Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    138s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/04/2024, 14:19 UTC

General

  • Target

    00f5b34ae2fbe2fbe7b1919aeea39294_JaffaCakes118.html

  • Size

    33KB

  • MD5

    00f5b34ae2fbe2fbe7b1919aeea39294

  • SHA1

    998cb25061b2631d7058aaef4182686549aa0620

  • SHA256

    02fc04e41dfa1d0e69229c694f6266ca7f366d2dae7270a6f4ef9f82d09004fd

  • SHA512

    a0da071af20ffb88c45646b9fe5593441fad7922ef6fd4f0e7cb03d882457b77db7c3c9b66e8a2572bcd90a4e5186b5d7f133bbb1e86022526630b6bf3e533e2

  • SSDEEP

    768:wK4xuX0yRj312UaIRj/9xxZHB4+cntEpUsqjmOu3N:wKuuX0yRj3VB4+cntEpUsqjmOu3N

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\00f5b34ae2fbe2fbe7b1919aeea39294_JaffaCakes118.html
    1⤵
      PID:4480
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3960 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
      1⤵
        PID:2604
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4996 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
        1⤵
          PID:4976
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5728 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:8
          1⤵
            PID:4400
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=748 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:1
            1⤵
              PID:560
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5892 --field-trial-handle=2276,i,11674642242468042059,14711253743544118298,262144 --variations-seed-version /prefetch:8
              1⤵
                PID:4136

