hxxps://docs[.]google[.]com/document/d/14I3DrG7XLdZ90LWd-R120zb6N88rTVjx/edit?usp=sharing_eil_m&rtpof=true&sd=true&ts=665884dc

Analysis

max time kernel
143s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
30/05/2024, 14:21 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://docs.google.com/document/d/14I3DrG7XLdZ90LWd-R120zb6N88rTVjx/edit?usp=sharing_eil_m&rtpof=true&sd=true&ts=665884dc

Score

1^/10

Malware Config

Signatures

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1181767204-2009306918-3718769404-1000\{3313668C-CB53-4C71-B7F5-082DEDD5BFAA}	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://docs.google.com/document/d/14I3DrG7XLdZ90LWd-R120zb6N88rTVjx/edit?usp=sharing_eil_m&rtpof=true&sd=true&ts=665884dc
1⤵
PID:3856

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4148,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=4900 /prefetch:1
1⤵
PID:4856

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4052,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5084 /prefetch:1
1⤵
PID:524

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5192,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5312 /prefetch:1
1⤵
PID:5004

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5468,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5476 /prefetch:8
1⤵
PID:1772

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5480,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5556 /prefetch:8
1⤵
PID:3412

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --renderer-sub-type=extension --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5884,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5916 /prefetch:2
1⤵
PID:3180

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6188,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=6212 /prefetch:8
1⤵
PID:2596

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6344,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=6352 /prefetch:1
1⤵
PID:3776

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --field-trial-handle=5076,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5980 /prefetch:1
1⤵
PID:3228

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5148,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=6672 /prefetch:8
1⤵
PID:1576

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6228,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=6268 /prefetch:8
1⤵
- Modifies registry class
PID:3276

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --field-trial-handle=6224,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=6292 /prefetch:1
1⤵
PID:1000

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=6052,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=6892 /prefetch:8
1⤵
PID:2156

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5128,i,13879737908471496610,15335851594401413307,262144 --variations-seed-version --mojo-platform-channel-handle=5876 /prefetch:8
1⤵
PID:2500

Network

DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN A

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

ssl.bingadsedgeextension-prod-europe.azurewebsites.net

IN A

94.245.104.56
DNS

api.edgeoffer.microsoft.com

Remote address:

8.8.8.8:53

Request

api.edgeoffer.microsoft.com

IN Unknown

Response

api.edgeoffer.microsoft.com

IN CNAME

bingadsedgeextension-prod.trafficmanager.net

bingadsedgeextension-prod.trafficmanager.net

IN CNAME

bingadsedgeextension-prod-europe.azurewebsites.net

bingadsedgeextension-prod-europe.azurewebsites.net

IN CNAME

ssl.bingadsedgeextension-prod-europe.azurewebsites.net
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN Unknown

Response
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

2.18.121.23

a416.dscd.akamai.net

IN A

2.18.121.29
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

ssl.gstatic.com

Remote address:

8.8.8.8:53

Request

ssl.gstatic.com

IN A

Response

ssl.gstatic.com

IN A

172.217.169.3
DNS

ssl.gstatic.com

Remote address:

8.8.8.8:53

Request

ssl.gstatic.com

IN Unknown

Response
DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

56.104.245.94.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.104.245.94.in-addr.arpa

IN PTR

Response
DNS

28.118.140.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.118.140.52.in-addr.arpa

IN PTR

Response
DNS

194.17.21.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.17.21.2.in-addr.arpa

IN PTR

Response

194.17.21.2.in-addr.arpa

IN PTR

a2-21-17-194deploystaticakamaitechnologiescom
DNS

56.94.73.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.94.73.104.in-addr.arpa

IN PTR

Response

56.94.73.104.in-addr.arpa

IN PTR

a104-73-94-56deploystaticakamaitechnologiescom
DNS

69.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.31.126.40.in-addr.arpa

IN PTR

Response
DNS

23.121.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.121.18.2.in-addr.arpa

IN PTR

Response

23.121.18.2.in-addr.arpa

IN PTR

a2-18-121-23deploystaticakamaitechnologiescom
DNS

99.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

99.201.58.216.in-addr.arpa

IN PTR

Response

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f991e100net

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f3�H

99.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f3�H
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-2.ukwest.cloudapp.azure.com

prod-agic-uw-2.ukwest.cloudapp.azure.com

IN A

51.140.244.186
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-1.ukwest.cloudapp.azure.com
DNS

apis.google.com

Remote address:

8.8.8.8:53

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.200.14
DNS

apis.google.com

Remote address:

8.8.8.8:53

Request

apis.google.com

IN Unknown

Response

apis.google.com

IN CNAME

plus.l.google.com
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

172.217.169.46
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN Unknown

Response
DNS

144.107.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

144.107.17.2.in-addr.arpa

IN PTR

Response

144.107.17.2.in-addr.arpa

IN PTR

a2-17-107-144deploystaticakamaitechnologiescom
DNS

3.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.169.217.172.in-addr.arpa

IN PTR

Response

3.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f31e100net
DNS

104.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.61.62.23.in-addr.arpa

IN PTR

Response

104.61.62.23.in-addr.arpa

IN PTR

a23-62-61-104deploystaticakamaitechnologiescom
DNS

186.244.140.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

186.244.140.51.in-addr.arpa

IN PTR

Response
DNS

195.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.212.58.216.in-addr.arpa

IN PTR

Response

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f31e100net

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f195�H

195.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f3�H
DNS

peoplestackwebexperiments-pa.clients6.google.com

Remote address:

8.8.8.8:53

Request

peoplestackwebexperiments-pa.clients6.google.com

IN A

Response

peoplestackwebexperiments-pa.clients6.google.com

IN A

142.250.187.202
DNS

peoplestackwebexperiments-pa.clients6.google.com

Remote address:

8.8.8.8:53

Request

peoplestackwebexperiments-pa.clients6.google.com

IN Unknown

Response
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

104.73.93.171
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

202.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.187.250.142.in-addr.arpa

IN PTR

Response

202.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f101e100net
DNS

46.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.169.217.172.in-addr.arpa

IN PTR

Response

46.169.217.172.in-addr.arpa

IN PTR

lhr48s08-in-f141e100net
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

peoplestack-pa.clients6.google.com

Remote address:

8.8.8.8:53

Request

peoplestack-pa.clients6.google.com

IN A

Response

peoplestack-pa.clients6.google.com

IN A

216.58.201.106
DNS

peoplestack-pa.clients6.google.com

Remote address:

8.8.8.8:53

Request

peoplestack-pa.clients6.google.com

IN Unknown

Response
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN Unknown

Response
DNS

sploit-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

sploit-edge.smartscreen.microsoft.com

IN A

Response

sploit-edge.smartscreen.microsoft.com

IN CNAME

wd-prod-ss-edge.trafficmanager.net

wd-prod-ss-edge.trafficmanager.net

IN CNAME

wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com

wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com

IN A

20.162.145.158
DNS

sploit-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

sploit-edge.smartscreen.microsoft.com

IN Unknown

Response

sploit-edge.smartscreen.microsoft.com

IN CNAME

wd-prod-ss-edge.trafficmanager.net

wd-prod-ss-edge.trafficmanager.net

IN CNAME

wd-prod-ss-uk-south-1-fe.uksouth.cloudapp.azure.com
DNS

contacts.google.com

Remote address:

8.8.8.8:53

Request

contacts.google.com

IN A

Response

contacts.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.200.14
DNS

contacts.google.com

Remote address:

8.8.8.8:53

Request

contacts.google.com

IN Unknown

Response

contacts.google.com

IN CNAME

plus.l.google.com
DNS

contacts.google.com

Remote address:

8.8.8.8:53

Request

contacts.google.com

IN A

Response

contacts.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.200.14
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN Unknown

Response

www.google.com

IN Unknown

h2h3
DNS

64.246.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.246.107.13.in-addr.arpa

IN PTR

Response
DNS

106.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

106.201.58.216.in-addr.arpa

IN PTR

Response

106.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f101e100net

106.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f106�I

106.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f10�I
DNS

84.27.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.27.250.142.in-addr.arpa

IN PTR

Response

84.27.250.142.in-addr.arpa

IN PTR

ra-in-f841e100net
DNS

158.145.162.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.145.162.20.in-addr.arpa

IN PTR

Response
DNS

196.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.187.250.142.in-addr.arpa

