addr.arpaIN PTRResponse194.17.21.2.in-addr.arpaIN PTRa2-21-17-194deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request23.143.109.104.in-addr.arpaIN PTRResponse23.143.109.104.in-addr.arpaIN PTRa104-109-143-23deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestedgestatic.azureedge.netIN AResponseedgestatic.azureedge.netIN CNAMEedgestatic.afd.azureedge.netedgestatic.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0036.t-0009.t-msedge.netshed.dual-low.part-0036.t-0009.t-msedge.netIN CNAMEpart-0036.t-0009.t-msedge.netpart-0036.t-0009.t-msedge.netIN A13.107.246.64part-0036.t-0009.t-msedge.netIN A13.107.213.64
-
Remote address:8.8.8.8:53Requestedgestatic.azureedge.netIN UnknownResponseedgestatic.azureedge.netIN CNAMEedgestatic.afd.azureedge.netedgestatic.afd.azureedge.netIN CNAMEazureedge-t-prod.trafficmanager.netazureedge-t-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0036.t-0009.t-msedge.netshed.dual-low.part-0036.t-0009.t-msedge.netIN CNAMEpart-0036.t-0009.t-msedge.net
-
Remote address:8.8.8.8:53Requestc.s-microsoft.comIN AResponsec.s-microsoft.comIN CNAMEc-s.cms.ms.akadns.netc-s.cms.ms.akadns.netIN CNAMEc.s-microsoft.com-c.edgekey.netc.s-microsoft.com-c.edgekey.netIN CNAMEe13678.dscg.akamaiedge.nete13678.dscg.akamaiedge.netIN A23.37.1.217
-
Remote address:8.8.8.8:53Requestc.s-microsoft.comIN UnknownResponsec.s-microsoft.comIN CNAMEc-s.cms.ms.akadns.netc-s.cms.ms.akadns.netIN CNAMEc.s-microsoft.com-c.edgekey.netc.s-microsoft.com-c.edgekey.netIN CNAMEe13678.dscg.akamaiedge.net
-
Remote address:8.8.8.8:53Request74.204.58.216.in-addr.arpaIN PTRResponse74.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f101e100net74.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f74�H74.204.58.216.in-addr.arpaIN PTRlhr48s49-in-f10�H
-
Remote address:8.8.8.8:53Request227.212.58.216.in-addr.arpaIN PTRResponse227.212.58.216.in-addr.arpaIN PTRlhr25s28-in-f31e100net227.212.58.216.in-addr.arpaIN PTRams16s22-in-f3�H227.212.58.216.in-addr.arpaIN PTRams16s22-in-f227�H
-
Remote address:8.8.8.8:53Request58.55.71.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestwcpstatic.microsoft.comIN AResponsewcpstatic.microsoft.comIN CNAMEconsentdeliveryfd.azurefd.netconsentdeliveryfd.azurefd.netIN CNAMEfirstparty-azurefd-prod.trafficmanager.netfirstparty-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0036.t-0009.t-msedge.netshed.dual-low.part-0036.t-0009.t-msedge.netIN CNAMEpart-0036.t-0009.t-msedge.netpart-0036.t-0009.t-msedge.netIN A13.107.246.64part-0036.t-0009.t-msedge.netIN A13.107.213.64
-
Remote address:8.8.8.8:53Requestwcpstatic.microsoft.comIN UnknownResponsewcpstatic.microsoft.comIN CNAMEconsentdeliveryfd.azurefd.netconsentdeliveryfd.azurefd.netIN CNAMEfirstparty-azurefd-prod.trafficmanager.netfirstparty-azurefd-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0036.t-0009.t-msedge.netshed.dual-low.part-0036.t-0009.t-msedge.netIN CNAMEpart-0036.t-0009.t-msedge.net
-
Remote address:8.8.8.8:53Request68.159.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestnw-umwatson.events.data.microsoft.comIN AResponsenw-umwatson.events.data.microsoft.comIN CNAMEblobcollector.events.data.trafficmanager.netblobcollector.events.data.trafficmanager.netIN CNAMEonedsblobprdcus15.centralus.cloudapp.azure.comonedsblobprdcus15.centralus.cloudapp.azure.comIN A52.182.143.212
-
Remote address:52.182.143.212:443RequestPOST /Telemetry.Request HTTP/1.1
Connection: Keep-Alive
Content-Type: application/xml
User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