              Network

              • flag-us
                DNS
                business.bing.com
                Remote address:
                8.8.8.8:53
                Request
                business.bing.com
                IN A
                Response
                business.bing.com
                IN CNAME
                business-bing-com.b-0005.b-msedge.net
                business-bing-com.b-0005.b-msedge.net
                IN CNAME
                b-0005.b-dc-msedge.net
                b-0005.b-dc-msedge.net
                IN A
                13.107.9.158
              • flag-us
                DNS
                business.bing.com
                Remote address:
                8.8.8.8:53
                Request
                business.bing.com
                IN Unknown
                Response
                business.bing.com
                IN CNAME
                business-bing-com.b-0005.b-msedge.net
              • flag-us
                DNS
                nav-edge.smartscreen.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                nav-edge.smartscreen.microsoft.com
                IN A
                Response
                nav-edge.smartscreen.microsoft.com
                IN CNAME
                tm-prod-wd-csp-edge.trafficmanager.net
                tm-prod-wd-csp-edge.trafficmanager.net
                IN CNAME
                prod-agic-uw-2.ukwest.cloudapp.azure.com
                prod-agic-uw-2.ukwest.cloudapp.azure.com
                IN A
                51.140.244.186
              • flag-us
                DNS
                nav-edge.smartscreen.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                nav-edge.smartscreen.microsoft.com
                IN Unknown
                Response
                nav-edge.smartscreen.microsoft.com
                IN CNAME
                tm-prod-wd-csp-edge.trafficmanager.net
                tm-prod-wd-csp-edge.trafficmanager.net
                IN CNAME
                prod-agic-us-1.uksouth.cloudapp.azure.com
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN A
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
                e13678.dscb.akamaiedge.net
                IN A
                2.21.17.194
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN A
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
                e13678.dscb.akamaiedge.net
                IN A
                2.21.17.194
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN Unknown
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
              • flag-us
                DNS
                www.c-hatas.com
                Remote address:
                8.8.8.8:53
                Request
                www.c-hatas.com
                IN A
                Response
                www.c-hatas.com
                IN A
                185.151.196.51
              • flag-us
                DNS
                www.c-hatas.com
                Remote address:
                8.8.8.8:53
                Request
                www.c-hatas.com
                IN Unknown
                Response
              • flag-us
                DNS
                150.1.37.23.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                150.1.37.23.in-addr.arpa
                IN PTR
                Response
                150.1.37.23.in-addr.arpa
                IN PTR
                a23-37-1-150deploystaticakamaitechnologiescom
              • flag-us
                DNS
                158.9.107.13.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                158.9.107.13.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                186.244.140.51.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                186.244.140.51.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                bzib.nelreports.net
                Remote address:
                8.8.8.8:53
                Request
                bzib.nelreports.net
                IN A
                Response
                bzib.nelreports.net
                IN CNAME
                bzib.nelreports.net.akamaized.net
                bzib.nelreports.net.akamaized.net
                IN CNAME
                a416.dscd.akamai.net
                a416.dscd.akamai.net
                IN A
                104.109.143.23
                a416.dscd.akamai.net
                IN A
                104.109.143.24
              • flag-us
                DNS
                bzib.nelreports.net
                Remote address:
                8.8.8.8:53
                Request
                bzib.nelreports.net
                IN Unknown
                Response
                bzib.nelreports.net
                IN CNAME
                bzib.nelreports.net.akamaized.net
                bzib.nelreports.net.akamaized.net
                IN CNAME
                a416.dscd.akamai.net
              • flag-us
                DNS
                www.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                www.microsoft.com
                IN A
                Response
                www.microsoft.com
                IN CNAME
                www.microsoft.com-c-3.edgekey.net
                www.microsoft.com-c-3.edgekey.net
                IN CNAME
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                IN CNAME
                e13678.dscb.akamaiedge.net
                e13678.dscb.akamaiedge.net
                IN A
                2.21.17.194
              • flag-gb
                GET
                http://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
                Remote address:
                216.58.204.74:80
                Request
                GET /css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext HTTP/1.1
                Host: fonts.googleapis.com
