Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

3f4b963df3...8.html

windows7-x64

1

3f4b963df3...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/05/2024, 11:37 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3f4b963df33effa9abbf207a48801388_JaffaCakes118.html

  • Size

    13KB

  • MD5

    3f4b963df33effa9abbf207a48801388

  • SHA1

    08f771c45cfb0ca78a3d2504c5c3c7c5f0b593c3

  • SHA256

    e8ac5f325ae739b6de6b8c8f0da35409ee74113f65692779876e266e3105a10a

  • SHA512

    2e203855aa1869cea031ce0444d68eea2ac1cf09ef62dec0ec6c40ba5450de1d61c188d1b49aa3e2967eee3e54b01665fdf4ebd1322d9d497d1e79804679dc5a

  • SSDEEP

    384:OqxbrnlSTxrVuV1oYdlmxZxciW3P3Z+9OIz6:OArlAu8Y6Cf8l6

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\3f4b963df33effa9abbf207a48801388_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4088
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff76e346f8,0x7fff76e34708,0x7fff76e34718
      2⤵
        PID:4188
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
        2⤵
          PID:1056
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1212
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
          2⤵
            PID:1408
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
            2⤵
              PID:372
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
              2⤵
                PID:1968
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
                2⤵
                  PID:4864
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5596 /prefetch:8
                  2⤵
                    PID:4464
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5596 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:4776
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1
                    2⤵
                      PID:4224
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
                      2⤵
                        PID:3576
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
                        2⤵
                          PID:1628
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
                          2⤵
                            PID:3592
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,9576776715823579995,12433126191601736612,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1908 /prefetch:2
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:5056
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:4428
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:736
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:2060

