a5c1a980692f23bbe57b41b2e8ee5c8ebd56af065df9ffdfed2c71a3efdd6a60

Analysis

max time kernel
141s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
14/05/2024, 19:10 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42a5694b85016eff83c1794432b9dbbd_JaffaCakes118.html
Size

27KB
MD5

42a5694b85016eff83c1794432b9dbbd
SHA1

0f9906bd496e6a8814475871af89a211e4b5ca69
SHA256

a5c1a980692f23bbe57b41b2e8ee5c8ebd56af065df9ffdfed2c71a3efdd6a60
SHA512

b20cef2578493c8bf8f88f5d9c3220d85a856c7391b07e22fec7b182976d06058237b15c5ac416328ce0c39fa43e4bf7b254bba5baafd2440ef3e171bc936e03
SSDEEP

192:uwL8b5nYWnQjxn5Q/LnQieqNnmnQOkEntZdnQTbnJnQ9ewam6MhmgQl7MBKqnYnM:VQ/2pyGmDSkXa

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\42a5694b85016eff83c1794432b9dbbd_JaffaCakes118.html
1⤵
PID:4516

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=5244 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:1
1⤵
PID:3560

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4864 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:1
1⤵
PID:4148

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4884 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:8
1⤵
PID:4168

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5704 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:1
1⤵
PID:1080

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=2848 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:8
1⤵
PID:2192

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5892 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:8
1⤵
PID:4980

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5492 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:8
1⤵
PID:4868

Network

DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-2.ukwest.cloudapp.azure.com

prod-agic-uw-2.ukwest.cloudapp.azure.com

IN A

51.140.244.186
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

186.244.140.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

186.244.140.51.in-addr.arpa

IN PTR

Response
DNS

158.6.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.6.107.13.in-addr.arpa

IN PTR

Response

158.6.107.13.in-addr.arpa

IN PTR

bingforbusinesscom
DNS

125.162.192.69.in-addr.arpa

Remote address:

8.8.8.8:53

Request

125.162.192.69.in-addr.arpa

IN PTR

Response

125.162.192.69.in-addr.arpa

IN PTR

a69-192-162-125deploystaticakamaitechnologiescom
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

cdd.net.ua

Remote address:

8.8.8.8:53

Request

cdd.net.ua

IN A

Response

cdd.net.ua

IN A

89.184.88.6
DNS

cdd.net.ua

Remote address:

8.8.8.8:53

Request

cdd.net.ua

IN Unknown

Response
GET

http://cdd.net.ua/apothecary/stylesheet.css

Remote address:

89.184.88.6:80

Request

GET /apothecary/stylesheet.css HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/back.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/back.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/header_account.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/header_account.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/header_checkout.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/header_checkout.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/header_cart.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/header_cart.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/infobox/corner_left.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/infobox/corner_left.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/infobox/corner_right_left.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/store_logo.png

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/store_logo.png HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/infobox/arrow_right.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/sup%202.jpg

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/sup%202.jpg HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/includes/languages/russian/images/buttons/button_quick_find.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/table_background_default.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/table_background_default.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/carta%20cdd.JPG

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/carta%20cdd.JPG HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/sup%201.jpg

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/sup%201.jpg HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/rev.jpg

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/rev.jpg HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/Pikovi.jpg

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/Pikovi.jpg HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/sdsdsd.jpg

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/sdsdsd.jpg HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/Pikovit.jpg

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/Pikovit.jpg HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/p.jpg

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/p.jpg HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/infobox/corner_right.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/infobox/corner_right.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/includes/languages/russian/images/icon.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/includes/languages/english/images/icon.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
GET

http://cdd.net.ua/apothecary/images/pixel_trans.gif

Remote address:

89.184.88.6:80

Request

GET /apothecary/images/pixel_trans.gif HTTP/1.1
Host: cdd.net.ua
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: nginx
Date: Tue, 14 May 2024 19:10:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
DNS

194.17.21.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.17.21.2.in-addr.arpa

IN PTR

Response

194.17.21.2.in-addr.arpa

IN PTR

a2-21-17-194deploystaticakamaitechnologiescom
DNS

6.88.184.89.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.88.184.89.in-addr.arpa

IN PTR

Response

6.88.184.89.in-addr.arpa

IN PTR

svh16mirohostnet
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

92.122.166.26

a416.dscd.akamai.net

IN A

92.122.166.2
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

26.166.122.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.166.122.92.in-addr.arpa

IN PTR

Response

26.166.122.92.in-addr.arpa

IN PTR

a92-122-166-26deploystaticakamaitechnologiescom
DNS

73.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.31.126.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

240.221.184.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.221.184.93.in-addr.arpa

IN PTR

Response
DNS

209.205.72.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.205.72.20.in-addr.arpa