MSA_DeviceTicket: t=EwC4AlN5BAAUIUShNzVa+rgHy/M+tY/dQyCg+nEAAVaUnZBVAXK4wqoRM+MYwccKBN/inQtEX6gldUp5BAqc0qVitYHXvnJRmux2ENI8gklNLCA1wRHdsul9JHxUDHzV/ciztSJkIGJgcCDPCuuIHZwXY4z21dCzHjkmlO5s1vtPaQUQOOgCmb/sRxyZNz6VD+2/9Gnrnz0aR9h7CcLeSQ3f8xZmslZ+6vjEF90U4nkEiPfe7zN3TBtJS2du+OsOd+NotbBUXgRfu1h8Z5JOWe546ywEjld25QTHP7eYaphVsd7/3+47NqTFPm7hl73zaqbqGAaQZZr/f2VeQdZ4Y8YEOoudalZOCNKImBxa2XFlYeA72KOhrV4JwPvvAEkDZgAACO5gWrdOyi1/iAEEv9aQel91Z9oIFYOhLNGgqx8e3yypP2G0mxchPH/pdEwU9VPR7Do0JS451WUqcVhywJfZehNzIi4inEIaKc0MXHfpvP+SnCMZsjay4hRCE6AmdfwyHdp2RVZQVUhs0QNdZkJ/TCSzUnoQiRPb8NN3nJIFEOC1DLTqyD/+aEeJv/4yvEbxFS55yFAb+1M9/yx95c8txqnAjzk+OUhWzNeliShSeY1Mzpptp/p4JVhhaKpn9dGWes+4u6YbaQUBoUqPQcSCKT8/UCT9Eqyss+aEcQHoBlKswk/pEglwnMJG95XVDMrSjihA+XcKWqjnDO58Ud7sK4MiFsg7SrUmS2tP1cpsWmU4P5ZSSlvU/NLOcA33qkELrIdoa7bdkbfVfn7NbTmbxqztBXZMnipPVJfa7tY4hz9regdzv/7dfl8ebKmu7YqNL/DtxMMGwsBDDAK4LDS1U1KH3EtJc2pqoZOU8+2hPsSspdpotP+ABCdT26rsksK4svJ+gaIvR+osnoeAgdk/ru/tE7gB&p=
Content-Length: 3685
Host: nw-umwatson.events.data.microsoft.com
ResponseHTTP/1.1 200 200 OK
Content-Type: text/xml
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Date: Fri, 26 Apr 2024 14:20:20 GMT
-
Remote address:8.8.8.8:53Request13.86.106.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request212.143.182.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request183.59.114.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request206.23.85.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request28.143.109.104.in-addr.arpaIN PTRResponse28.143.109.104.in-addr.arpaIN PTRa104-109-143-28deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request187.83.221.88.in-addr.arpaIN PTRResponse187.83.221.88.in-addr.arpaIN PTRa88-221-83-187deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request134.190.18.2.in-addr.arpaIN PTRResponse134.190.18.2.in-addr.arpaIN PTRa2-18-190-134deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestwww.c-hatas.comIN AResponsewww.c-hatas.comIN A185.151.196.51
-
Remote address:216.58.212.227:80RequestGET /s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
Connection: keep-alive
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: */*
Referer: http://fonts.googleapis.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35448
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 20 Apr 2024 18:55:04 GMT
Expires: Sun, 20 Apr 2025 18:55:04 GMT
Cache-Control: public, max-age=31536000
Age: 501979
Last-Modified: Thu, 29 Jun 2023 16:14:39 GMT
Content-Type: font/woff2
-
Remote address:216.58.212.227:80RequestGET /s/rubik/v28/iJWEBXyIfDnIV7nEnX661A.woff2 HTTP/1.1
Host: fonts.gstatic.com
Connection: keep-alive
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: */*
Referer: http://fonts.googleapis.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 36408
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 22 Apr 2024 04:59:06 GMT
Expires: Tue, 22 Apr 2025 04:59:06 GMT
Cache-Control: public, max-age=31536000
Age: 379337
Last-Modified: Thu, 29 Jun 2023 16:10:21 GMT
Content-Type: font/woff2
-
Remote address:8.8.8.8:53Requestwww.c-hatas.comIN AResponsewww.c-hatas.comIN A185.151.196.51
-
Remote address:8.8.8.8:53Request233.83.221.88.in-addr.arpaIN PTRResponse233.83.221.88.in-addr.arpaIN PTRa88-221-83-233deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request12.173.189.20.in-addr.arpaIN PTRResponse
-
2.0kB 10.0kB 18 24
-
10.5kB 12.7kB 29 29
-
2.7kB 22.8kB 26 36
-
2.6kB 6.0kB 13 15
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
216.58.204.74:80http://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-exthttp806 B 2.9kB 8 8
HTTP Request
GET http://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-extHTTP Response
200 -