                              Network

                              • flag-us
                                DNS
                                23.181.190.20.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                23.181.190.20.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                172.210.232.199.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                172.210.232.199.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                g.bing.com
                                Remote address:
                                8.8.8.8:53
                                Request
                                g.bing.com
                                IN A
                                Response
                                g.bing.com
                                IN CNAME
                                g-bing-com.dual-a-0034.a-msedge.net
                                g-bing-com.dual-a-0034.a-msedge.net
                                IN CNAME
                                dual-a-0034.a-msedge.net
                                dual-a-0034.a-msedge.net
                                IN A
                                204.79.197.237
                                dual-a-0034.a-msedge.net
                                IN A
                                13.107.21.237
                              • flag-us
                                GET
                                https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid=
                                Remote address:
                                204.79.197.237:443
                                Request
                                GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid= HTTP/2.0
                                host: g.bing.com
                                accept-encoding: gzip, deflate
                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                Response
                                HTTP/2.0 204
                                cache-control: no-cache, must-revalidate
                                pragma: no-cache
                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                set-cookie: MUID=2E3073D91F786F9F0B2B67A71E5F6ED5; domain=.bing.com; expires=Sat, 07-Jun-2025 11:37:52 GMT; path=/; SameSite=None; Secure; Priority=High;
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                access-control-allow-origin: *
                                x-cache: CONFIG_NOCACHE
                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                x-msedge-ref: Ref A: AF6F393AAA614C809737BE6BCE10F604 Ref B: LON04EDGE0718 Ref C: 2024-05-13T11:37:52Z
                                date: Mon, 13 May 2024 11:37:52 GMT
                              • flag-us
                                GET
                                https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid=
                                Remote address:
                                204.79.197.237:443
                                Request
                                GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid= HTTP/2.0
                                host: g.bing.com
                                accept-encoding: gzip, deflate
                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                cookie: MUID=2E3073D91F786F9F0B2B67A71E5F6ED5
                                Response
                                HTTP/2.0 204
                                cache-control: no-cache, must-revalidate
                                pragma: no-cache
                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                set-cookie: MSPTC=J9oqbeU9XgX0QOKinPlz9IwARqCrRMHejydHEOJ9FFc; domain=.bing.com; expires=Sat, 07-Jun-2025 11:37:52 GMT; path=/; Partitioned; secure; SameSite=None
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                access-control-allow-origin: *
                                x-cache: CONFIG_NOCACHE
                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                x-msedge-ref: Ref A: 978552008FDC4C6E89E4D2D749311A89 Ref B: LON04EDGE0718 Ref C: 2024-05-13T11:37:52Z
                                date: Mon, 13 May 2024 11:37:52 GMT
                              • flag-us
                                GET
                                https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid=
                                Remote address:
                                204.79.197.237:443
                                Request
                                GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid= HTTP/2.0
                                host: g.bing.com
                                accept-encoding: gzip, deflate
                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                cookie: MUID=2E3073D91F786F9F0B2B67A71E5F6ED5; MSPTC=J9oqbeU9XgX0QOKinPlz9IwARqCrRMHejydHEOJ9FFc
                                Response
                                HTTP/2.0 204
                                cache-control: no-cache, must-revalidate
                                pragma: no-cache
                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                access-control-allow-origin: *
                                x-cache: CONFIG_NOCACHE
                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                x-msedge-ref: Ref A: DD412B2CBB744E668E77AEA3A0A9AC85 Ref B: LON04EDGE0718 Ref C: 2024-05-13T11:37:52Z
                                date: Mon, 13 May 2024 11:37:52 GMT
                              • flag-us
                                DNS
                                237.197.79.204.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                237.197.79.204.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                43.58.199.20.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                43.58.199.20.in-addr.arpa
                                IN PTR
                                Response
                              • flag-nl
                                GET
                                https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                                Remote address:
                                23.62.61.72:443
                                Request
                                GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
                                host: www.bing.com
                                accept: */*
                                cookie: MUID=2E3073D91F786F9F0B2B67A71E5F6ED5; MSPTC=J9oqbeU9XgX0QOKinPlz9IwARqCrRMHejydHEOJ9FFc
                                accept-encoding: gzip, deflate, br
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                Response
                                HTTP/2.0 200
                                cache-control: public, max-age=2592000
                                content-type: image/png
                                access-control-allow-origin: *
                                access-control-allow-headers: *
                                access-control-allow-methods: GET, POST, OPTIONS
                                timing-allow-origin: *
                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                content-length: 1107
                                date: Mon, 13 May 2024 11:37:54 GMT
                                alt-svc: h3=":443"; ma=93600
                                x-cdn-traceid: 0.443d3e17.1715600274.166d665
                              • flag-us
                                DNS
                                72.61.62.23.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                72.61.62.23.in-addr.arpa
                                IN PTR
                                Response
                                72.61.62.23.in-addr.arpa
                                IN PTR
                                a23-62-61-72deploystaticakamaitechnologiescom
                              • flag-us
                                DNS
                                www.youtube.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                www.youtube.com
                                IN A
                                Response
                                www.youtube.com
                                IN CNAME
                                youtube-ui.l.google.com
                                youtube-ui.l.google.com
                                IN A
                                172.217.20.206
                                youtube-ui.l.google.com
                                IN A
                                142.250.179.78
                                youtube-ui.l.google.com
                                IN A
                                142.250.179.110
                                youtube-ui.l.google.com
                                IN A
                                142.250.178.142
                                youtube-ui.l.google.com
                                IN A
                                142.250.201.174
                                youtube-ui.l.google.com
                                IN A
                                216.58.214.78
                                youtube-ui.l.google.com
                                IN A
                                142.250.74.238
                                youtube-ui.l.google.com
                                IN A
                                142.250.75.238
                                youtube-ui.l.google.com
                                IN A
                                216.58.214.174
                                youtube-ui.l.google.com
                                IN A
                                172.217.20.174
                              • flag-fr
                                GET
                                https://www.youtube.com/embed/q4P4BjjXghQ
                                msedge.exe
                                Remote address:
                                172.217.20.206:443
                                Request
                                GET /embed/q4P4BjjXghQ HTTP/2.0
                                host: www.youtube.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                sec-ch-ua-mobile: ?0
                                upgrade-insecure-requests: 1
                                dnt: 1
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                sec-fetch-site: cross-site
                                sec-fetch-mode: navigate
                                sec-fetch-dest: iframe
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-fr
                                GET
                                https://www.youtube.com/s/player/17fd9675/www-player.css
                                msedge.exe
                                Remote address:
                                172.217.20.206:443