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: text/css,*/*;q=0.1
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 200 OK
                Content-Type: text/css; charset=utf-8
                Access-Control-Allow-Origin: *
                Timing-Allow-Origin: *
                Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
                Expires: Fri, 26 Apr 2024 14:19:59 GMT
                Date: Fri, 26 Apr 2024 14:19:59 GMT
                Cache-Control: private, max-age=86400, stale-while-revalidate=604800
                Last-Modified: Fri, 26 Apr 2024 14:19:59 GMT
                Cross-Origin-Resource-Policy: cross-origin
                Cross-Origin-Opener-Policy: same-origin-allow-popups
                Content-Encoding: gzip
                Transfer-Encoding: chunked
                Server: ESF
                X-XSS-Protection: 0
                X-Frame-Options: SAMEORIGIN
                X-Content-Type-Options: nosniff
              • flag-gb
                GET
                http://fonts.googleapis.com/css?family=Rubik%3A100%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=4.8.8
                Remote address:
                216.58.204.74:80
                Request
                GET /css?family=Rubik%3A100%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=4.8.8 HTTP/1.1
                Host: fonts.googleapis.com
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: text/css,*/*;q=0.1
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 200 OK
                Content-Type: text/css; charset=utf-8
                Access-Control-Allow-Origin: *
                Timing-Allow-Origin: *
                Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
                Expires: Fri, 26 Apr 2024 14:19:59 GMT
                Date: Fri, 26 Apr 2024 14:19:59 GMT
                Cache-Control: private, max-age=86400, stale-while-revalidate=604800
                Last-Modified: Fri, 26 Apr 2024 14:19:59 GMT
                Cross-Origin-Resource-Policy: cross-origin
                Cross-Origin-Opener-Policy: same-origin-allow-popups
                Content-Encoding: gzip
                Transfer-Encoding: chunked
                Server: ESF
                X-XSS-Protection: 0
                X-Frame-Options: SAMEORIGIN
                X-Content-Type-Options: nosniff
              • flag-us
                DNS
                194.17.21.2.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                194.17.21.2.in-addr.arpa
                IN PTR
                Response
                194.17.21.2.in-addr.arpa
                IN PTR
                a2-21-17-194deploystaticakamaitechnologiescom
              • flag-us
                DNS
                23.143.109.104.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                23.143.109.104.in-addr.arpa
                IN PTR
                Response
                23.143.109.104.in-addr.arpa
                IN PTR
                a104-109-143-23deploystaticakamaitechnologiescom
              • flag-us
                DNS
                edgestatic.azureedge.net
                Remote address:
                8.8.8.8:53
                Request
                edgestatic.azureedge.net
                IN A
                Response
                edgestatic.azureedge.net
                IN CNAME
                edgestatic.afd.azureedge.net
                edgestatic.afd.azureedge.net
                IN CNAME
                azureedge-t-prod.trafficmanager.net
                azureedge-t-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.246.64
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.213.64
              • flag-us
                DNS
                edgestatic.azureedge.net
                Remote address:
                8.8.8.8:53
                Request
                edgestatic.azureedge.net
                IN Unknown
                Response
                edgestatic.azureedge.net
                IN CNAME
                edgestatic.afd.azureedge.net
                edgestatic.afd.azureedge.net
                IN CNAME
                azureedge-t-prod.trafficmanager.net
                azureedge-t-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
              • flag-us
                DNS
                c.s-microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                c.s-microsoft.com
                IN A
                Response
                c.s-microsoft.com
                IN CNAME
                c-s.cms.ms.akadns.net
                c-s.cms.ms.akadns.net
                IN CNAME
                c.s-microsoft.com-c.edgekey.net
                c.s-microsoft.com-c.edgekey.net
                IN CNAME
                e13678.dscg.akamaiedge.net
                e13678.dscg.akamaiedge.net
                IN A
                23.37.1.217
              • flag-us
                DNS
                c.s-microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                c.s-microsoft.com
                IN Unknown
                Response
                c.s-microsoft.com
                IN CNAME
                c-s.cms.ms.akadns.net
                c-s.cms.ms.akadns.net
                IN CNAME
                c.s-microsoft.com-c.edgekey.net
                c.s-microsoft.com-c.edgekey.net
                IN CNAME
                e13678.dscg.akamaiedge.net
              • flag-us
                DNS
                74.204.58.216.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                74.204.58.216.in-addr.arpa
                IN PTR
                Response
                74.204.58.216.in-addr.arpa
                IN PTR
                lhr25s13-in-f101e100net
                74.204.58.216.in-addr.arpa
                IN PTR
                lhr25s13-in-f74�H
                74.204.58.216.in-addr.arpa
