89253f3e81e24e4fab05abe69187fca18e844cd1a20a817bb80240860350390e

Analysis

max time kernel
136s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
12/06/2024, 14:21 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a0fa7214274d04fc62dbb8f14455e4d4_JaffaCakes118.html
Size

32KB
MD5

a0fa7214274d04fc62dbb8f14455e4d4
SHA1

9001630642cf0bc7663274471a18d079f78f2b67
SHA256

89253f3e81e24e4fab05abe69187fca18e844cd1a20a817bb80240860350390e
SHA512

78fac595e2aad09cf73d44b4adff72de9d5f161c6b70782f9d3716614ca3d787fe97f65497045df9b05b76601468845c180eecc89aa6e605fe7190e95d68bc0f
SSDEEP

768:Z4dQM3CD022C14LJm5hm1WmMDbb3qs3rVS4sx3e8yW:Z4p3U01Y4Nm5hm1WmMDX3qsU4s9e8yW

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\a0fa7214274d04fc62dbb8f14455e4d4_JaffaCakes118.html
1⤵
PID:5112

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=748 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:1
1⤵
PID:5004

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=3864 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:1
1⤵
PID:3964

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5416 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:8
1⤵
PID:2076

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5332 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:1
1⤵
PID:232

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5768 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:8
1⤵
PID:3988

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=4208 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:1
1⤵
PID:4492

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=5736 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:1
1⤵
PID:2868

Network

DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com

prod-agic-us-2.uksouth.cloudapp.azure.com

IN A

172.165.69.228
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-uw-1.ukwest.cloudapp.azure.com
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.195.249.173
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-dc-msedge.net

b-0005.b-dc-msedge.net

IN A

13.107.9.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net
DNS

www.planet3films.com

Remote address:

8.8.8.8:53

Request

www.planet3films.com

IN A

Response

www.planet3films.com

IN CNAME

planet3films.com

planet3films.com

IN A

50.62.243.1
DNS

www.planet3films.com

Remote address:

8.8.8.8:53

Request

www.planet3films.com

IN Unknown

Response

www.planet3films.com

IN CNAME

planet3films.com
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.195.249.173
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN Unknown

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net
DNS

239.249.30.184.in-addr.arpa

Remote address:

8.8.8.8:53

Request

239.249.30.184.in-addr.arpa

IN PTR

Response

239.249.30.184.in-addr.arpa

IN PTR

a184-30-249-239deploystaticakamaitechnologiescom
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

96.16.53.162

a416.dscd.akamai.net

IN A

96.16.53.149
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

www.microsoft.com

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.195.249.173
DNS

228.69.165.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.69.165.172.in-addr.arpa

IN PTR

Response
DNS

158.9.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.9.107.13.in-addr.arpa

IN PTR

Response
DNS

162.53.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

162.53.16.96.in-addr.arpa

IN PTR

Response

162.53.16.96.in-addr.arpa

IN PTR

a96-16-53-162deploystaticakamaitechnologiescom
DNS

173.249.195.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.249.195.23.in-addr.arpa

IN PTR

Response

173.249.195.23.in-addr.arpa

IN PTR

a23-195-249-173deploystaticakamaitechnologiescom
DNS

183.142.211.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.142.211.20.in-addr.arpa

IN PTR

Response
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN A

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

edgestatic.azureedge.net

Remote address:

8.8.8.8:53

Request

edgestatic.azureedge.net

IN Unknown

Response

edgestatic.azureedge.net

IN CNAME

edgestatic.afd.azureedge.net

edgestatic.afd.azureedge.net

IN CNAME

azureedge-t-prod.trafficmanager.net

azureedge-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN A

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net

e13678.dscg.akamaiedge.net

IN A

184.30.250.70
DNS

c.s-microsoft.com

Remote address:

8.8.8.8:53

Request

c.s-microsoft.com

IN Unknown

Response

c.s-microsoft.com

IN CNAME

c-s.cms.ms.akadns.net

c-s.cms.ms.akadns.net

IN CNAME

c.s-microsoft.com-c.edgekey.net

c.s-microsoft.com-c.edgekey.net

IN CNAME

e13678.dscg.akamaiedge.net
DNS

64.246.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.246.107.13.in-addr.arpa