IN PTR

Response

196.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f41e100net
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

azurefd-t-fb-prod.trafficmanager.net

azurefd-t-fb-prod.trafficmanager.net

IN CNAME

dual.s-part-0036.t-0009.fb-t-msedge.net

dual.s-part-0036.t-0009.fb-t-msedge.net

IN CNAME

s-part-0036.t-0009.fb-t-msedge.net

s-part-0036.t-0009.fb-t-msedge.net

IN A

13.107.253.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

64.253.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.253.107.13.in-addr.arpa

IN PTR

Response
DNS

55.36.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

55.36.223.20.in-addr.arpa

IN PTR

Response
GET

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

Remote address:

23.62.61.113:443

Request

GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
host: www.bing.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1107
date: Thu, 30 May 2024 14:22:13 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.443d3e17.1717078933.1a520153
DNS

113.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

113.61.62.23.in-addr.arpa

IN PTR

Response

113.61.62.23.in-addr.arpa

IN PTR

a23-62-61-113deploystaticakamaitechnologiescom
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

accounts.youtube.com

Remote address:

8.8.8.8:53

Request

accounts.youtube.com

IN A

Response

accounts.youtube.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.187.238
DNS

accounts.youtube.com

Remote address:

8.8.8.8:53

Request

accounts.youtube.com

IN Unknown

Response

accounts.youtube.com

IN CNAME

www3.l.google.com
DNS

accounts.youtube.com

Remote address:

8.8.8.8:53

Request

accounts.youtube.com

IN A

Response

accounts.youtube.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.187.238
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

contacts.google.com

Remote address:

8.8.8.8:53

Request

contacts.google.com

IN A

Response

contacts.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.200.14
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

171.39.242.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.39.242.20.in-addr.arpa

IN PTR

Response
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

accounts.youtube.com

Remote address:

8.8.8.8:53

Request

accounts.youtube.com

IN A

Response

accounts.youtube.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.187.238
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

contacts.google.com

Remote address:

8.8.8.8:53

Request

contacts.google.com

IN A

Response

contacts.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.200.14
DNS

docs.google.com

Remote address:

8.8.8.8:53

Request

docs.google.com

IN A

Response

docs.google.com

IN A

142.250.200.14
DNS

19.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.229.111.52.in-addr.arpa

IN PTR

Response
DNS

ssl.gstatic.com

Remote address:

8.8.8.8:53

Request

ssl.gstatic.com

IN A

Response

ssl.gstatic.com

IN A

172.217.169.3
DNS

ssl.gstatic.com

Remote address:

8.8.8.8:53

Request

ssl.gstatic.com

IN Unknown

Response
DNS

0.204.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.204.248.87.in-addr.arpa

IN PTR

Response

0.204.248.87.in-addr.arpa

IN PTR

https-87-248-204-0lhrllnwnet
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

172.217.169.46
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN Unknown

Response
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR

Response
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A
DNS

88.156.103.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.156.103.20.in-addr.arpa

IN PTR

Response
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 415458
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C86519C57D68405193EF89D102D91A04 Ref B: LON04EDGE1209 Ref C: 2024-05-30T14:23:55Z
date: Thu, 30 May 2024 14:23:54 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 430689
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE988B586EB8494980EB624D017130DF Ref B: LON04EDGE1209 Ref C: 2024-05-30T14:23:55Z
date: Thu, 30 May 2024 14:23:54 GMT
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet

94.245.104.56:443

api.edgeoffer.microsoft.com

tls

3.6kB
7.5kB
14
14
142.250.200.14:443

docs.google.com

tls

57.3kB
1.5MB
922
1116
13.107.6.158:443

business.bing.com

tls

3.4kB
9.9kB
20
25
2.21.17.194:443

www.microsoft.com

tls

4.0kB
23.3kB
27
36
2.18.121.23:443

bzib.nelreports.net

tls

3.8kB
5.9kB
14
16
172.217.169.3:443

ssl.gstatic.com

tls

2.3kB
6.9kB
10
10
172.217.169.3:443

ssl.gstatic.com

tls

9.0kB
207.3kB
130
171
23.62.61.104:443

www.bing.com

tls

22.5kB
889.0kB
417
653
51.140.244.186:443

nav-edge.smartscreen.microsoft.com

tls

2.4kB
7.6kB
13
13
51.140.244.186:443

nav-edge.smartscreen.microsoft.com

tls

37.5kB
28.5kB
83
80
51.140.244.186:443

nav-edge.smartscreen.microsoft.com

tls

2.5kB
7.6kB
13
14
51.140.244.186:443

nav-edge.smartscreen.microsoft.com

tls

2.5kB
7.6kB
13
14
51.140.244.186:443

nav-edge.smartscreen.microsoft.com

tls

2.5kB
7.6kB
13
14
51.140.244.186:443

nav-edge.smartscreen.microsoft.com

98 B
52 B
2
1
172.217.169.46:443

play.google.com

tls

3.5kB
10.1kB
20
24
142.250.187.202:443

peoplestackwebexperiments-pa.clients6.google.com

tls

2.2kB
7.2kB
10
10
142.250.187.202:443

peoplestackwebexperiments-pa.clients6.google.com

tls

4.6kB
15.7kB
28
35
13.107.246.64:443

edgestatic.azureedge.net

tls

3.1kB
7.6kB
14
11
13.107.246.64:443

edgestatic.azureedge.net

tls

2.1kB
311 B
7
5
13.107.246.64:443

edgestatic.azureedge.net

tls

114.6kB
6.0MB
2364
4345
216.58.201.106:443

peoplestack-pa.clients6.google.com

tls

4.1kB
14.5kB
23
27
142.250.27.84:443

accounts.google.com

tls

4.6kB
11.2kB
22
26
20.162.145.158:443

sploit-edge.smartscreen.microsoft.com

tls

4.0kB
8.8kB
12
12
142.250.200.14:443

contacts.google.com

tls

2.4kB
9.6kB
12
13
13.107.246.64:443

edgestatic.azureedge.net

tls

9.3kB
274.8kB
123
216
13.107.253.64:443

wcpstatic.microsoft.com

tls

5.3kB
91.1kB
52
79
23.62.61.113:443

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

tls, http2

1.5kB
6.4kB
17
13

HTTP Request

GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

HTTP Response

200
20.162.145.158:443

sploit-edge.smartscreen.microsoft.com

tls

3.7kB
8.4kB
11
11
142.250.187.238:443

accounts.youtube.com

tls

4.8kB
41.1kB
37
45
20.162.145.158:443

sploit-edge.smartscreen.microsoft.com

tls

4.1kB
8.8kB
12
12
20.162.145.158:443

sploit-edge.smartscreen.microsoft.com

tls

3.7kB
8.4kB
11
11
20.162.145.158:443

sploit-edge.smartscreen.microsoft.com

tls

4.1kB
8.8kB
12
12
172.217.169.46:443

play.google.com

tls

37.4kB
12.8kB
47
38
172.217.169.46:443

play.google.com

tls

2.4kB
8.3kB
13
10
172.217.169.46:443

play.google.com

tls

2.4kB
9.0kB
11
11
204.79.197.200:443

https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

tls, http2

30.5kB
883.1kB
645
642

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
23.62.61.113:443

www.bing.com

tls

2.6kB
1.2kB
8
7

8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
226 B
1
1

DNS Request

api.edgeoffer.microsoft.com

DNS Response

94.245.104.56
8.8.8.8:53

api.edgeoffer.microsoft.com

dns

73 B
271 B
1
1

DNS Request

api.edgeoffer.microsoft.com
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

docs.google.com

dns

61 B
111 B
1
1

DNS Request

docs.google.com
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
185 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

2.18.121.23

2.18.121.29
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
142.250.200.14:443

docs.google.com

https

39.4kB
3.4MB
411
2730
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

ssl.gstatic.com

dns

61 B
77 B
1
1

DNS Request

ssl.gstatic.com

DNS Response

172.217.169.3
8.8.8.8:53

ssl.gstatic.com

dns

61 B
118 B
1
1

DNS Request

ssl.gstatic.com
8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

56.104.245.94.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

56.104.245.94.in-addr.arpa
8.8.8.8:53

28.118.140.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

28.118.140.52.in-addr.arpa
8.8.8.8:53

194.17.21.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

194.17.21.2.in-addr.arpa
8.8.8.8:53

56.94.73.104.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

56.94.73.104.in-addr.arpa
8.8.8.8:53

69.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

69.31.126.40.in-addr.arpa
8.8.8.8:53

23.121.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

23.121.18.2.in-addr.arpa
8.8.8.8:53

99.201.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

99.201.58.216.in-addr.arpa
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
199 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