                IN PTR
                lhr48s49-in-f10�H
              • flag-us
                DNS
                227.212.58.216.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                227.212.58.216.in-addr.arpa
                IN PTR
                Response
                227.212.58.216.in-addr.arpa
                IN PTR
                lhr25s28-in-f31e100net
                227.212.58.216.in-addr.arpa
                IN PTR
                ams16s22-in-f3�H
                227.212.58.216.in-addr.arpa
                IN PTR
                ams16s22-in-f227�H
              • flag-us
                DNS
                58.55.71.13.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                58.55.71.13.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                172.210.232.199.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                172.210.232.199.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                wcpstatic.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                wcpstatic.microsoft.com
                IN A
                Response
                wcpstatic.microsoft.com
                IN CNAME
                consentdeliveryfd.azurefd.net
                consentdeliveryfd.azurefd.net
                IN CNAME
                firstparty-azurefd-prod.trafficmanager.net
                firstparty-azurefd-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.246.64
                part-0036.t-0009.t-msedge.net
                IN A
                13.107.213.64
              • flag-us
                DNS
                wcpstatic.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                wcpstatic.microsoft.com
                IN Unknown
                Response
                wcpstatic.microsoft.com
                IN CNAME
                consentdeliveryfd.azurefd.net
                consentdeliveryfd.azurefd.net
                IN CNAME
                firstparty-azurefd-prod.trafficmanager.net
                firstparty-azurefd-prod.trafficmanager.net
                IN CNAME
                shed.dual-low.part-0036.t-0009.t-msedge.net
                shed.dual-low.part-0036.t-0009.t-msedge.net
                IN CNAME
                part-0036.t-0009.t-msedge.net
              • flag-us
                DNS
                68.159.190.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                68.159.190.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                nw-umwatson.events.data.microsoft.com
                Remote address:
                8.8.8.8:53
                Request
                nw-umwatson.events.data.microsoft.com
                IN A
                Response
                nw-umwatson.events.data.microsoft.com
                IN CNAME
                blobcollector.events.data.trafficmanager.net
                blobcollector.events.data.trafficmanager.net
                IN CNAME
                onedsblobprdcus15.centralus.cloudapp.azure.com
                onedsblobprdcus15.centralus.cloudapp.azure.com
                IN A
                52.182.143.212
              • flag-us
                POST
                https://nw-umwatson.events.data.microsoft.com/Telemetry.Request
                Remote address:
                52.182.143.212:443
                Request
                POST /Telemetry.Request HTTP/1.1
                Connection: Keep-Alive
                Content-Type: application/xml
                User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
                MSA_DeviceTicket: t=EwC4AlN5BAAUIUShNzVa+rgHy/M+tY/dQyCg+nEAAVaUnZBVAXK4wqoRM+MYwccKBN/inQtEX6gldUp5BAqc0qVitYHXvnJRmux2ENI8gklNLCA1wRHdsul9JHxUDHzV/ciztSJkIGJgcCDPCuuIHZwXY4z21dCzHjkmlO5s1vtPaQUQOOgCmb/sRxyZNz6VD+2/9Gnrnz0aR9h7CcLeSQ3f8xZmslZ+6vjEF90U4nkEiPfe7zN3TBtJS2du+OsOd+NotbBUXgRfu1h8Z5JOWe546ywEjld25QTHP7eYaphVsd7/3+47NqTFPm7hl73zaqbqGAaQZZr/f2VeQdZ4Y8YEOoudalZOCNKImBxa2XFlYeA72KOhrV4JwPvvAEkDZgAACO5gWrdOyi1/iAEEv9aQel91Z9oIFYOhLNGgqx8e3yypP2G0mxchPH/pdEwU9VPR7Do0JS451WUqcVhywJfZehNzIi4inEIaKc0MXHfpvP+SnCMZsjay4hRCE6AmdfwyHdp2RVZQVUhs0QNdZkJ/TCSzUnoQiRPb8NN3nJIFEOC1DLTqyD/+aEeJv/4yvEbxFS55yFAb+1M9/yx95c8txqnAjzk+OUhWzNeliShSeY1Mzpptp/p4JVhhaKpn9dGWes+4u6YbaQUBoUqPQcSCKT8/UCT9Eqyss+aEcQHoBlKswk/pEglwnMJG95XVDMrSjihA+XcKWqjnDO58Ud7sK4MiFsg7SrUmS2tP1cpsWmU4P5ZSSlvU/NLOcA33qkELrIdoa7bdkbfVfn7NbTmbxqztBXZMnipPVJfa7tY4hz9regdzv/7dfl8ebKmu7YqNL/DtxMMGwsBDDAK4LDS1U1KH3EtJc2pqoZOU8+2hPsSspdpotP+ABCdT26rsksK4svJ+gaIvR+osnoeAgdk/ru/tE7gB&p=
                Content-Length: 3685
                Host: nw-umwatson.events.data.microsoft.com
                Response
                HTTP/1.1 200 200 OK
                Content-Length: 634
                Content-Type: text/xml
                Server: Microsoft-HTTPAPI/2.0
                Strict-Transport-Security: max-age=31536000
                Date: Fri, 26 Apr 2024 14:20:20 GMT
              • flag-us
                DNS
                13.86.106.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                13.86.106.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                212.143.182.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                212.143.182.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                183.59.114.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                183.59.114.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                206.23.85.13.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                206.23.85.13.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                28.143.109.104.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                28.143.109.104.in-addr.arpa
                IN PTR
                Response
                28.143.109.104.in-addr.arpa
                IN PTR