                                Request
                                GET /s/player/17fd9675/www-player.css HTTP/2.0
                                host: www.youtube.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: text/css,*/*;q=0.1
                                sec-fetch-site: same-origin
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: style
                                referer: https://www.youtube.com/embed/q4P4BjjXghQ
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-fr
                                GET
                                https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js
                                msedge.exe
                                Remote address:
                                172.217.20.206:443
                                Request
                                GET /s/player/17fd9675/player_ias.vflset/en_US/embed.js HTTP/2.0
                                host: www.youtube.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: same-origin
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                referer: https://www.youtube.com/embed/q4P4BjjXghQ
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-fr
                                GET
                                https://www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js
                                msedge.exe
                                Remote address:
                                172.217.20.206:443
                                Request
                                GET /s/player/17fd9675/www-embed-player.vflset/www-embed-player.js HTTP/2.0
                                host: www.youtube.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: same-origin
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                referer: https://www.youtube.com/embed/q4P4BjjXghQ
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-fr
                                GET
                                https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js
                                msedge.exe
                                Remote address:
                                172.217.20.206:443
                                Request
                                GET /s/player/17fd9675/player_ias.vflset/en_US/base.js HTTP/2.0
                                host: www.youtube.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: same-origin
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                referer: https://www.youtube.com/embed/q4P4BjjXghQ
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-us
                                DNS
                                i.ytimg.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                i.ytimg.com
                                IN A
                                Response
                                i.ytimg.com
                                IN A
                                172.217.20.182
                                i.ytimg.com
                                IN A
                                172.217.20.214
                                i.ytimg.com
                                IN A
                                216.58.215.54
                                i.ytimg.com
                                IN A
                                216.58.213.86
                                i.ytimg.com
                                IN A
                                142.250.179.86
                                i.ytimg.com
                                IN A
                                142.250.179.118
                                i.ytimg.com
                                IN A
                                142.250.178.150
                                i.ytimg.com
                                IN A
                                142.250.201.182
                                i.ytimg.com
                                IN A
                                172.217.18.214
                                i.ytimg.com
                                IN A
                                216.58.214.86
                                i.ytimg.com
                                IN A
                                142.250.75.246
                                i.ytimg.com
                                IN A
                                216.58.214.182
                              • flag-fr
                                GET
                                https://i.ytimg.com/vi_webp/q4P4BjjXghQ/default.webp
                                msedge.exe
                                Remote address:
                                172.217.20.182:443
                                Request
                                GET /vi_webp/q4P4BjjXghQ/default.webp HTTP/2.0
                                host: i.ytimg.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: image
                                referer: https://www.youtube.com/
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-us
                                DNS
                                googleads.g.doubleclick.net
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                googleads.g.doubleclick.net
                                IN A
                                Response
                                googleads.g.doubleclick.net
                                IN A
                                142.250.179.66
                              • flag-fr
                                GET
                                https://googleads.g.doubleclick.net/pagead/id
                                msedge.exe
                                Remote address:
                                142.250.179.66:443
                                Request
                                GET /pagead/id HTTP/2.0
                                host: googleads.g.doubleclick.net
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                origin: https://www.youtube.com
                                sec-fetch-site: cross-site
                                sec-fetch-mode: cors
                                sec-fetch-dest: empty
                                referer: https://www.youtube.com/
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-us
                                DNS
                                206.20.217.172.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                206.20.217.172.in-addr.arpa
                                IN PTR
                                Response
                                206.20.217.172.in-addr.arpa
                                IN PTR
                                par10s50-in-f141e100net
                                206.20.217.172.in-addr.arpa
                                IN PTR
                                waw02s08-in-f14�I
                                206.20.217.172.in-addr.arpa
                                IN PTR
                                waw02s08-in-f206�I
                              • flag-us
                                DNS
                                182.20.217.172.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                182.20.217.172.in-addr.arpa
                                IN PTR
                                Response
                                182.20.217.172.in-addr.arpa
                                IN PTR
                                waw02s07-in-f221e100net
                                182.20.217.172.in-addr.arpa
                                IN PTR
                                waw02s07-in-f182�I
                                182.20.217.172.in-addr.arpa
                                IN PTR
                                par10s49-in-f22�I
                              • flag-us
                                DNS
                                163.20.217.172.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                163.20.217.172.in-addr.arpa
                                IN PTR
                                Response
                                163.20.217.172.in-addr.arpa
                                IN PTR
                                waw02s07-in-f1631e100net
                                163.20.217.172.in-addr.arpa
                                IN PTR
                                par10s49-in-f3�J
                                163.20.217.172.in-addr.arpa
                                IN PTR
                                waw02s07-in-f3�J
                              • flag-us
                                DNS
                                66.179.250.142.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                66.179.250.142.in-addr.arpa
                                IN PTR
                                Response
                                66.179.250.142.in-addr.arpa
                                IN PTR
                                par21s19-in-f21e100net
                              • flag-us
                                DNS
                                static.doubleclick.net
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                static.doubleclick.net
                                IN A
                                Response
                                static.doubleclick.net
                                IN A
                                172.217.20.198
                              • flag-us
                                DNS
                                jnn-pa.googleapis.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                jnn-pa.googleapis.com
                                IN A
                                Response
                                jnn-pa.googleapis.com
                                IN A
                                142.250.201.170
                                jnn-pa.googleapis.com
                                IN A
                                216.58.214.74
                                jnn-pa.googleapis.com
                                IN A
                                142.250.74.234
                                jnn-pa.googleapis.com
                                IN A
                                142.250.75.234
                                jnn-pa.googleapis.com
                                IN A
                                216.58.214.170
                                jnn-pa.googleapis.com
                                IN A
                                172.217.20.170
                                jnn-pa.googleapis.com
                                IN A
                                172.217.20.202
                                jnn-pa.googleapis.com
                                IN A
                                142.250.179.74
                                jnn-pa.googleapis.com
                                IN A
                                142.250.179.106
                                jnn-pa.googleapis.com
                                IN A