IN PTR

Response
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN A

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

wcpstatic.microsoft.com

Remote address:

8.8.8.8:53

Request

wcpstatic.microsoft.com

IN Unknown

Response

wcpstatic.microsoft.com

IN CNAME

consentdeliveryfd.azurefd.net

consentdeliveryfd.azurefd.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net
DNS

22.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.160.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

209.205.72.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.205.72.20.in-addr.arpa

IN PTR

Response
DNS

nw-umwatson.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

nw-umwatson.events.data.microsoft.com

IN A

Response

nw-umwatson.events.data.microsoft.com

IN CNAME

blobcollector.events.data.trafficmanager.net

blobcollector.events.data.trafficmanager.net

IN CNAME

onedsblobprdeus15.eastus.cloudapp.azure.com

onedsblobprdeus15.eastus.cloudapp.azure.com

IN A

20.42.73.29
POST

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

Remote address:

20.42.73.29:443

Request

POST /Telemetry.Request HTTP/1.1
Connection: Keep-Alive
Content-Type: application/xml
User-Agent: Crashpad/0.8.0 WinHTTP/10.0.19041.1151 Windows_NT/10.0.19041.1202 (x64)
Content-Length: 3685
Host: nw-umwatson.events.data.microsoft.com

Response

HTTP/1.1 200 200 OK

Content-Length: 634
Content-Type: text/xml
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Date: Wed, 12 Jun 2024 14:21:39 GMT
DNS

29.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.73.42.20.in-addr.arpa

IN PTR

Response
DNS

maps.googleapis.com

Remote address:

8.8.8.8:53

Request

maps.googleapis.com

IN A

Response

maps.googleapis.com

IN A

172.217.16.234

maps.googleapis.com

IN A

142.250.200.10

maps.googleapis.com

IN A

142.250.200.42

maps.googleapis.com

IN A

216.58.201.106

maps.googleapis.com

IN A

216.58.204.74

maps.googleapis.com

IN A

216.58.213.10

maps.googleapis.com

IN A

172.217.169.10

maps.googleapis.com

IN A

216.58.212.202

maps.googleapis.com

IN A

216.58.212.234

maps.googleapis.com

IN A

172.217.169.42

maps.googleapis.com

IN A

142.250.179.234

maps.googleapis.com

IN A

142.250.180.10

maps.googleapis.com

IN A

142.250.187.202

maps.googleapis.com

IN A

142.250.187.234

maps.googleapis.com

IN A

142.250.178.10
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

171.39.242.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.39.242.20.in-addr.arpa

IN PTR

Response
DNS

maps.googleapis.com

Remote address:

8.8.8.8:53

Request

maps.googleapis.com

IN A

Response

maps.googleapis.com

IN A

172.217.169.10

maps.googleapis.com

IN A

216.58.212.202

maps.googleapis.com

IN A

172.217.169.74

maps.googleapis.com

IN A

172.217.169.42

maps.googleapis.com

IN A

142.250.179.234

maps.googleapis.com

IN A

142.250.180.10

maps.googleapis.com

IN A

142.250.187.202

maps.googleapis.com

IN A

142.250.187.234

maps.googleapis.com

IN A

142.250.178.10

maps.googleapis.com

IN A

172.217.16.234

maps.googleapis.com

IN A

142.250.200.10

maps.googleapis.com

IN A

142.250.200.42

maps.googleapis.com

IN A

216.58.201.106

maps.googleapis.com

IN A

216.58.204.74
DNS

89.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

89.61.62.23.in-addr.arpa

IN PTR

Response

89.61.62.23.in-addr.arpa

IN PTR

a23-62-61-89deploystaticakamaitechnologiescom
DNS

243.197.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

243.197.17.2.in-addr.arpa

IN PTR

Response

243.197.17.2.in-addr.arpa

IN PTR

a2-17-197-243deploystaticakamaitechnologiescom
DNS

spb.souz-rente.ru

Remote address:

8.8.8.8:53

Request

spb.souz-rente.ru

IN A

Response

spb.souz-rente.ru

IN A

46.30.40.101
DNS

spb.souz-rente.ru

Remote address:

8.8.8.8:53

Request

spb.souz-rente.ru

IN Unknown

Response
GET

http://spb.souz-rente.ru/js/jquery.min.php?c_utt=K85164&c_utm=http%3A%2F%2Fspb.souz-rente.ru%2Fjs%2Fjquery.min.php%3Fdefault_keyword%3DOUR%2520BLOG%2520%257C%2520Planet3%2520FILMS%2520%257C%2520Page%25202%26se_referrer%3D%26source%3D

Remote address:

46.30.40.101:80

Request

GET /js/jquery.min.php?c_utt=K85164&c_utm=http%3A%2F%2Fspb.souz-rente.ru%2Fjs%2Fjquery.min.php%3Fdefault_keyword%3DOUR%2520BLOG%2520%257C%2520Planet3%2520FILMS%2520%257C%2520Page%25202%26se_referrer%3D%26source%3D HTTP/1.1
Host: spb.souz-rente.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
Intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx/1.26.1
Date: Wed, 12 Jun 2024 14:22:27 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://souz-rente.rujs/jquery.min.php?c_utt=K85164&c_utm=http%3A%2F%2Fspb.souz-rente.ru%2Fjs%2Fjquery.min.php%3Fdefault_keyword%3DOUR%2520BLOG%2520%257C%2520Planet3%2520FILMS%2520%257C%2520Page%25202%26se_referrer%3D%26source%3D
DNS

souz-rente.rujs

Remote address:

8.8.8.8:53

Request

souz-rente.rujs

IN A

Response
DNS

souz-rente.rujs

Remote address:

8.8.8.8:53

Request

souz-rente.rujs

IN Unknown

Response
DNS

souz-rente.rujs

Remote address:

8.8.8.8:53

Request

souz-rente.rujs

IN A

Response
DNS

s0.wp.com

Remote address:

8.8.8.8:53

Request

s0.wp.com

IN A

Response

s0.wp.com

IN A

192.0.77.32
DNS

s0.wp.com

Remote address:

8.8.8.8:53

Request

s0.wp.com

IN Unknown

Response
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

142.250.200.14
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN Unknown

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN Unknown
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

142.250.200.14
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com

prod-agic-us-2.uksouth.cloudapp.azure.com

IN A

172.165.69.228
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

tm-prod-wd-csp-edge.trafficmanager.net

tm-prod-wd-csp-edge.trafficmanager.net

IN CNAME

prod-agic-us-3.uksouth.cloudapp.azure.com
GET

http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201735

Remote address:

192.0.77.32:80

Request

GET /wp-content/js/devicepx-jetpack.js?ver=201735 HTTP/1.1
Host: s0.wp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Wed, 12 Jun 2024 14:22:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/21174-1684464996761.1526
Content-Encoding: gzip
Expires: Wed, 16 Apr 2025 14:12:10 GMT
Cache-Control: max-age=31536000
X-ac: 4.lhr _dca MISS
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Alt-Svc: h3=":443"; ma=86400
X-nc: HIT lhr 1
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

142.250.200.14
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

142.250.200.14
DNS

www.youtube.com

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN Unknown

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN Unknown
DNS

stats.wp.com

Remote address:

8.8.8.8:53

Request

stats.wp.com

IN A

Response

stats.wp.com

IN A

192.0.76.3
DNS

stats.wp.com

Remote address:

8.8.8.8:53

Request

stats.wp.com

IN Unknown

Response
DNS

ppc.netnet44.net

Remote address:

8.8.8.8:53

Request

ppc.netnet44.net

IN A

Response
DNS

_1080._https.ppc.netnet44.net

Remote address:

8.8.8.8:53

Request

_1080._https.ppc.netnet44.net

IN Unknown

Response
GET

http://stats.wp.com/e-201735.js

Remote address:

192.0.76.3:80

Request

GET /e-201735.js HTTP/1.1
Host: stats.wp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Wed, 12 Jun 2024 14:22:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/14377-1704402356443.5398
Content-Encoding: gzip
Expires: Thu, 17 Apr 2025 02:57:34 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
X-nc: HIT lhr
Alt-Svc: h3=":443"; ma=86400
DNS

ppc.netnet44.net

Remote address:

8.8.8.8:53

Request

ppc.netnet44.net

IN A

Response
DNS

i.ytimg.com

Remote address:

8.8.8.8:53

Request

i.ytimg.com

IN A

Response

i.ytimg.com

IN A

172.217.169.54

i.ytimg.com

IN A

142.250.179.246

i.ytimg.com

IN A

142.250.180.22

i.ytimg.com

IN A

142.250.187.214

i.ytimg.com

IN A

142.250.187.246

i.ytimg.com

IN A

142.250.178.22

i.ytimg.com

IN A

172.217.16.246

i.ytimg.com

IN A

142.250.200.22

i.ytimg.com

IN A

142.250.200.54

i.ytimg.com

IN A

216.58.201.118

i.ytimg.com

IN A

216.58.204.86

i.ytimg.com

IN A

216.58.213.22

i.ytimg.com

IN A

172.217.169.22
DNS

i.ytimg.com

Remote address:

8.8.8.8:53

Request

i.ytimg.com

IN Unknown

Response
DNS

101.40.30.46.in-addr.arpa

Remote address:

8.8.8.8:53

Request

101.40.30.46.in-addr.arpa

IN PTR

Response

101.40.30.46.in-addr.arpa

IN PTR

isp11eurobyteru
DNS

3.76.0.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.76.0.192.in-addr.arpa

IN PTR

Response
DNS

32.77.0.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

32.77.0.192.in-addr.arpa

IN PTR

Response

32.77.0.192.in-addr.arpa

IN PTR

wordpresscom
DNS

46.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.200.250.142.in-addr.arpa

IN PTR

Response

46.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f141e100net
DNS

54.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

54.169.217.172.in-addr.arpa

IN PTR

Response

54.169.217.172.in-addr.arpa

IN PTR

lhr48s08-in-f221e100net
DNS

99.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

99.201.58.216.in-addr.arpa

IN PTR

Response

99.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f31e100net

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f3�G

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f99�G
DNS

googleads.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.187.194
DNS

googleads.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN Unknown

Response

googleads.g.doubleclick.net

IN Unknown

h2h3
DNS

jnn-pa.googleapis.com

Remote address:

8.8.8.8:53

Request

jnn-pa.googleapis.com

IN A

Response

jnn-pa.googleapis.com

IN A

142.250.179.234

jnn-pa.googleapis.com

IN A

142.250.180.10

jnn-pa.googleapis.com

IN A

142.250.187.202

jnn-pa.googleapis.com

IN A

142.250.187.234

jnn-pa.googleapis.com

IN A

142.250.178.10

jnn-pa.googleapis.com

IN A

172.217.16.234

jnn-pa.googleapis.com

IN A

142.250.200.10

jnn-pa.googleapis.com

IN A

142.250.200.42

jnn-pa.googleapis.com

IN A

216.58.201.106

jnn-pa.googleapis.com

IN A

216.58.204.74

jnn-pa.googleapis.com

IN A

172.217.169.10

jnn-pa.googleapis.com

IN A

216.58.212.202

jnn-pa.googleapis.com

IN A

216.58.212.234
DNS

jnn-pa.googleapis.com

Remote address:

8.8.8.8:53

Request

jnn-pa.googleapis.com

IN Unknown

Response
DNS

static.doubleclick.net

Remote address:

8.8.8.8:53

Request

static.doubleclick.net

IN A

Response

static.doubleclick.net

IN A

216.58.213.6
DNS

static.doubleclick.net

Remote address:

8.8.8.8:53

Request

static.doubleclick.net

IN Unknown

Response
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN Unknown

Response

www.google.com

IN Unknown

h2h3
DNS

yt3.ggpht.com

Remote address:

8.8.8.8:53

Request

yt3.ggpht.com

IN A

Response

yt3.ggpht.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
DNS

yt3.ggpht.com

Remote address:

8.8.8.8:53

Request

yt3.ggpht.com

IN Unknown

Response

yt3.ggpht.com

IN CNAME

photos-ugc.l.googleusercontent.com
DNS

194.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.187.250.142.in-addr.arpa

IN PTR

Response

194.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f21e100net
DNS

234.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.179.250.142.in-addr.arpa