51.140.244.186
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
243 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
172.217.169.3:443

ssl.gstatic.com

https

9.1kB
203.8kB
72
173
8.8.8.8:53

apis.google.com

dns

61 B
98 B
1
1

DNS Request

apis.google.com

DNS Response

142.250.200.14
8.8.8.8:53

apis.google.com

dns

61 B
132 B
1
1

DNS Request

apis.google.com
8.8.8.8:53

play.google.com

dns

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

172.217.169.46
8.8.8.8:53

play.google.com

dns

61 B
111 B
1
1

DNS Request

play.google.com
8.8.8.8:53

144.107.17.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

144.107.17.2.in-addr.arpa
8.8.8.8:53

3.169.217.172.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.169.217.172.in-addr.arpa
8.8.8.8:53

104.61.62.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

104.61.62.23.in-addr.arpa
8.8.8.8:53

186.244.140.51.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

186.244.140.51.in-addr.arpa
8.8.8.8:53

195.212.58.216.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

195.212.58.216.in-addr.arpa
8.8.8.8:53

peoplestackwebexperiments-pa.clients6.google.com

dns

94 B
110 B
1
1

DNS Request

peoplestackwebexperiments-pa.clients6.google.com

DNS Response

142.250.187.202
8.8.8.8:53

peoplestackwebexperiments-pa.clients6.google.com

dns

94 B
144 B
1
1

DNS Request

peoplestackwebexperiments-pa.clients6.google.com
172.217.169.46:443

play.google.com

https

89.4kB
16.2kB
95
72
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

104.73.93.171
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
142.250.187.202:443

peoplestackwebexperiments-pa.clients6.google.com

https

6.7kB
11.9kB
15
19
8.8.8.8:53

202.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.187.250.142.in-addr.arpa
8.8.8.8:53

46.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

46.169.217.172.in-addr.arpa
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
231 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
275 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

peoplestack-pa.clients6.google.com

dns

80 B
96 B
1
1

DNS Request

peoplestack-pa.clients6.google.com

DNS Response

216.58.201.106
8.8.8.8:53

peoplestack-pa.clients6.google.com

dns

80 B
130 B
1
1

DNS Request

peoplestack-pa.clients6.google.com
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
216.58.201.106:443

peoplestack-pa.clients6.google.com

https

5.4kB
10.9kB
13
16
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

accounts.google.com

dns

65 B
115 B
1
1

DNS Request

accounts.google.com
224.0.0.251:5353

204 B
3
8.8.8.8:53

sploit-edge.smartscreen.microsoft.com

dns

83 B
209 B
1
1

DNS Request

sploit-edge.smartscreen.microsoft.com

DNS Response

20.162.145.158
8.8.8.8:53

sploit-edge.smartscreen.microsoft.com

dns

83 B
253 B
1
1

DNS Request

sploit-edge.smartscreen.microsoft.com
142.250.27.84:443

accounts.google.com

https

20.3kB
257.7kB
139
280
8.8.8.8:53

contacts.google.com

dns

65 B
102 B
1
1

DNS Request

contacts.google.com

DNS Response

142.250.200.14
8.8.8.8:53

contacts.google.com

dns

65 B
136 B
1
1

DNS Request

contacts.google.com
8.8.8.8:53

contacts.google.com

dns

65 B
102 B
1
1

DNS Request

contacts.google.com

DNS Response

142.250.200.14
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.196
8.8.8.8:53

www.google.com

dns

60 B
85 B
1
1

DNS Request

www.google.com
142.250.187.196:443

www.google.com

https

5.7kB
15.5kB
15
17
8.8.8.8:53

64.246.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.246.107.13.in-addr.arpa
8.8.8.8:53

106.201.58.216.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

106.201.58.216.in-addr.arpa
8.8.8.8:53

84.27.250.142.in-addr.arpa

dns

72 B
105 B
1
1

DNS Request

84.27.250.142.in-addr.arpa
8.8.8.8:53

158.145.162.20.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

158.145.162.20.in-addr.arpa
8.8.8.8:53

196.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.187.250.142.in-addr.arpa
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
333 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.253.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
282 B
1
1