                                142.250.178.138
                              • flag-us
                                DNS
                                www.google.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                www.google.com
                                IN A
                                Response
                                www.google.com
                                IN A
                                142.250.178.132
                              • flag-fr
                                GET
                                https://www.google.com/js/th/4FCBsbVWt5jZVKm36Bs_QtpgBkunTUSSklJnPgMburg.js
                                msedge.exe
                                Remote address:
                                142.250.178.132:443
                                Request
                                GET /js/th/4FCBsbVWt5jZVKm36Bs_QtpgBkunTUSSklJnPgMburg.js HTTP/2.0
                                host: www.google.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                referer: https://www.youtube.com/
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-fr
                                OPTIONS
                                https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                msedge.exe
                                Remote address:
                                142.250.201.170:443
                                Request
                                OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
                                host: jnn-pa.googleapis.com
                                accept: */*
                                access-control-request-method: POST
                                access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                origin: https://www.youtube.com
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                sec-fetch-mode: cors
                                sec-fetch-site: cross-site
                                sec-fetch-dest: empty
                                referer: https://www.youtube.com/
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-fr
                                GET
                                https://static.doubleclick.net/instream/ad_status.js
                                msedge.exe
                                Remote address:
                                172.217.20.198:443
                                Request
                                GET /instream/ad_status.js HTTP/2.0
                                host: static.doubleclick.net
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                referer: https://www.youtube.com/
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-us
                                DNS
                                play.google.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                play.google.com
                                IN A
                                Response
                                play.google.com
                                IN A
                                142.250.179.78
                              • flag-fr
                                OPTIONS
                                https://play.google.com/log?format=json&hasfast=true&authuser=0
                                msedge.exe
                                Remote address:
                                142.250.179.78:443
                                Request
                                OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                host: play.google.com
                                accept: */*
                                access-control-request-method: POST
                                access-control-request-headers: x-goog-authuser
                                origin: https://www.youtube.com
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                sec-fetch-mode: cors
                                sec-fetch-site: cross-site
                                sec-fetch-dest: empty
                                referer: https://www.youtube.com/
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-fr
                                OPTIONS
                                https://play.google.com/log?format=json&hasfast=true&authuser=0
                                msedge.exe
                                Remote address:
                                142.250.179.78:443
                                Request
                                OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                host: play.google.com
                                accept: */*
                                access-control-request-method: POST
                                access-control-request-headers: x-goog-authuser
                                origin: https://www.youtube.com
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                sec-fetch-mode: cors
                                sec-fetch-site: cross-site
                                sec-fetch-dest: empty
                                referer: https://www.youtube.com/
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-us
                                DNS
                                170.201.250.142.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                170.201.250.142.in-addr.arpa
                                IN PTR
                                Response
                                170.201.250.142.in-addr.arpa
                                IN PTR
                                par21s23-in-f101e100net
                              • flag-us
                                DNS
                                132.178.250.142.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                132.178.250.142.in-addr.arpa
                                IN PTR
                                Response
                                132.178.250.142.in-addr.arpa
                                IN PTR
                                par21s22-in-f41e100net
                              • flag-us
                                DNS
                                67.213.58.216.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                67.213.58.216.in-addr.arpa
                                IN PTR
                                Response
                                67.213.58.216.in-addr.arpa
                                IN PTR
                                lhr25s01-in-f31e100net
                                67.213.58.216.in-addr.arpa
                                IN PTR
                                lhr25s01-in-f67�G
                                67.213.58.216.in-addr.arpa
                                IN PTR
                                par21s18-in-f3�G
                              • flag-us
                                DNS
                                198.20.217.172.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                198.20.217.172.in-addr.arpa
                                IN PTR
                                Response
                                198.20.217.172.in-addr.arpa
                                IN PTR
                                waw02s08-in-f61e100net
                                198.20.217.172.in-addr.arpa
                                IN PTR
                                par10s50-in-f6�H
                                198.20.217.172.in-addr.arpa
                                IN PTR
                                waw02s08-in-f198�H
                              • flag-us
                                DNS
                                78.179.250.142.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                78.179.250.142.in-addr.arpa
                                IN PTR
                                Response
                                78.179.250.142.in-addr.arpa
                                IN PTR
                                par21s19-in-f141e100net
                              • flag-us
                                DNS
                                86.23.85.13.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                86.23.85.13.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                183.59.114.20.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                183.59.114.20.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                15.164.165.52.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                15.164.165.52.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                139.53.16.96.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                139.53.16.96.in-addr.arpa
                                IN PTR
                                Response
                                139.53.16.96.in-addr.arpa
                                IN PTR
                                a96-16-53-139deploystaticakamaitechnologiescom
                              • flag-us
                                DNS
                                79.190.18.2.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                79.190.18.2.in-addr.arpa
                                IN PTR
                                Response
                                79.190.18.2.in-addr.arpa
                                IN PTR
                                a2-18-190-79deploystaticakamaitechnologiescom
                              • flag-us
                                DNS
                                77.190.18.2.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                77.190.18.2.in-addr.arpa
                                IN PTR
                                Response
                                77.190.18.2.in-addr.arpa
                                IN PTR
                                a2-18-190-77deploystaticakamaitechnologiescom
                              • flag-us
                                DNS
                                11.227.111.52.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                11.227.111.52.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                194.98.74.40.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                194.98.74.40.in-addr.arpa
                                IN PTR
                                Response
                              • 134.249.116.78:80
                                msedge.exe
                                260 B
                                 5
                              • 134.249.116.78:80
                                msedge.exe
                                260 B
                                 5
                              • 204.79.197.237:443
                                https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid=
                                tls, http2
                                2.0kB
                                 9.2kB
                                 21
                                18

