Analysis Overview
Threat Level: Shows suspicious behavior
The file https://xtube.chat/XM2NZT was found to be: Shows suspicious behavior.
Malicious Activity Summary
Looks up external IP address via web service
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-13 17:34
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 17:34
Reported
2024-06-13 17:37
Platform
win10v2004-20240226-en
Max time kernel
143s
Max time network
154s
Command Line
Signatures
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://xtube.chat/XM2NZT
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4968 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4592 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5280 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5536 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=3888 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6004 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=6028 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=5640 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=5920 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=6520 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=3716 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --mojo-platform-channel-handle=6680 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5548 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | xtube.chat | udp |
| US | 8.8.8.8:53 | xtube.chat | udp |
| US | 8.8.8.8:53 | xtube.chat | udp |
| US | 52.173.151.229:443 | xtube.chat | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | 229.151.173.52.in-addr.arpa | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.9.158:443 | business.bing.com | tcp |
| US | 52.173.151.229:443 | xtube.chat | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| NL | 2.18.121.23:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 2.21.189.233:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | grabify.world | udp |
| US | 8.8.8.8:53 | grabify.world | udp |
| US | 8.8.8.8:53 | grabify.world | udp |
| US | 172.67.161.186:443 | grabify.world | udp |
| US | 172.67.161.186:443 | grabify.world | tcp |
| US | 8.8.8.8:53 | grabify.link | udp |
| US | 8.8.8.8:53 | grabify.link | udp |
| US | 8.8.8.8:53 | grabify.link | udp |
| US | 104.26.9.202:443 | grabify.link | tcp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.9.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.161.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 202.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | www.xlmoto.fi | udp |
| US | 8.8.8.8:53 | www.xlmoto.fi | udp |
| US | 8.8.8.8:53 | www.xlmoto.fi | udp |
| NL | 23.62.61.147:443 | www.xlmoto.fi | tcp |
| US | 8.8.8.8:53 | 187.77.117.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.147:443 | www.xlmoto.fi | udp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | content.pierce-ecom.com | udp |
| US | 8.8.8.8:53 | content.pierce-ecom.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | pierce-images.imgix.net | udp |
| US | 8.8.8.8:53 | pierce-images.imgix.net | udp |
| NL | 23.62.61.195:443 | content.pierce-ecom.com | tcp |
| NL | 23.62.61.195:443 | content.pierce-ecom.com | tcp |
| NL | 23.62.61.195:443 | content.pierce-ecom.com | tcp |
| NL | 23.62.61.195:443 | content.pierce-ecom.com | tcp |
| US | 8.8.8.8:53 | pierce-cms.imgix.net | udp |
| US | 8.8.8.8:53 | pierce-cms.imgix.net | udp |
| NL | 23.62.61.195:443 | content.pierce-ecom.com | tcp |
| US | 151.101.2.208:443 | pierce-cms.imgix.net | tcp |
| US | 151.101.2.208:443 | pierce-cms.imgix.net | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 151.101.2.208:443 | pierce-cms.imgix.net | tcp |
| US | 151.101.2.208:443 | pierce-cms.imgix.net | tcp |
| US | 151.101.2.208:443 | pierce-cms.imgix.net | tcp |
| US | 151.101.2.208:443 | pierce-cms.imgix.net | tcp |
| US | 151.101.2.208:443 | pierce-cms.imgix.net | tcp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 8.8.8.8:53 | mx24.app.baqend.com | udp |
| US | 8.8.8.8:53 | mx24.app.baqend.com | udp |
| US | 8.8.8.8:53 | ipinfo.io | udp |
| US | 8.8.8.8:53 | ipinfo.io | udp |
| US | 8.8.8.8:53 | connect.nosto.com | udp |
| US | 8.8.8.8:53 | connect.nosto.com | udp |
| US | 8.8.8.8:53 | webchannel-content.eservice.emarsys.net | udp |
| US | 8.8.8.8:53 | webchannel-content.eservice.emarsys.net | udp |
| BE | 23.55.96.141:443 | s.go-mpulse.net | tcp |
| US | 151.101.2.8:443 | mx24.app.baqend.com | tcp |
| DE | 18.66.192.102:443 | widget.trustpilot.com | tcp |
| NL | 23.62.61.195:443 | content.pierce-ecom.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 34.117.186.192:443 | ipinfo.io | tcp |
| DE | 18.173.154.53:443 | connect.nosto.com | tcp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.186.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.192.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.154.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 104.208.16.94:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 34.111.52.132:443 | webchannel-content.eservice.emarsys.net | tcp |
| BE | 108.177.15.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | sslwidget.criteo.com | udp |
| US | 8.8.8.8:53 | sslwidget.criteo.com | udp |
| NL | 178.250.1.9:443 | sslwidget.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.scarabresearch.com | udp |
| US | 8.8.8.8:53 | static.scarabresearch.com | udp |
| US | 8.8.8.8:53 | recommender.scarabresearch.com | udp |
| US | 8.8.8.8:53 | recommender.scarabresearch.com | udp |
| US | 8.8.8.8:53 | cdn.scarabresearch.com | udp |