216.58.204.74:80http://fonts.googleapis.com/css?family=Rubik%3A100%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=4.8.8http782 B 2.0kB 8 8
HTTP Request
GET http://fonts.googleapis.com/css?family=Rubik%3A100%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=4.8.8HTTP Response
200 -
236 B 144 B 5 3
-
1.8kB 7.9kB 12 13
-
101.2kB 4.6MB 2026 3302
-
1.9kB 7.9kB 13 14
-
8.2kB 272.4kB 128 213
-
4.2kB 91.0kB 52 78
-
5.9kB 7.6kB 14 11
HTTP Request
POST https://nw-umwatson.events.data.microsoft.com/Telemetry.RequestHTTP Response
200 -
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
1.0kB 5.1kB 9 11
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
1.2kB 37.4kB 18 30
HTTP Request
GET http://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2HTTP Response
200 -
1.2kB 38.4kB 18 31
HTTP Request
GET http://fonts.gstatic.com/s/rubik/v28/iJWEBXyIfDnIV7nEnX661A.woff2HTTP Response
200 -
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
260 B 5
-
1.3kB 946 B 8 8
-
260 B 5
-
260 B 5
-
63 B 163 B 1 1
DNS Request
business.bing.com
DNS Response
13.107.9.158
-
63 B 171 B 1 1
DNS Request
business.bing.com
-
80 B 199 B 1 1
DNS Request
nav-edge.smartscreen.microsoft.com
DNS Response
51.140.244.186
-
80 B 244 B 1 1
DNS Request
nav-edge.smartscreen.microsoft.com
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
2.21.17.194
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
2.21.17.194
-
63 B 275 B 1 1
DNS Request
www.microsoft.com
-
61 B 77 B 1 1
DNS Request
www.c-hatas.com
DNS Response
185.151.196.51
-
61 B 124 B 1 1
DNS Request
www.c-hatas.com
-
70 B 133 B 1 1
DNS Request
150.1.37.23.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
158.9.107.13.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
186.244.140.51.in-addr.arpa
-
65 B 172 B 1 1
DNS Request
bzib.nelreports.net
DNS Response
104.109.143.23104.109.143.24
-
65 B 204 B 1 1
DNS Request
bzib.nelreports.net
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
2.21.17.194
-
70 B 133 B 1 1
DNS Request
194.17.21.2.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
23.143.109.104.in-addr.arpa
-
70 B 245 B 1 1
DNS Request
edgestatic.azureedge.net
DNS Response
13.107.246.6413.107.213.64
-
70 B 273 B 1 1
DNS Request
edgestatic.azureedge.net
-
63 B 193 B 1 1
DNS Request
c.s-microsoft.com
DNS Response
23.37.1.217
-
63 B 238 B 1 1
DNS Request
c.s-microsoft.com
-
72 B 171 B 1 1
DNS Request
74.204.58.216.in-addr.arpa
-
73 B 171 B 1 1
DNS Request
227.212.58.216.in-addr.arpa
-
70 B 144 B 1 1
DNS Request
58.55.71.13.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.210.232.199.in-addr.arpa
-
69 B 265 B 1 1
DNS Request
wcpstatic.microsoft.com
DNS Response
13.107.246.6413.107.213.64
-
69 B 280 B 1 1
DNS Request
wcpstatic.microsoft.com
-
72 B 158 B 1 1
DNS Request
68.159.190.20.in-addr.arpa
-
83 B 214 B 1 1
DNS Request
nw-umwatson.events.data.microsoft.com
DNS Response
52.182.143.212
-
71 B 157 B 1 1
DNS Request
13.86.106.20.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
212.143.182.52.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
183.59.114.20.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
206.23.85.13.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
28.143.109.104.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
187.83.221.88.in-addr.arpa
-
204 B 3
-
71 B 135 B 1 1
DNS Request
134.190.18.2.in-addr.arpa
-
61 B 77 B 1 1
DNS Request
www.c-hatas.com
DNS Response
185.151.196.51
-
61 B 77 B 1 1
DNS Request
www.c-hatas.com
DNS Response
185.151.196.51
-
72 B 137 B 1 1
DNS Request
233.83.221.88.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
12.173.189.20.in-addr.arpa