                                HTTP Request

                                GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid=

                                HTTP Response

                                204

                                HTTP Request

                                GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid=

                                HTTP Response

                                204

                                HTTP Request

                                GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=f6d2477a8e9e41e59d120744b1fefafd&localId=w:1C8BDEF5-626C-207C-B098-8D9DBC09C387&deviceId=6966565258095583&anid=

                                HTTP Response

                                204
                              • 23.62.61.72:443
                                https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                                tls, http2
                                1.5kB
                                 6.4kB
                                 16
                                12

                                HTTP Request

                                GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

                                HTTP Response

                                200
                              • 172.217.20.206:443
                                https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js
                                tls, http2
                                msedge.exe
                                21.8kB
                                 1.1MB
                                 439
                                785

                                HTTP Request

                                GET https://www.youtube.com/embed/q4P4BjjXghQ

                                HTTP Request

                                GET https://www.youtube.com/s/player/17fd9675/www-player.css

                                HTTP Request

                                GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js

                                HTTP Request

                                GET https://www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js

                                HTTP Request

                                GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js
                              • 172.217.20.182:443
                                https://i.ytimg.com/vi_webp/q4P4BjjXghQ/default.webp
                                tls, http2
                                msedge.exe
                                1.8kB
                                 9.7kB
                                 15
                                16

                                HTTP Request

                                GET https://i.ytimg.com/vi_webp/q4P4BjjXghQ/default.webp
                              • 142.250.179.66:443
                                https://googleads.g.doubleclick.net/pagead/id
                                tls, http2
                                msedge.exe
                                1.8kB
                                 7.0kB
                                 14
                                16

                                HTTP Request

                                GET https://googleads.g.doubleclick.net/pagead/id
                              • 142.250.178.132:443
                                https://www.google.com/js/th/4FCBsbVWt5jZVKm36Bs_QtpgBkunTUSSklJnPgMburg.js
                                tls, http2
                                msedge.exe
                                2.5kB
                                 28.2kB
                                 29
                                30