                a104-109-143-28deploystaticakamaitechnologiescom
              • flag-us
                DNS
                187.83.221.88.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                187.83.221.88.in-addr.arpa
                IN PTR
                Response
                187.83.221.88.in-addr.arpa
                IN PTR
                a88-221-83-187deploystaticakamaitechnologiescom
              • flag-us
                DNS
                134.190.18.2.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                134.190.18.2.in-addr.arpa
                IN PTR
                Response
                134.190.18.2.in-addr.arpa
                IN PTR
                a2-18-190-134deploystaticakamaitechnologiescom
              • flag-us
                DNS
                www.c-hatas.com
                Remote address:
                8.8.8.8:53
                Request
                www.c-hatas.com
                IN A
                Response
                www.c-hatas.com
                IN A
                185.151.196.51
              • flag-gb
                GET
                http://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
                Remote address:
                216.58.212.227:80
                Request
                GET /s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
                Host: fonts.gstatic.com
                Connection: keep-alive
                Origin: null
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: */*
                Referer: http://fonts.googleapis.com/
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 200 OK
                Accept-Ranges: bytes
                Access-Control-Allow-Origin: *
                Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
                Cross-Origin-Resource-Policy: cross-origin
                Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
                Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
                Timing-Allow-Origin: *
                Content-Length: 35448
                X-Content-Type-Options: nosniff
                Server: sffe
                X-XSS-Protection: 0
                Date: Sat, 20 Apr 2024 18:55:04 GMT
                Expires: Sun, 20 Apr 2025 18:55:04 GMT
                Cache-Control: public, max-age=31536000
                Age: 501979
                Last-Modified: Thu, 29 Jun 2023 16:14:39 GMT
                Content-Type: font/woff2
              • flag-gb
                GET
                http://fonts.gstatic.com/s/rubik/v28/iJWEBXyIfDnIV7nEnX661A.woff2
                Remote address:
                216.58.212.227:80
                Request
                GET /s/rubik/v28/iJWEBXyIfDnIV7nEnX661A.woff2 HTTP/1.1
                Host: fonts.gstatic.com
                Connection: keep-alive
                Origin: null
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
                DNT: 1
                Accept: */*
                Referer: http://fonts.googleapis.com/
                Accept-Encoding: gzip, deflate
                Accept-Language: en-US,en;q=0.9
                Response
                HTTP/1.1 200 OK
                Accept-Ranges: bytes
                Access-Control-Allow-Origin: *
                Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
                Cross-Origin-Resource-Policy: cross-origin
                Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
                Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
                Timing-Allow-Origin: *
                Content-Length: 36408
                X-Content-Type-Options: nosniff
                Server: sffe
                X-XSS-Protection: 0
                Date: Mon, 22 Apr 2024 04:59:06 GMT
                Expires: Tue, 22 Apr 2025 04:59:06 GMT
                Cache-Control: public, max-age=31536000
                Age: 379337
                Last-Modified: Thu, 29 Jun 2023 16:10:21 GMT
                Content-Type: font/woff2
              • flag-us
                DNS
                www.c-hatas.com
                Remote address:
                8.8.8.8:53
                Request
                www.c-hatas.com
                IN A
                Response
                www.c-hatas.com
                IN A
                185.151.196.51
              • flag-us
                DNS
                233.83.221.88.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                233.83.221.88.in-addr.arpa
                IN PTR
                Response
                233.83.221.88.in-addr.arpa
                IN PTR
                a88-221-83-233deploystaticakamaitechnologiescom
              • flag-us
                DNS
                12.173.189.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                12.173.189.20.in-addr.arpa
                IN PTR
                Response
              • 13.107.9.158:443
                business.bing.com
                tls
                2.0kB
                10.0kB
                18
                24
              • 51.140.244.186:443
                nav-edge.smartscreen.microsoft.com
                tls
                10.5kB
                12.7kB
                29
                29
              • 2.21.17.194:443
                www.microsoft.com
                tls
                2.7kB
                22.8kB
                26
                36
              • 104.109.143.23:443
                bzib.nelreports.net
                tls
                2.6kB
                6.0kB
                13
                15
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 216.58.204.74:80
                http://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
                http
                806 B
                2.9kB
                8
                8