IN PTR

Response

234.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f101e100net
DNS

6.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.213.58.216.in-addr.arpa

IN PTR

Response

6.213.58.216.in-addr.arpa

IN PTR

ber01s14-in-f61e100net

6.213.58.216.in-addr.arpa

IN PTR

lhr25s25-in-f6�F
DNS

195.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.212.58.216.in-addr.arpa

IN PTR

Response

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f31e100net

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f195�H

195.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f3�H
DNS

196.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.187.250.142.in-addr.arpa

IN PTR

Response

196.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f41e100net
DNS

1.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.180.250.142.in-addr.arpa

IN PTR

Response

1.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f11e100net
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response
DNS

pixel.wp.com

Remote address:

8.8.8.8:53

Request

pixel.wp.com

IN A

Response

pixel.wp.com

IN A

192.0.76.3
DNS

pixel.wp.com

Remote address:

8.8.8.8:53

Request

pixel.wp.com

IN A

Response

pixel.wp.com

IN A

192.0.76.3
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

172.217.169.46
DNS

play.google.com

Remote address:

8.8.8.8:53

Request

play.google.com

IN Unknown

Response
DNS

46.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.169.217.172.in-addr.arpa

IN PTR

Response

46.169.217.172.in-addr.arpa

IN PTR

lhr48s08-in-f141e100net
DNS

171.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.61.62.23.in-addr.arpa

IN PTR

Response

171.61.62.23.in-addr.arpa

IN PTR

a23-62-61-171deploystaticakamaitechnologiescom
DNS

233.17.178.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.17.178.52.in-addr.arpa

IN PTR

Response

172.165.69.228:443

nav-edge.smartscreen.microsoft.com

tls

14.7kB
15.5kB
39
46
13.107.9.158:443

business.bing.com

tls

2.6kB
10.2kB
18
24
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
23.195.249.173:443

www.microsoft.com

tls

2.8kB
22.9kB
26
36
142.250.187.202:445

fonts.googleapis.com

260 B
5
96.16.53.162:443

bzib.nelreports.net

tls

2.6kB
6.0kB
13
15
13.107.246.64:443

edgestatic.azureedge.net

tls

98.5kB
4.7MB
2009
3367
13.107.246.64:443

edgestatic.azureedge.net

tls

852 B
271 B
6
4
142.250.187.202:139

fonts.googleapis.com

260 B
5
13.107.246.64:443

edgestatic.azureedge.net

tls

820 B
271 B
6
4
13.107.246.64:443

edgestatic.azureedge.net

tls

8.2kB
272.7kB
131
217
13.107.246.64:443

wcpstatic.microsoft.com

tls

4.3kB
91.1kB
54
79
96.16.110.114:80

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
20.42.73.29:443

https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

tls, http

4.9kB
7.6kB
13
11

HTTP Request

POST https://nw-umwatson.events.data.microsoft.com/Telemetry.Request

HTTP Response

200
172.217.16.234:445

maps.googleapis.com

260 B
5
142.250.200.10:445

maps.googleapis.com

260 B
5
142.250.200.42:445

maps.googleapis.com

260 B
5
216.58.201.106:445

maps.googleapis.com

260 B
5
216.58.204.74:445

maps.googleapis.com

260 B
5
216.58.213.10:445

maps.googleapis.com

260 B
5
172.217.169.10:445

maps.googleapis.com

260 B
5
216.58.212.202:445

maps.googleapis.com

260 B
5
13.107.253.64:443

46 B
40 B
1
1
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
216.58.212.234:445

maps.googleapis.com

260 B
5
172.217.169.42:445

maps.googleapis.com

260 B
5
142.250.180.10:445

maps.googleapis.com

260 B
5
142.250.179.234:445

maps.googleapis.com

260 B
5
142.250.187.202:445

maps.googleapis.com

260 B
5
142.250.187.234:445

maps.googleapis.com

260 B
5
142.250.178.10:445

maps.googleapis.com

260 B
5
172.217.169.10:139

maps.googleapis.com

260 B
5
23.62.61.89:443

www.bing.com

tls

1.0kB
5.1kB
9
11
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
46.30.40.101:80