                                HTTP Request

                                GET https://www.google.com/js/th/4FCBsbVWt5jZVKm36Bs_QtpgBkunTUSSklJnPgMburg.js
                              • 142.250.201.170:443
                                https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                tls, http2
                                msedge.exe
                                1.8kB
                                 7.0kB
                                 14
                                16

                                HTTP Request

                                OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                              • 172.217.20.198:443
                                https://static.doubleclick.net/instream/ad_status.js
                                tls, http2
                                msedge.exe
                                1.7kB
                                 6.9kB
                                 14
                                14

                                HTTP Request

                                GET https://static.doubleclick.net/instream/ad_status.js
                              • 142.250.179.78:443
                                https://play.google.com/log?format=json&hasfast=true&authuser=0
                                tls, http2
                                msedge.exe
                                1.9kB
                                 8.8kB
                                 16
                                19

                                HTTP Request

                                OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0

                                HTTP Request

                                OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                              • 142.250.179.78:443
                                play.google.com
                                tls, http2
                                msedge.exe
                                1.0kB
                                 7.9kB
                                 10
                                10
                              • 8.8.8.8:53
                                23.181.190.20.in-addr.arpa
                                dns
                                72 B
                                 158 B
                                 1
                                1

                                DNS Request

                                23.181.190.20.in-addr.arpa

                              • 8.8.8.8:53
                                172.210.232.199.in-addr.arpa
                                dns
                                74 B
                                 128 B
                                 1
                                1

                                DNS Request

                                172.210.232.199.in-addr.arpa

                              • 8.8.8.8:53
                                g.bing.com
                                dns
                                56 B
                                 151 B
                                 1
                                1

                                DNS Request

                                g.bing.com

                                DNS Response

                                204.79.197.237
                                13.107.21.237

                              • 8.8.8.8:53
                                237.197.79.204.in-addr.arpa
                                dns
                                73 B
                                 143 B
                                 1
                                1

                                DNS Request

                                237.197.79.204.in-addr.arpa

                              • 8.8.8.8:53
                                43.58.199.20.in-addr.arpa
                                dns
                                71 B
                                 157 B
                                 1
                                1

                                DNS Request

                                43.58.199.20.in-addr.arpa

                              • 8.8.8.8:53
                                72.61.62.23.in-addr.arpa
                                dns
                                70 B
                                 133 B
                                 1
                                1

                                DNS Request

                                72.61.62.23.in-addr.arpa

                              • 224.0.0.251:5353
                                msedge.exe
                                459 B
                                 7
                              • 8.8.8.8:53
                                www.youtube.com
                                dns
                                msedge.exe
                                61 B
                                 255 B
                                 1
                                1

                                DNS Request

                                www.youtube.com

                                DNS Response

                                172.217.20.206
                                142.250.179.78
                                142.250.179.110
                                142.250.178.142
                                142.250.201.174
                                216.58.214.78
                                142.250.74.238
                                142.250.75.238
                                216.58.214.174
                                172.217.20.174

                              • 8.8.8.8:53
                                i.ytimg.com
                                dns
                                msedge.exe
                                57 B
                                 249 B
                                 1
                                1

                                DNS Request

                                i.ytimg.com

                                DNS Response

                                172.217.20.182
                                172.217.20.214
                                216.58.215.54
                                216.58.213.86
                                142.250.179.86
                                142.250.179.118
                                142.250.178.150
                                142.250.201.182
                                172.217.18.214
                                216.58.214.86
                                142.250.75.246
                                216.58.214.182

                              • 172.217.20.206:443
                                www.youtube.com
                                https
                                msedge.exe
                                15.7kB
                                 43.8kB
                                 33
                                46
                              • 8.8.8.8:53
                                googleads.g.doubleclick.net
                                dns
                                msedge.exe
                                73 B
                                 89 B
                                 1
                                1

                                DNS Request

                                googleads.g.doubleclick.net

                                DNS Response

                                142.250.179.66

                              • 8.8.8.8:53
                                206.20.217.172.in-addr.arpa
                                dns
                                73 B
                                 173 B
                                 1
                                1

                                DNS Request

                                206.20.217.172.in-addr.arpa

                              • 8.8.8.8:53
                                182.20.217.172.in-addr.arpa
                                dns
                                73 B
                                 173 B
                                 1
                                1

                                DNS Request

                                182.20.217.172.in-addr.arpa

                              • 8.8.8.8:53
                                163.20.217.172.in-addr.arpa
                                dns
                                73 B
                                 171 B
                                 1
                                1