                HTTP Request

                GET http://fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext

                HTTP Response

                200
              • 216.58.204.74:80
                http://fonts.googleapis.com/css?family=Rubik%3A100%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=4.8.8
                http
                782 B
                2.0kB
                8
                8

                HTTP Request

                GET http://fonts.googleapis.com/css?family=Rubik%3A100%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=4.8.8

                HTTP Response

                200
              • 216.58.212.227:80
                fonts.gstatic.com
                236 B
                144 B
                5
                3
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                1.8kB
                7.9kB
                12
                13
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                101.2kB
                4.6MB
                2026
                3302
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                1.9kB
                7.9kB
                13
                14
              • 13.107.246.64:443
                edgestatic.azureedge.net
                tls
                8.2kB
                272.4kB
                128
                213
              • 13.107.246.64:443
                wcpstatic.microsoft.com
                tls
                4.2kB
                91.0kB
                52
                78
              • 52.182.143.212:443
                https://nw-umwatson.events.data.microsoft.com/Telemetry.Request
                tls, http
                5.9kB
                7.6kB
                14
                11

                HTTP Request

                POST https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

                HTTP Response

                200
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 88.221.83.187:443
                www.bing.com
                tls
                1.0kB
                5.1kB
                9
                11
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 216.58.212.227:80
                http://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
                http
                1.2kB
                37.4kB
                18
                30

                HTTP Request

                GET http://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

                HTTP Response

                200
              • 216.58.212.227:80
                http://fonts.gstatic.com/s/rubik/v28/iJWEBXyIfDnIV7nEnX661A.woff2
                http
                1.2kB
                38.4kB
                18
                31

                HTTP Request

                GET http://fonts.gstatic.com/s/rubik/v28/iJWEBXyIfDnIV7nEnX661A.woff2

                HTTP Response

                200
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:445
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 88.221.83.233:443
                www.bing.com
                tls
                1.3kB
                946 B
                8
                8
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 185.151.196.51:80
                www.c-hatas.com
                260 B
                5
              • 8.8.8.8:53
                business.bing.com
                dns
                63 B
                163 B
                1
                1

                DNS Request

                business.bing.com

                DNS Response

                13.107.9.158

              • 8.8.8.8:53
                business.bing.com
                dns
                63 B
                171 B
                1
                1

                DNS Request

                business.bing.com

              • 8.8.8.8:53
                nav-edge.smartscreen.microsoft.com
                dns
                80 B
                199 B
                1
                1

                DNS Request

                nav-edge.smartscreen.microsoft.com

                DNS Response

                51.140.244.186

              • 8.8.8.8:53
                nav-edge.smartscreen.microsoft.com
                dns
                80 B
                244 B
                1
                1

                DNS Request

                nav-edge.smartscreen.microsoft.com

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                230 B
                1
                1

                DNS Request

                www.microsoft.com

                DNS Response

                2.21.17.194

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                230 B
                1
                1

                DNS Request

                www.microsoft.com

                DNS Response

                2.21.17.194

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                275 B
                1
                1

                DNS Request

                www.microsoft.com

              • 8.8.8.8:53
                www.c-hatas.com
                dns
                61 B
                77 B
                1
                1

                DNS Request

                www.c-hatas.com

                DNS Response

                185.151.196.51

              • 8.8.8.8:53
                www.c-hatas.com
                dns
                61 B
                124 B
                1
                1

                DNS Request

                www.c-hatas.com

              • 8.8.8.8:53
                150.1.37.23.in-addr.arpa
                dns
                70 B
                133 B
                1
                1

                DNS Request

                150.1.37.23.in-addr.arpa

              • 8.8.8.8:53
                158.9.107.13.in-addr.arpa
                dns
                71 B
                157 B
                1
                1

                DNS Request

                158.9.107.13.in-addr.arpa

              • 8.8.8.8:53
                186.244.140.51.in-addr.arpa
                dns
                73 B
                147 B
                1
                1

                DNS Request

                186.244.140.51.in-addr.arpa

              • 8.8.8.8:53
                bzib.nelreports.net
                dns
                65 B
                172 B
                1
                1

                DNS Request

                bzib.nelreports.net

                DNS Response

                104.109.143.23
                104.109.143.24

              • 8.8.8.8:53
                bzib.nelreports.net
                dns
                65 B
                204 B
                1
                1

                DNS Request

                bzib.nelreports.net

              • 8.8.8.8:53
                www.microsoft.com
                dns
                63 B
                230 B
                1
                1

                DNS Request

                www.microsoft.com

                DNS Response

                2.21.17.194

              • 8.8.8.8:53
                194.17.21.2.in-addr.arpa
                dns
                70 B
                133 B
                1
                1

                DNS Request

                194.17.21.2.in-addr.arpa

              • 8.8.8.8:53
                23.143.109.104.in-addr.arpa
                dns
                73 B
                139 B
                1
                1

                DNS Request

                23.143.109.104.in-addr.arpa

              • 8.8.8.8:53
                edgestatic.azureedge.net
                dns
                70 B
                245 B
                1
                1