IN PTR

Response
DNS

nw-umwatson.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

nw-umwatson.events.data.microsoft.com

IN A

Response

nw-umwatson.events.data.microsoft.com

IN CNAME

blobcollector.events.data.trafficmanager.net

blobcollector.events.data.trafficmanager.net

IN CNAME

onedsblobprdeus15.eastus.cloudapp.azure.com

onedsblobprdeus15.eastus.cloudapp.azure.com

IN A

20.42.73.29
POST

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

Remote address:

20.42.73.29:443

Request

POST /Telemetry.Request HTTP/1.1
Connection: Keep-Alive
Content-Type: application/xml
User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
Content-Length: 3685
Host: nw-umwatson.events.data.microsoft.com

Response

HTTP/1.1 200 200 OK

Content-Length: 1035
Content-Type: text/xml
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Date: Tue, 14 May 2024 19:11:01 GMT
DNS

154.239.44.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.239.44.20.in-addr.arpa

IN PTR

Response
DNS

29.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.73.42.20.in-addr.arpa

IN PTR

Response
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

69.192.161.161
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

64.246.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.246.107.13.in-addr.arpa

IN PTR

Response
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net
DNS

26.165.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.165.165.52.in-addr.arpa

IN PTR

Response
DNS

206.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.85.13.in-addr.arpa

IN PTR

Response
DNS

37.56.20.217.in-addr.arpa

Remote address:

8.8.8.8:53

Request

37.56.20.217.in-addr.arpa

IN PTR

Response
DNS

104.219.191.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.219.191.52.in-addr.arpa

IN PTR

Response
DNS

168.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

168.61.62.23.in-addr.arpa

IN PTR

Response

168.61.62.23.in-addr.arpa

IN PTR

a23-62-61-168deploystaticakamaitechnologiescom
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

30.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

30.243.111.52.in-addr.arpa

IN PTR

Response
DNS

chromewebstore.googleapis.com

Remote address:

8.8.8.8:53

Request

chromewebstore.googleapis.com

IN A

Response

chromewebstore.googleapis.com

IN A

142.250.179.74

chromewebstore.googleapis.com

IN A

142.250.179.106

chromewebstore.googleapis.com

IN A

142.250.178.138

chromewebstore.googleapis.com

IN A

142.250.201.170

chromewebstore.googleapis.com

IN A

172.217.18.202

chromewebstore.googleapis.com

IN A

216.58.214.74

chromewebstore.googleapis.com

IN A

142.250.75.234

chromewebstore.googleapis.com

IN A

216.58.214.170

chromewebstore.googleapis.com

IN A

172.217.20.170

chromewebstore.googleapis.com

IN A

172.217.20.202

chromewebstore.googleapis.com

IN A

216.58.215.42
DNS

chromewebstore.googleapis.com

Remote address:

8.8.8.8:53

Request

chromewebstore.googleapis.com

IN Unknown

Response
DNS

74.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.179.250.142.in-addr.arpa

IN PTR

Response

74.179.250.142.in-addr.arpa

IN PTR

par21s19-in-f101e100net
DNS

89.16.208.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

89.16.208.104.in-addr.arpa

IN PTR

Response

51.140.244.186:443

nav-edge.smartscreen.microsoft.com

tls

10.5kB
12.7kB
29
29
13.107.6.158:443

business.bing.com

tls

2.0kB
9.7kB
17
22
2.21.17.194:443

www.microsoft.com

tls

2.8kB
22.8kB
27
36
89.184.88.6:80

http://cdd.net.ua/apothecary/stylesheet.css

http

555 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/stylesheet.css

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/back.gif

http

602 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/back.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/header_account.gif

http

612 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/header_account.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/header_checkout.gif

http

613 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/header_checkout.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/header_cart.gif

http

609 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/header_cart.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/infobox/corner_left.gif

http

617 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/infobox/corner_left.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif

http

623 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/infobox/corner_right_left.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/store_logo.png

http

608 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/store_logo.png

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif

http

617 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/infobox/arrow_right.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/sup%202.jpg

http

605 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/sup%202.jpg

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif

http

650 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/includes/languages/russian/images/buttons/button_quick_find.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/table_background_default.gif

http

622 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/table_background_default.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/carta%20cdd.JPG

http

609 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/carta%20cdd.JPG

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/sup%201.jpg

http

605 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/sup%201.jpg

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/rev.jpg

http

601 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/rev.jpg

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/Pikovi.jpg

http

604 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/Pikovi.jpg

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/sdsdsd.jpg

http

604 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/sdsdsd.jpg

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/Pikovit.jpg

http

605 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/Pikovit.jpg

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/p.jpg

http

599 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/p.jpg

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/infobox/corner_right.gif

http

618 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/infobox/corner_right.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif

http

629 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/includes/languages/russian/images/icon.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif

http

629 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/includes/languages/english/images/icon.gif