                                DNS Request

                                163.20.217.172.in-addr.arpa

                              • 8.8.8.8:53
                                66.179.250.142.in-addr.arpa
                                dns
                                73 B
                                 111 B
                                 1
                                1

                                DNS Request

                                66.179.250.142.in-addr.arpa

                              • 8.8.8.8:53
                                static.doubleclick.net
                                dns
                                msedge.exe
                                68 B
                                 84 B
                                 1
                                1

                                DNS Request

                                static.doubleclick.net

                                DNS Response

                                172.217.20.198

                              • 142.250.179.66:443
                                googleads.g.doubleclick.net
                                https
                                msedge.exe
                                3.6kB
                                 7.4kB
                                 8
                                10
                              • 8.8.8.8:53
                                jnn-pa.googleapis.com
                                dns
                                msedge.exe
                                67 B
                                 227 B
                                 1
                                1

                                DNS Request

                                jnn-pa.googleapis.com

                                DNS Response

                                142.250.201.170
                                216.58.214.74
                                142.250.74.234
                                142.250.75.234
                                216.58.214.170
                                172.217.20.170
                                172.217.20.202
                                142.250.179.74
                                142.250.179.106
                                142.250.178.138

                              • 8.8.8.8:53
                                www.google.com
                                dns
                                msedge.exe
                                60 B
                                 76 B
                                 1
                                1

                                DNS Request

                                www.google.com

                                DNS Response

                                142.250.178.132

                              • 142.250.201.170:443
                                jnn-pa.googleapis.com
                                https
                                msedge.exe
                                6.2kB
                                 51.7kB
                                 28
                                48
                              • 8.8.8.8:53
                                play.google.com
                                dns
                                msedge.exe
                                61 B
                                 77 B
                                 1
                                1

                                DNS Request

                                play.google.com

                                DNS Response

                                142.250.179.78

                              • 142.250.179.78:443
                                play.google.com
                                https
                                msedge.exe
                                5.0kB
                                 7.6kB
                                 11
                                13
                              • 8.8.8.8:53
                                132.178.250.142.in-addr.arpa
                                dns
                                74 B
                                 112 B
                                 1
                                1

                                DNS Request

                                132.178.250.142.in-addr.arpa

                              • 8.8.8.8:53
                                170.201.250.142.in-addr.arpa
                                dns
                                74 B
                                 113 B
                                 1
                                1

                                DNS Request

                                170.201.250.142.in-addr.arpa

                              • 8.8.8.8:53
                                67.213.58.216.in-addr.arpa
                                dns
                                72 B
                                 169 B
                                 1
                                1

                                DNS Request

                                67.213.58.216.in-addr.arpa

                              • 8.8.8.8:53
                                198.20.217.172.in-addr.arpa
                                dns
                                73 B
                                 171 B
                                 1
                                1

                                DNS Request

                                198.20.217.172.in-addr.arpa

                              • 8.8.8.8:53
                                78.179.250.142.in-addr.arpa
                                dns
                                73 B
                                 112 B
                                 1
                                1

                                DNS Request

                                78.179.250.142.in-addr.arpa

                              • 8.8.8.8:53
                                86.23.85.13.in-addr.arpa
                                dns
                                70 B
                                 144 B
                                 1
                                1

                                DNS Request

                                86.23.85.13.in-addr.arpa

                              • 8.8.8.8:53
                                183.59.114.20.in-addr.arpa
                                dns
                                72 B
                                 158 B
                                 1
                                1

                                DNS Request

                                183.59.114.20.in-addr.arpa

                              • 8.8.8.8:53
                                15.164.165.52.in-addr.arpa
                                dns
                                72 B
                                 146 B
                                 1
                                1

                                DNS Request

                                15.164.165.52.in-addr.arpa

                              • 8.8.8.8:53
                                139.53.16.96.in-addr.arpa
                                dns
                                71 B
                                 135 B
                                 1
                                1

                                DNS Request

                                139.53.16.96.in-addr.arpa

                              • 142.250.179.78:443
                                play.google.com
                                https
                                msedge.exe
                                6.4kB
                                 4.0kB
                                 15
                                17
                              • 8.8.8.8:53
                                79.190.18.2.in-addr.arpa
                                dns
                                70 B
                                 133 B
                                 1
                                1

                                DNS Request

                                79.190.18.2.in-addr.arpa

                              • 8.8.8.8:53
                                77.190.18.2.in-addr.arpa
                                dns
                                70 B
                                 133 B
                                 1
                                1