http://spb.souz-rente.ru/js/jquery.min.php?c_utt=K85164&c_utm=http%3A%2F%2Fspb.souz-rente.ru%2Fjs%2Fjquery.min.php%3Fdefault_keyword%3DOUR%2520BLOG%2520%257C%2520Planet3%2520FILMS%2520%257C%2520Page%25202%26se_referrer%3D%26source%3D

http

871 B
1.1kB
6
5

HTTP Request

GET http://spb.souz-rente.ru/js/jquery.min.php?c_utt=K85164&c_utm=http%3A%2F%2Fspb.souz-rente.ru%2Fjs%2Fjquery.min.php%3Fdefault_keyword%3DOUR%2520BLOG%2520%257C%2520Planet3%2520FILMS%2520%257C%2520Page%25202%26se_referrer%3D%26source%3D

HTTP Response

302
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5
192.0.77.32:80

http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201735

http

650 B
3.7kB
7
8

HTTP Request

GET http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201735

HTTP Response

200
142.250.200.46:443

www.youtube.com

tls

22.1kB
1.1MB
442
793
192.0.76.3:80

http://stats.wp.com/e-201735.js

http

620 B
3.5kB
7
7

HTTP Request

GET http://stats.wp.com/e-201735.js

HTTP Response

200
172.217.169.54:443

i.ytimg.com

tls

2.4kB
37.5kB
25
35
142.250.179.234:443

jnn-pa.googleapis.com

tls

3.1kB
51.9kB
33
51
216.58.213.6:443

static.doubleclick.net

tls

1.8kB
6.8kB
13
13
142.250.180.1:443

yt3.ggpht.com

tls

2.0kB
16.3kB
17
20
192.0.76.3:445

pixel.wp.com

260 B
5
172.217.169.46:443

play.google.com

tls

1.8kB
8.6kB
14
17
23.62.61.171:443

www.bing.com

tls

1.3kB
906 B
7
7
50.62.243.1:80

www.planet3films.com

260 B
5
50.62.243.1:80

www.planet3films.com

260 B
5

8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
200 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

172.165.69.228
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
243 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.195.249.173
8.8.8.8:53

business.bing.com

dns

63 B
163 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.9.158
8.8.8.8:53

business.bing.com

dns

63 B
185 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

www.planet3films.com

dns

66 B
96 B
1
1

DNS Request

www.planet3films.com

DNS Response

50.62.243.1
8.8.8.8:53

www.planet3films.com

dns

66 B
148 B
1
1

DNS Request

www.planet3films.com
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.195.249.173
8.8.8.8:53

www.microsoft.com

dns

63 B
275 B
1
1

DNS Request

www.microsoft.com
8.8.8.8:53

239.249.30.184.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

239.249.30.184.in-addr.arpa
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

96.16.53.162

96.16.53.149
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

www.microsoft.com

dns

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.195.249.173
8.8.8.8:53

228.69.165.172.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

228.69.165.172.in-addr.arpa
8.8.8.8:53

158.9.107.13.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

158.9.107.13.in-addr.arpa
8.8.8.8:53

162.53.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

162.53.16.96.in-addr.arpa
8.8.8.8:53

173.249.195.23.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

173.249.195.23.in-addr.arpa
8.8.8.8:53

183.142.211.20.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

183.142.211.20.in-addr.arpa
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
231 B
1
1

DNS Request

edgestatic.azureedge.net

DNS Response

13.107.246.64
8.8.8.8:53

edgestatic.azureedge.net

dns

70 B
275 B
1
1

DNS Request

edgestatic.azureedge.net
8.8.8.8:53

c.s-microsoft.com

dns

63 B
193 B
1
1

DNS Request

c.s-microsoft.com

DNS Response

184.30.250.70
8.8.8.8:53

c.s-microsoft.com

dns

63 B
238 B
1
1

DNS Request

c.s-microsoft.com
8.8.8.8:53

64.246.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.246.107.13.in-addr.arpa
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
251 B
1
1