                DNS Request

                edgestatic.azureedge.net

                DNS Response

                13.107.246.64
                13.107.213.64

              • 8.8.8.8:53
                edgestatic.azureedge.net
                dns
                70 B
                273 B
                1
                1

                DNS Request

                edgestatic.azureedge.net

              • 8.8.8.8:53
                c.s-microsoft.com
                dns
                63 B
                193 B
                1
                1

                DNS Request

                c.s-microsoft.com

                DNS Response

                23.37.1.217

              • 8.8.8.8:53
                c.s-microsoft.com
                dns
                63 B
                238 B
                1
                1

                DNS Request

                c.s-microsoft.com

              • 8.8.8.8:53
                74.204.58.216.in-addr.arpa
                dns
                72 B
                171 B
                1
                1

                DNS Request

                74.204.58.216.in-addr.arpa

              • 8.8.8.8:53
                227.212.58.216.in-addr.arpa
                dns
                73 B
                171 B
                1
                1

                DNS Request

                227.212.58.216.in-addr.arpa

              • 8.8.8.8:53
                58.55.71.13.in-addr.arpa
                dns
                70 B
                144 B
                1
                1

                DNS Request

                58.55.71.13.in-addr.arpa

              • 8.8.8.8:53
                172.210.232.199.in-addr.arpa
                dns
                74 B
                128 B
                1
                1

                DNS Request

                172.210.232.199.in-addr.arpa

              • 8.8.8.8:53
                wcpstatic.microsoft.com
                dns
                69 B
                265 B
                1
                1

                DNS Request

                wcpstatic.microsoft.com

                DNS Response

                13.107.246.64
                13.107.213.64

              • 8.8.8.8:53
                wcpstatic.microsoft.com
                dns
                69 B
                280 B
                1
                1

                DNS Request

                wcpstatic.microsoft.com

              • 8.8.8.8:53
                68.159.190.20.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                68.159.190.20.in-addr.arpa

              • 8.8.8.8:53
                nw-umwatson.events.data.microsoft.com
                dns
                83 B
                214 B
                1
                1

                DNS Request

                nw-umwatson.events.data.microsoft.com

                DNS Response

                52.182.143.212

              • 8.8.8.8:53
                13.86.106.20.in-addr.arpa
                dns
                71 B
                157 B
                1
                1

                DNS Request

                13.86.106.20.in-addr.arpa

              • 8.8.8.8:53
                212.143.182.52.in-addr.arpa
                dns
                73 B
                147 B
                1
                1

                DNS Request

                212.143.182.52.in-addr.arpa

              • 8.8.8.8:53
                183.59.114.20.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                183.59.114.20.in-addr.arpa

              • 8.8.8.8:53
                206.23.85.13.in-addr.arpa
                dns
                71 B
                145 B
                1
                1

                DNS Request

                206.23.85.13.in-addr.arpa

              • 8.8.8.8:53
                28.143.109.104.in-addr.arpa
                dns
                73 B
                139 B
                1
                1

                DNS Request

                28.143.109.104.in-addr.arpa

              • 8.8.8.8:53
                187.83.221.88.in-addr.arpa
                dns
                72 B
                137 B
                1
                1

                DNS Request

                187.83.221.88.in-addr.arpa

              • 224.0.0.251:5353
                204 B
                3
              • 8.8.8.8:53
                134.190.18.2.in-addr.arpa
                dns
                71 B
                135 B
                1
                1

                DNS Request

                134.190.18.2.in-addr.arpa

              • 8.8.8.8:53
                www.c-hatas.com
                dns
                61 B
                77 B
                1
                1

                DNS Request

                www.c-hatas.com

                DNS Response

                185.151.196.51

              • 8.8.8.8:53
                www.c-hatas.com
                dns
                61 B
                77 B
                1
                1

                DNS Request

                www.c-hatas.com

                DNS Response

                185.151.196.51

              • 8.8.8.8:53
                233.83.221.88.in-addr.arpa
                dns
                72 B
                137 B
                1
                1

                DNS Request

                233.83.221.88.in-addr.arpa

              • 8.8.8.8:53
                12.173.189.20.in-addr.arpa
                dns
                72 B
                158 B
                1
                1

                DNS Request

                12.173.189.20.in-addr.arpa

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              We care about your privacy.

              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.