| US | 8.8.8.8:53 | cdn.scarabresearch.com | udp |
| DE | 18.173.154.84:443 | static.scarabresearch.com | tcp |
| IE | 34.248.99.255:443 | recommender.scarabresearch.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| DE | 108.138.36.60:443 | cdn.scarabresearch.com | tcp |
| US | 8.8.8.8:53 | api.yotpo.com | udp |
| US | 8.8.8.8:53 | api.yotpo.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | p.yotpo.com | udp |
| US | 8.8.8.8:53 | p.yotpo.com | udp |
| US | 8.8.8.8:53 | staticw2.yotpo.com | udp |
| US | 8.8.8.8:53 | staticw2.yotpo.com | udp |
| US | 18.213.82.235:443 | api.yotpo.com | tcp |
| GB | 3.10.121.249:443 | p.yotpo.com | tcp |
| GB | 2.21.189.16:443 | staticw2.yotpo.com | tcp |
| US | 8.8.8.8:53 | adl.pierce-ecom.com | udp |
| US | 8.8.8.8:53 | adl.pierce-ecom.com | udp |
| NL | 23.62.61.195:443 | adl.pierce-ecom.com | tcp |
| NL | 23.62.61.195:443 | adl.pierce-ecom.com | udp |
| US | 34.117.186.192:443 | ipinfo.io | tcp |
| US | 8.8.8.8:53 | 132.52.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.15.177.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.99.248.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.154.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.36.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.82.213.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.121.10.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| BE | 88.221.83.243:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| GB | 2.21.188.169:443 | c.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.cookiebot.com | udp |
| US | 8.8.8.8:53 | consent.cookiebot.com | udp |
| NL | 23.62.61.155:443 | consent.cookiebot.com | tcp |
| US | 8.8.8.8:53 | static.redeal.se | udp |
| US | 8.8.8.8:53 | static.redeal.se | udp |
| DE | 18.173.154.67:443 | static.redeal.se | tcp |
| US | 8.8.8.8:53 | eu-library.klarnaservices.com | udp |
| US | 8.8.8.8:53 | eu-library.klarnaservices.com | udp |
| DE | 18.173.187.121:443 | eu-library.klarnaservices.com | tcp |
| DE | 18.173.154.53:443 | connect.nosto.com | udp |
| US | 8.8.8.8:53 | api-cdn.yotpo.com | udp |
| US | 8.8.8.8:53 | api-cdn.yotpo.com | udp |
| US | 18.213.82.235:443 | api.yotpo.com | tcp |
| US | 8.8.8.8:53 | consentcdn.cookiebot.com | udp |
| US | 8.8.8.8:53 | consentcdn.cookiebot.com | udp |
| US | 8.8.8.8:53 | consentcdn.cookiebot.com | udp |
| US | 8.8.8.8:53 | www.xlmoto.fi | udp |
| US | 8.8.8.8:53 | data.fixer.io | udp |
| US | 8.8.8.8:53 | data.fixer.io | udp |
| US | 34.111.52.132:443 | webchannel-content.eservice.emarsys.net | tcp |
| BE | 104.68.64.217:443 | consentcdn.cookiebot.com | tcp |
| GB | 2.21.189.16:443 | api-cdn.yotpo.com | tcp |
| US | 8.8.8.8:53 | 169.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.154.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.61.62.23.in-addr.arpa | udp |
| US | 34.197.248.129:443 | data.fixer.io | tcp |
| US | 8.8.8.8:53 | cdn.ingrid.com | udp |
| US | 8.8.8.8:53 | cdn.ingrid.com | udp |
| US | 8.8.8.8:53 | api.onsite.voyado.com | udp |
| US | 8.8.8.8:53 | api.onsite.voyado.com | udp |
| US | 35.201.103.143:443 | cdn.ingrid.com | tcp |
| US | 8.8.8.8:53 | na-library.klarnaservices.com | udp |
| US | 8.8.8.8:53 | na-library.klarnaservices.com | udp |
| US | 54.230.228.79:443 | api.onsite.voyado.com | tcp |
| DE | 108.138.36.36:443 | na-library.klarnaservices.com | tcp |
| US | 8.8.8.8:53 | 217.64.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.187.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.103.201.35.in-addr.arpa | udp |
| US | 35.201.103.143:443 | cdn.ingrid.com | udp |
| US | 8.8.8.8:53 | cdn.ingrid.com | udp |
| US | 8.8.8.8:53 | cdn.ingrid.com | udp |
| US | 8.8.8.8:53 | cdn.ingrid.com | udp |
| US | 8.8.8.8:53 | www.xlmoto.fi | udp |
| US | 35.201.103.143:443 | cdn.ingrid.com | tcp |
| US | 8.8.8.8:53 | 79.228.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.36.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.klarna.com | udp |
| US | 8.8.8.8:53 | js.klarna.com | udp |
| US | 8.8.8.8:53 | x.klarnacdn.net | udp |
| US | 8.8.8.8:53 | x.klarnacdn.net | udp |
| DE | 108.138.36.97:443 | js.klarna.com | tcp |
| DE | 108.138.36.97:443 | js.klarna.com | tcp |
| US | 54.230.228.101:443 | x.klarnacdn.net | tcp |
| DE | 108.138.36.97:443 | js.klarna.com | udp |
| US | 35.201.103.143:443 | cdn.ingrid.com | udp |
| US | 8.8.8.8:53 | 97.36.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.228.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | o41183.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | o41183.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o41183.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | imgsct.cookiebot.com | udp |
| US | 8.8.8.8:53 | imgsct.cookiebot.com | udp |
| US | 8.8.8.8:53 | api.ingrid.com | udp |
| US | 8.8.8.8:53 | api.ingrid.com | udp |
| BE | 104.68.64.217:443 | imgsct.cookiebot.com | tcp |
| BE | 104.199.16.61:443 | api.ingrid.com | tcp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.16.199.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 142.250.179.234:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.121.18.2.in-addr.arpa | udp |
| BE | 88.221.83.243:443 | www.bing.com | udp |
| BE | 88.221.83.243:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 209.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| NL | 23.62.61.75:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 75.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.65.42.20.in-addr.arpa | udp |