DNS Request

wcpstatic.microsoft.com

DNS Response

13.107.246.64
8.8.8.8:53

wcpstatic.microsoft.com

dns

69 B
282 B
1
1

DNS Request

wcpstatic.microsoft.com
8.8.8.8:53

22.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

22.160.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

209.205.72.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

209.205.72.20.in-addr.arpa
8.8.8.8:53

nw-umwatson.events.data.microsoft.com

dns

83 B
211 B
1
1

DNS Request

nw-umwatson.events.data.microsoft.com

DNS Response

20.42.73.29
8.8.8.8:53

29.73.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

29.73.42.20.in-addr.arpa
8.8.8.8:53

maps.googleapis.com

dns

65 B
305 B
1
1

DNS Request

maps.googleapis.com

DNS Response

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

216.58.213.10

172.217.169.10

216.58.212.202

216.58.212.234

172.217.169.42

142.250.179.234

142.250.180.10

142.250.187.202

142.250.187.234

142.250.178.10
8.8.8.8:53

183.59.114.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

183.59.114.20.in-addr.arpa
8.8.8.8:53

171.39.242.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

171.39.242.20.in-addr.arpa
8.8.8.8:53

maps.googleapis.com

dns

65 B
289 B
1
1

DNS Request

maps.googleapis.com

DNS Response

172.217.169.10

216.58.212.202

172.217.169.74

172.217.169.42

142.250.179.234

142.250.180.10

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74
8.8.8.8:53

89.61.62.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

89.61.62.23.in-addr.arpa
224.0.0.251:5353

204 B
3
8.8.8.8:53

243.197.17.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

243.197.17.2.in-addr.arpa
8.8.8.8:53

spb.souz-rente.ru

dns

63 B
79 B
1
1

DNS Request

spb.souz-rente.ru

DNS Response

46.30.40.101
8.8.8.8:53

spb.souz-rente.ru

dns

63 B
122 B
1
1

DNS Request

spb.souz-rente.ru
8.8.8.8:53

souz-rente.rujs

dns

61 B
136 B
1
1

DNS Request

souz-rente.rujs
8.8.8.8:53

souz-rente.rujs

dns

61 B
136 B
1
1

DNS Request

souz-rente.rujs
8.8.8.8:53

souz-rente.rujs

dns

61 B
136 B
1
1

DNS Request

souz-rente.rujs
8.8.8.8:53

s0.wp.com

dns

55 B
71 B
1
1

DNS Request

s0.wp.com

DNS Response

192.0.77.32
8.8.8.8:53

s0.wp.com

dns

55 B
117 B
1
1

DNS Request

s0.wp.com
8.8.8.8:53

www.youtube.com

dns

61 B
303 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.46

216.58.201.110

216.58.204.78

172.217.169.14

216.58.212.206

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238

142.250.200.14
8.8.8.8:53

www.youtube.com

dns

61 B
110 B
1
1

DNS Request

www.youtube.com
8.8.8.8:53

www.youtube.com

dns

61 B
303 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.46

216.58.201.110

216.58.204.78

172.217.169.14

216.58.212.206

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238

142.250.200.14
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
200 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

172.165.69.228
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
244 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