                                DNS Request

                                77.190.18.2.in-addr.arpa

                              • 8.8.8.8:53
                                11.227.111.52.in-addr.arpa
                                dns
                                72 B
                                 158 B
                                 1
                                1

                                DNS Request

                                11.227.111.52.in-addr.arpa

                              • 142.250.179.66:443
                                googleads.g.doubleclick.net
                                https
                                msedge.exe
                                2.4kB
                                 3.7kB
                                 9
                                11
                              • 8.8.8.8:53
                                194.98.74.40.in-addr.arpa
                                dns
                                71 B
                                 145 B
                                 1
                                1

                                DNS Request

                                194.98.74.40.in-addr.arpa

                              MITRE ATT&CK Enterprise v15

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                Filesize

                                152B

                                MD5

                                a8e767fd33edd97d306efb6905f93252

                                SHA1

                                a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

                                SHA256

                                c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

                                SHA512

                                07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                Filesize

                                152B

                                MD5

                                439b5e04ca18c7fb02cf406e6eb24167

                                SHA1

                                e0c5bb6216903934726e3570b7d63295b9d28987

                                SHA256

                                247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

                                SHA512

                                d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                Filesize

                                216B

                                MD5

                                ec5c985ec0ff328dc100eabc89d0002a

                                SHA1

                                f19cbffe7783ea2bd50382736b3d3765ffbb3fe0

                                SHA256

                                02a804039a3f598e65ef9254684d4651afc21970583031cfe20e9bcc75858cc2

                                SHA512

                                3bdb88e9c7e0c9716b5ad3bd41cd73430b4cb1f765c59c04354fdb50119c85bfce90a704531c93512c399b4c37982272306bf1446c7580afc68adf11e2ccec9a

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                Filesize

                                2KB

                                MD5

                                ccd5b173a32f6779b14a0f9d36d137c1

                                SHA1

                                5339609373c7c76dffc67e53a9258ec31d684222

                                SHA256

                                5d61bbd1fc53ea35dc0ea015eeb468121fc5d032648be842f9946f7cc4055e7f

                                SHA512

                                2af7e5f4f66e0456ebe6be0b89ed54aee749115077ee0e12f51c3c2f5c7db67fc75f180812c69b3bc80a531f3195777257e2d6e56ecd53d074310bca6e6629d0

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                Filesize

                                6KB

                                MD5

                                c2bab36cbd2f2b4e07846c0c1e1d763a

                                SHA1

                                7b6c6822a607eecc8653b04ae397faccfbe62fd2

                                SHA256

                                169c73071c29684731f070e43eedabeb69d8bb39f4369a0e396c9eb884174c2c

                                SHA512

                                f1bbac28dde014e04dacb54776b87cfce3af1f0435a18773cbe56d2d4896c60d67817fa5279c94724f4a1a29308eb4c208842922144926a18a74e07290cf3916

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                Filesize

                                6KB

                                MD5

                                73cf06e8f05ea6bf7acd75b16afa06f4

                                SHA1

                                89e5d8b56d04155b249aed87861a5037a15dfae9

                                SHA256

                                22f14927f5c4eeae8150407794ec5fbc66e5b8c8a1d85a1b12abaefa2cb3f6bd

                                SHA512

                                7ef16d29c2c482048c41a95faabe7444c3e145516308b459ea0f3031e3542de28878cc58c359be5c829d41ff2eb2dd17f9751be1d4bfdb5a4d9802279bb51678

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                Filesize

                                16B

                                MD5

                                206702161f94c5cd39fadd03f4014d98

                                SHA1

                                bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                SHA256

                                1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                SHA512

                                0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                Filesize

                                16B

                                MD5

                                46295cac801e5d4857d09837238a6394

                                SHA1

                                44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                SHA256

                                0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                SHA512

                                8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                Filesize

                                11KB

                                MD5

                                350628de071e42eed9f116e9606dbc0f

                                SHA1

                                1bab087551bf975954031284e990f8fb1805d5cd

                                SHA256

                                513243c5e128763e377a7fd0acff53d203dbb3949555224357b0d8c14073a066

                                SHA512

                                2f2e30f9687192344cebdc5244dda05a321c10485a0dc3a5fd72c3ef39a6e64bef297bcb8f2d9a00cf7edb00bc5e8948be2ce54ec0dfc5ca14653e5aaa5a7e96

                                Download Submit

                              We care about your privacy.

                              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.