HTTP Response

404
89.184.88.6:80

http://cdd.net.ua/apothecary/images/pixel_trans.gif

http

609 B
536 B
5
4

HTTP Request

GET http://cdd.net.ua/apothecary/images/pixel_trans.gif

HTTP Response

404
92.122.166.26:443

bzib.nelreports.net

tls

2.5kB
6.0kB
12
15
20.42.73.29:443

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

tls, http

4.9kB
8.0kB
13
11

HTTP Request

POST https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

HTTP Response

200
13.107.246.64:443

edgestatic.azureedge.net

tls

1.7kB
7.6kB
10
11
13.107.246.64:443

edgestatic.azureedge.net

tls

820 B
271 B
6
4
13.107.246.64:443

edgestatic.azureedge.net

tls

106.1kB
4.6MB
2100
3331
13.107.246.64:443

edgestatic.azureedge.net

tls

820 B
311 B
6
5
13.107.246.64:443

wcpstatic.microsoft.com

tls

4.0kB
91.0kB
52
78
13.107.246.64:443

edgestatic.azureedge.net

tls

10.0kB
272.4kB
158
212
13.107.253.64:443

46 B
40 B
1
1
23.62.61.168:443

www.bing.com

tls

1.1kB
5.2kB
9
12
142.250.179.74:443

chromewebstore.googleapis.com

tls

2.1kB
7.8kB
18
15
23.62.61.144:443

www.bing.com

tls

1.3kB
946 B
8
8

8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
199 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

51.140.244.186
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
244 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
185 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

186.244.140.51.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

186.244.140.51.in-addr.arpa
8.8.8.8:53

158.6.107.13.in-addr.arpa

dns

71 B
104 B
1
1

DNS Request

158.6.107.13.in-addr.arpa
8.8.8.8:53

125.162.192.69.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

125.162.192.69.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

cdd.net.ua

dns

56 B
72 B
1
1

DNS Request

cdd.net.ua

DNS Response

89.184.88.6
8.8.8.8:53

cdd.net.ua

dns

56 B
128 B
1
1

DNS Request

cdd.net.ua
8.8.8.8:53

194.17.21.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

194.17.21.2.in-addr.arpa
8.8.8.8:53

6.88.184.89.in-addr.arpa

dns

70 B
102 B
1
1

DNS Request

6.88.184.89.in-addr.arpa
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

92.122.166.26

92.122.166.2
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

26.166.122.92.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

26.166.122.92.in-addr.arpa
8.8.8.8:53

73.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

73.31.126.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

240.221.184.93.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

240.221.184.93.in-addr.arpa
8.8.8.8:53

209.205.72.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

209.205.72.20.in-addr.arpa
8.8.8.8:53

nw-umwatson.events.data.microsoft.com

dns

83 B
211 B
1
1

DNS Request

nw-umwatson.events.data.microsoft.com

DNS Response

20.42.73.29
8.8.8.8:53

154.239.44.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

154.239.44.20.in-addr.arpa
8.8.8.8:53

29.73.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

29.73.42.20.in-addr.arpa
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

69.192.161.161
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
245 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
273 B
1
1

DNS Request

edgestatic.azureedge.net
224.0.0.251:5353

204 B
3
8.8.8.8:53

64.246.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.246.107.13.in-addr.arpa
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
265 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64

13.107.213.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
280 B
1
1

DNS Request

wcpstatic.microsoft.com
8.8.8.8:53

26.165.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

26.165.165.52.in-addr.arpa
8.8.8.8:53

206.23.85.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

206.23.85.13.in-addr.arpa
8.8.8.8:53

37.56.20.217.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

37.56.20.217.in-addr.arpa
8.8.8.8:53

104.219.191.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

104.219.191.52.in-addr.arpa
8.8.8.8:53

168.61.62.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

168.61.62.23.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

30.243.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

30.243.111.52.in-addr.arpa
8.8.8.8:53

chromewebstore.googleapis.com

dns

75 B
251 B
1
1

DNS Request

chromewebstore.googleapis.com

DNS Response

142.250.179.74

142.250.179.106

142.250.178.138

142.250.201.170

172.217.18.202

216.58.214.74

142.250.75.234

216.58.214.170

172.217.20.170

172.217.20.202

216.58.215.42
8.8.8.8:53

chromewebstore.googleapis.com

dns

75 B
132 B
1
1

DNS Request

chromewebstore.googleapis.com
8.8.8.8:53

74.179.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

74.179.250.142.in-addr.arpa
8.8.8.8:53

89.16.208.104.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

89.16.208.104.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request