www.youtube.com

dns

61 B
303 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.46

216.58.201.110

216.58.204.78

172.217.169.14

216.58.212.206

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238

142.250.200.14
8.8.8.8:53

www.youtube.com

dns

61 B
303 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.46

216.58.201.110

216.58.204.78

172.217.169.14

216.58.212.206

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238

142.250.200.14
8.8.8.8:53

www.youtube.com

dns

61 B
110 B
1
1

DNS Request

www.youtube.com
8.8.8.8:53

stats.wp.com

dns

58 B
74 B
1
1

DNS Request

stats.wp.com

DNS Response

192.0.76.3
8.8.8.8:53

stats.wp.com

dns

58 B
120 B
1
1

DNS Request

stats.wp.com
8.8.8.8:53

ppc.netnet44.net

dns

62 B
121 B
1
1

DNS Request

ppc.netnet44.net
8.8.8.8:53

_1080._https.ppc.netnet44.net

dns

75 B
134 B
1
1

DNS Request

_1080._https.ppc.netnet44.net
8.8.8.8:53

ppc.netnet44.net

dns

62 B
121 B
1
1

DNS Request

ppc.netnet44.net
8.8.8.8:53

i.ytimg.com

dns

57 B
265 B
1
1

DNS Request

i.ytimg.com

DNS Response

172.217.169.54

142.250.179.246

142.250.180.22

142.250.187.214

142.250.187.246

142.250.178.22

172.217.16.246

142.250.200.22

142.250.200.54

216.58.201.118

216.58.204.86

216.58.213.22

172.217.169.22
8.8.8.8:53

i.ytimg.com

dns

57 B
114 B
1
1

DNS Request

i.ytimg.com
142.250.200.46:443

www.youtube.com

https

18.1kB
43.6kB
38
48
8.8.8.8:53

101.40.30.46.in-addr.arpa

dns

71 B
102 B
1
1

DNS Request

101.40.30.46.in-addr.arpa
8.8.8.8:53

3.76.0.192.in-addr.arpa

dns

69 B
134 B
1
1

DNS Request

3.76.0.192.in-addr.arpa
8.8.8.8:53

32.77.0.192.in-addr.arpa

dns

70 B
97 B
1
1

DNS Request

32.77.0.192.in-addr.arpa
8.8.8.8:53

46.200.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

46.200.250.142.in-addr.arpa
8.8.8.8:53

54.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

54.169.217.172.in-addr.arpa
8.8.8.8:53

99.201.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

99.201.58.216.in-addr.arpa
8.8.8.8:53

googleads.g.doubleclick.net

dns

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.187.194
8.8.8.8:53

googleads.g.doubleclick.net

dns

73 B
98 B
1
1

DNS Request

googleads.g.doubleclick.net
142.250.187.194:443

googleads.g.doubleclick.net

https

3.6kB
7.6kB
11
12
8.8.8.8:53

jnn-pa.googleapis.com

dns

67 B
275 B
1
1

DNS Request

jnn-pa.googleapis.com

DNS Response

142.250.179.234

142.250.180.10

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

172.217.169.10

216.58.212.202

216.58.212.234
8.8.8.8:53

jnn-pa.googleapis.com

dns

67 B
124 B
1
1

DNS Request

jnn-pa.googleapis.com
8.8.8.8:53

static.doubleclick.net

dns

68 B
84 B
1
1

DNS Request

static.doubleclick.net

DNS Response

216.58.213.6
8.8.8.8:53

static.doubleclick.net

dns

68 B
128 B
1
1

DNS Request

static.doubleclick.net
8.8.8.8:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.196
8.8.8.8:53

www.google.com

dns

60 B
85 B
1
1

DNS Request

www.google.com
8.8.8.8:53

yt3.ggpht.com

dns

59 B
120 B
1
1

DNS Request

yt3.ggpht.com

DNS Response

142.250.180.1
8.8.8.8:53

yt3.ggpht.com

dns

59 B
161 B
1
1

DNS Request

yt3.ggpht.com
142.250.187.196:443

www.google.com

https

4.2kB
29.5kB
21
30
142.250.179.234:443

jnn-pa.googleapis.com

https

5.0kB
9.0kB
15
17
8.8.8.8:53

194.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

194.187.250.142.in-addr.arpa
8.8.8.8:53

234.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

234.179.250.142.in-addr.arpa
8.8.8.8:53

6.213.58.216.in-addr.arpa

dns

71 B
138 B
1
1

DNS Request

6.213.58.216.in-addr.arpa
8.8.8.8:53

195.212.58.216.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

195.212.58.216.in-addr.arpa
8.8.8.8:53

196.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.187.250.142.in-addr.arpa
8.8.8.8:53

1.180.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

1.180.250.142.in-addr.arpa
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa
8.8.8.8:53

pixel.wp.com

dns

58 B
74 B
1
1

DNS Request

pixel.wp.com

DNS Response

192.0.76.3
8.8.8.8:53

pixel.wp.com

dns

58 B
74 B
1
1

DNS Request

pixel.wp.com

DNS Response

192.0.76.3
8.8.8.8:53

play.google.com

dns

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

172.217.169.46
8.8.8.8:53

play.google.com

dns

61 B
111 B
1
1

DNS Request

play.google.com
172.217.169.46:443

play.google.com

https

6.9kB
9.0kB
13
14
8.8.8.8:53

46.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

46.169.217.172.in-addr.arpa
8.8.8.8:53

171.61.62.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

171.61.62.23.in-addr.arpa
8.8.8.8:53

233.17.178.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

233.17.178.52.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response