DNS Request

wcpstatic.microsoft.com
8.8.8.8:53

64.253.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.253.107.13.in-addr.arpa
142.250.200.14:443

docs.google.com

https

13.5kB
60.7kB
53
90
8.8.8.8:53

55.36.223.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

55.36.223.20.in-addr.arpa
8.8.8.8:53

113.61.62.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

113.61.62.23.in-addr.arpa
23.62.61.104:443

www.bing.com

https

3.1kB
6.6kB
8
10
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

accounts.youtube.com

dns

66 B
110 B
1
1

DNS Request

accounts.youtube.com

DNS Response

142.250.187.238
8.8.8.8:53

accounts.youtube.com

dns

66 B
144 B
1
1

DNS Request

accounts.youtube.com
8.8.8.8:53

accounts.youtube.com

dns

66 B
110 B
1
1

DNS Request

accounts.youtube.com

DNS Response

142.250.187.238
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
172.217.169.46:443

play.google.com

https

4.2kB
9.3kB
7
10
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
142.250.200.14:443

docs.google.com

https

19.4kB
133.7kB
182
314
172.217.169.46:443

play.google.com

https

150.0kB
7.7kB
146
53
142.250.187.202:443

peoplestackwebexperiments-pa.clients6.google.com

https

2.2kB
3.0kB
14
13
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

contacts.google.com

dns

65 B
102 B
1
1

DNS Request

contacts.google.com

DNS Response

142.250.200.14
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

171.39.242.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

171.39.242.20.in-addr.arpa
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
142.250.187.238:443

accounts.youtube.com

https

4.2kB
9.7kB
7
10
8.8.8.8:53

accounts.youtube.com

dns

66 B
110 B
1
1

DNS Request

accounts.youtube.com

DNS Response

142.250.187.238
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
8.8.8.8:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

contacts.google.com

dns

65 B
102 B
1
1

DNS Request

contacts.google.com

DNS Response

142.250.200.14
8.8.8.8:53

docs.google.com

dns

61 B
77 B
1
1

DNS Request

docs.google.com

DNS Response

142.250.200.14
172.217.169.46:443

play.google.com

https

1.7kB
1.4kB
7
3
8.8.8.8:53

19.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

19.229.111.52.in-addr.arpa
142.250.200.14:443

docs.google.com

https

3.1kB
4.3kB
8
8
8.8.8.8:53

ssl.gstatic.com

dns

61 B
77 B
1
1

DNS Request

ssl.gstatic.com

DNS Response

172.217.169.3
8.8.8.8:53

ssl.gstatic.com

dns

61 B
118 B
1
1

DNS Request

ssl.gstatic.com
172.217.169.3:443

ssl.gstatic.com

https

2.9kB
4.1kB
6
7
8.8.8.8:53

0.204.248.87.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

0.204.248.87.in-addr.arpa
8.8.8.8:53

play.google.com

dns

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

172.217.169.46
8.8.8.8:53

play.google.com

dns

61 B
111 B
1
1

DNS Request

play.google.com
172.217.169.46:443

play.google.com

https

5.4kB
4.6kB
10
11
8.8.8.8:53

26.35.223.20.in-addr.arpa

dns

284 B
157 B
4
1

DNS Request

26.35.223.20.in-addr.arpa

DNS Request

26.35.223.20.in-addr.arpa

DNS Request

26.35.223.20.in-addr.arpa

DNS Request

26.35.223.20.in-addr.arpa
142.250.200.14:443

docs.google.com

https

1.9kB
1.6kB
11
7
142.250.200.14:443

docs.google.com

https

5.0kB
4.1kB
44
29
172.217.169.46:443

play.google.com

https

10.3kB
9
142.250.200.14:443

docs.google.com

https

3.8kB
3
142.250.200.14:443

docs.google.com

https

2.9kB
4.0kB
6
5
172.217.169.46:443

play.google.com

https

8.0kB
3.8kB
10
6
142.250.200.14:443

docs.google.com

https

2.6kB
1.3kB
2
1
8.8.8.8:53

tse1.mm.bing.net

dns

124 B
173 B
2
1

DNS Request

tse1.mm.bing.net

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

88.156.103.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

88.156.103.20.in-addr.arpa
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request