hxxps://kxveh99ab[.]cc[.]rs6[.]net/tn[.]jsp?f=001adv7EKDv4B7iI3bsZpRY5eQc088XzdBtkAoS_oV6FTRcVvfcAUhSm3jRJHoC5W9v--2adscrlheaOKYTxXf4ndRS51MeyI3jKwN8U0w54nOPVDbQlmaMh2XFeMk4Zvz3vp4venlStHEbaAKCQTkAv7a8XQBrhfy4&c=gE50HKj3UzC84il--qfoXKCFzHzHE_yCKvCRYSP4H3myvU877PwSzg==&ch=IwMlWjrXTM6kviI9Ufj2vaW1NVwqczC-wg5xytPAl72GOSzvMbrl5A==

Analysis

max time kernel
132s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06/08/2024, 16:03 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://kxveh99ab.cc.rs6.net/tn.jsp?f=001adv7EKDv4B7iI3bsZpRY5eQc088XzdBtkAoS_oV6FTRcVvfcAUhSm3jRJHoC5W9v--2adscrlheaOKYTxXf4ndRS51MeyI3jKwN8U0w54nOPVDbQlmaMh2XFeMk4Zvz3vp4venlStHEbaAKCQTkAv7a8XQBrhfy4&c=gE50HKj3UzC84il--qfoXKCFzHzHE_yCKvCRYSP4H3myvU877PwSzg==&ch=IwMlWjrXTM6kviI9Ufj2vaW1NVwqczC-wg5xytPAl72GOSzvMbrl5A==

Score

1^/10

Malware Config

Signatures

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://kxveh99ab.cc.rs6.net/tn.jsp?f=001adv7EKDv4B7iI3bsZpRY5eQc088XzdBtkAoS_oV6FTRcVvfcAUhSm3jRJHoC5W9v--2adscrlheaOKYTxXf4ndRS51MeyI3jKwN8U0w54nOPVDbQlmaMh2XFeMk4Zvz3vp4venlStHEbaAKCQTkAv7a8XQBrhfy4&c=gE50HKj3UzC84il--qfoXKCFzHzHE_yCKvCRYSP4H3myvU877PwSzg==&ch=IwMlWjrXTM6kviI9Ufj2vaW1NVwqczC-wg5xytPAl72GOSzvMbrl5A==
1⤵
PID:2136

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=3864,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=2136 /prefetch:1
1⤵
PID:216

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=1300,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=4548 /prefetch:1
1⤵
PID:4820

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5388,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=5400 /prefetch:8
1⤵
PID:2240

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5408,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=5460 /prefetch:8
1⤵
PID:3708

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --field-trial-handle=5856,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=5884 /prefetch:1
1⤵
PID:1624

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5776,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=6096 /prefetch:1
1⤵
PID:2608

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6148,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=5876 /prefetch:8
1⤵
PID:2652

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5724,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=5612 /prefetch:8
1⤵
PID:4936

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5840,i,3387628439405076340,17957358341235678872,262144 --variations-seed-version --mojo-platform-channel-handle=5812 /prefetch:8
1⤵
PID:3032

Network

DNS

kxveh99ab.cc.rs6.net

Remote address:

8.8.8.8:53

Request

kxveh99ab.cc.rs6.net

IN A

Response

kxveh99ab.cc.rs6.net

IN A

208.75.122.11
DNS

kxveh99ab.cc.rs6.net

Remote address:

8.8.8.8:53

Request

kxveh99ab.cc.rs6.net

IN Unknown

Response
DNS

kxveh99ab.cc.rs6.net

Remote address:

8.8.8.8:53

Request

kxveh99ab.cc.rs6.net

IN A

Response

kxveh99ab.cc.rs6.net

IN A

208.75.122.11
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN A

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net

b-0005.b-msedge.net

IN A

13.107.6.158
DNS

business.bing.com

Remote address:

8.8.8.8:53

Request

business.bing.com

IN Unknown

Response

business.bing.com

IN CNAME

business-bing-com.b-0005.b-msedge.net

business-bing-com.b-0005.b-msedge.net

IN CNAME

b-0005.b-msedge.net
DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN A

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net

a416.dscd.akamai.net

IN A

2.18.190.74

a416.dscd.akamai.net

IN A

2.18.190.83
DNS

bzib.nelreports.net

Remote address:

8.8.8.8:53

Request

bzib.nelreports.net

IN Unknown

Response

bzib.nelreports.net

IN CNAME

bzib.nelreports.net.akamaized.net

bzib.nelreports.net.akamaized.net

IN CNAME

a416.dscd.akamai.net
DNS

www.physicianloansusa.com

Remote address:

8.8.8.8:53

Request

www.physicianloansusa.com

IN A

Response

www.physicianloansusa.com

IN CNAME

ext-cust.squarespace.com

ext-cust.squarespace.com

IN A

198.185.159.145

ext-cust.squarespace.com

IN A

198.49.23.145

ext-cust.squarespace.com

IN A

198.49.23.144

ext-cust.squarespace.com

IN A

198.185.159.144
DNS

www.physicianloansusa.com

Remote address:

8.8.8.8:53

Request

www.physicianloansusa.com

IN A

Response

www.physicianloansusa.com

IN CNAME

ext-cust.squarespace.com

ext-cust.squarespace.com

IN A

198.49.23.144

ext-cust.squarespace.com

IN A

198.185.159.144

ext-cust.squarespace.com

IN A

198.185.159.145

ext-cust.squarespace.com

IN A

198.49.23.145
DNS

www.physicianloansusa.com

Remote address:

8.8.8.8:53

Request

www.physicianloansusa.com

IN Unknown

Response

www.physicianloansusa.com

IN CNAME

ext-cust.squarespace.com
DNS

www.physicianloansusa.com

Remote address:

8.8.8.8:53

Request

www.physicianloansusa.com

IN A

Response

www.physicianloansusa.com

IN CNAME

ext-cust.squarespace.com

ext-cust.squarespace.com

IN A

198.49.23.145

ext-cust.squarespace.com

IN A

198.185.159.145

ext-cust.squarespace.com

IN A

198.185.159.144

ext-cust.squarespace.com

IN A

198.49.23.144
DNS

images.squarespace-cdn.com

Remote address:

8.8.8.8:53

Request

images.squarespace-cdn.com

IN A

Response

images.squarespace-cdn.com

IN CNAME

squarespace.map.fastly.net

squarespace.map.fastly.net

IN A

151.101.0.238

squarespace.map.fastly.net

IN A

151.101.192.238

squarespace.map.fastly.net

IN A

151.101.64.238

squarespace.map.fastly.net

IN A

151.101.128.238
DNS

images.squarespace-cdn.com

Remote address:

8.8.8.8:53

Request

images.squarespace-cdn.com

IN Unknown

Response

images.squarespace-cdn.com

IN CNAME

squarespace.map.fastly.net
DNS

use.typekit.net

Remote address:

8.8.8.8:53

Request

use.typekit.net

IN A

Response

use.typekit.net

IN CNAME

use-stls.adobe.com.edgesuite.net

use-stls.adobe.com.edgesuite.net

IN CNAME

a1988.dscg1.akamai.net

a1988.dscg1.akamai.net

IN A

2.18.190.147

a1988.dscg1.akamai.net

IN A

2.18.190.136
DNS

use.typekit.net

Remote address:

8.8.8.8:53

Request

use.typekit.net

IN Unknown

Response

use.typekit.net

IN CNAME

use-stls.adobe.com.edgesuite.net

use-stls.adobe.com.edgesuite.net

IN CNAME

a1988.dscg1.akamai.net
DNS

assets.squarespace.com

Remote address:

8.8.8.8:53

Request

assets.squarespace.com

IN A

Response

assets.squarespace.com

IN CNAME

static.squarespace.map.fastly.net

static.squarespace.map.fastly.net

IN A

151.101.128.237

static.squarespace.map.fastly.net

IN A

151.101.64.237

static.squarespace.map.fastly.net

IN A

151.101.0.237

static.squarespace.map.fastly.net

IN A

151.101.192.237
DNS

assets.squarespace.com

Remote address:

8.8.8.8:53

Request

assets.squarespace.com

IN Unknown

Response

assets.squarespace.com

IN CNAME

static.squarespace.map.fastly.net
DNS

static1.squarespace.com

Remote address:

8.8.8.8:53

Request

static1.squarespace.com

IN A

Response

static1.squarespace.com

IN CNAME

prod.squarespace.map.fastly.net

prod.squarespace.map.fastly.net

IN A

151.101.64.238

prod.squarespace.map.fastly.net

IN A

151.101.0.238

prod.squarespace.map.fastly.net

IN A

151.101.192.238

prod.squarespace.map.fastly.net

IN A

151.101.128.238
DNS

static1.squarespace.com

Remote address:

8.8.8.8:53

Request

static1.squarespace.com

IN Unknown

Response

static1.squarespace.com

IN CNAME

prod.squarespace.map.fastly.net
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN A

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-edge.trafficmanager.net

prod-atm-wds-edge.trafficmanager.net

IN CNAME

prod-agic-uw-3.ukwest.cloudapp.azure.com

prod-agic-uw-3.ukwest.cloudapp.azure.com

IN A

51.11.108.188
DNS

nav-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

nav-edge.smartscreen.microsoft.com

IN Unknown

Response

nav-edge.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-edge.trafficmanager.net

prod-atm-wds-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com
DNS

simplemaps-com.s3.amazonaws.com

Remote address:

8.8.8.8:53

Request

simplemaps-com.s3.amazonaws.com

IN A

Response

simplemaps-com.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

52.216.115.51

s3-w.us-east-1.amazonaws.com

IN A

52.216.221.97

s3-w.us-east-1.amazonaws.com

IN A

3.5.29.137

s3-w.us-east-1.amazonaws.com

IN A

52.217.43.20

s3-w.us-east-1.amazonaws.com

IN A

3.5.30.212

s3-w.us-east-1.amazonaws.com

IN A

3.5.3.211

s3-w.us-east-1.amazonaws.com

IN A

52.217.119.113

s3-w.us-east-1.amazonaws.com

IN A

52.216.221.121
DNS

simplemaps-com.s3.amazonaws.com

Remote address:

8.8.8.8:53

Request

simplemaps-com.s3.amazonaws.com

IN Unknown

Response

simplemaps-com.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com
DNS

11.122.75.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.122.75.208.in-addr.arpa

IN PTR

Response

11.122.75.208.in-addr.arpa

IN PTR

rs6net
DNS

74.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.190.18.2.in-addr.arpa

IN PTR

Response

74.190.18.2.in-addr.arpa

IN PTR

a2-18-190-74deploystaticakamaitechnologiescom
DNS

74.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.32.126.40.in-addr.arpa

IN PTR

Response
DNS

144.23.49.198.in-addr.arpa

Remote address:

8.8.8.8:53

Request

144.23.49.198.in-addr.arpa

IN PTR

Response
DNS

79.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.190.18.2.in-addr.arpa

IN PTR

Response

79.190.18.2.in-addr.arpa

IN PTR

a2-18-190-79deploystaticakamaitechnologiescom
DNS

data-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

data-edge.smartscreen.microsoft.com

IN A

Response

data-edge.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-edge.trafficmanager.net

prod-atm-wds-edge.trafficmanager.net

IN CNAME

prod-agic-uw-3.ukwest.cloudapp.azure.com

prod-agic-uw-3.ukwest.cloudapp.azure.com

IN A

51.11.108.188
DNS

data-edge.smartscreen.microsoft.com

Remote address:

8.8.8.8:53

Request

data-edge.smartscreen.microsoft.com

IN Unknown

Response

data-edge.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-edge.trafficmanager.net

prod-atm-wds-edge.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com
DNS

connect.facebook.net

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.221.16
DNS

connect.facebook.net

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN Unknown

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net
DNS

s.adroll.com

Remote address:

8.8.8.8:53

Request

s.adroll.com

IN A

Response

s.adroll.com

IN CNAME

d1qug1xf2dk5z6.cloudfront.net

d1qug1xf2dk5z6.cloudfront.net

IN A

18.244.155.21

d1qug1xf2dk5z6.cloudfront.net

IN A

18.244.155.115

d1qug1xf2dk5z6.cloudfront.net

IN A

18.244.155.127

d1qug1xf2dk5z6.cloudfront.net

IN A

18.244.155.80
DNS

s.adroll.com

Remote address:

8.8.8.8:53

Request

s.adroll.com

IN Unknown

Response

s.adroll.com

IN CNAME

d1qug1xf2dk5z6.cloudfront.net
DNS

www.clarity.ms

Remote address:

8.8.8.8:53

Request

www.clarity.ms

IN A

Response

www.clarity.ms

IN CNAME

clarity.azurefd.net

clarity.azurefd.net

IN CNAME

azurefd-t-prod.trafficmanager.net

azurefd-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

s-part-0036.t-0009.t-msedge.net

s-part-0036.t-0009.t-msedge.net

IN A

13.107.246.64
DNS

www.clarity.ms

Remote address:

8.8.8.8:53

Request

www.clarity.ms

IN Unknown

Response

www.clarity.ms

IN CNAME

clarity.azurefd.net

clarity.azurefd.net

IN CNAME

azurefd-t-prod.trafficmanager.net

azurefd-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.s-part-0036.t-0009.t-msedge.net

shed.dual-low.s-part-0036.t-0009.t-msedge.net

IN CNAME

azurefd-t-fb-prod.trafficmanager.net

azurefd-t-fb-prod.trafficmanager.net

IN CNAME

dual.s-part-0036.t-0009.fb-t-msedge.net

dual.s-part-0036.t-0009.fb-t-msedge.net

IN CNAME

s-part-0036.t-0009.fb-t-msedge.net
DNS

lms.usaleads.net

Remote address:

8.8.8.8:53

Request

lms.usaleads.net

IN A

Response

lms.usaleads.net

IN A

185.224.138.143
DNS

lms.usaleads.net

Remote address:

8.8.8.8:53

Request

lms.usaleads.net

IN Unknown

Response
DNS

lms.usaleads.net

Remote address:

8.8.8.8:53

Request

lms.usaleads.net

IN A

Response

lms.usaleads.net

IN A

185.224.138.143
DNS

www.physicianloansusa.com

Remote address:

8.8.8.8:53

Request

www.physicianloansusa.com

IN A

Response

www.physicianloansusa.com

IN CNAME

ext-cust.squarespace.com

ext-cust.squarespace.com

IN A

198.185.159.145

ext-cust.squarespace.com

IN A

198.49.23.145

ext-cust.squarespace.com

IN A

198.185.159.144

ext-cust.squarespace.com

IN A

198.49.23.144
DNS

238.0.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.0.101.151.in-addr.arpa

IN PTR

Response
DNS

237.128.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.128.101.151.in-addr.arpa

IN PTR

Response
DNS

147.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

147.190.18.2.in-addr.arpa

IN PTR

Response

147.190.18.2.in-addr.arpa

IN PTR

a2-18-190-147deploystaticakamaitechnologiescom
DNS

238.64.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.64.101.151.in-addr.arpa

IN PTR

Response
DNS

188.108.11.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

188.108.11.51.in-addr.arpa

IN PTR

Response
DNS

51.115.216.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.115.216.52.in-addr.arpa

IN PTR

Response

51.115.216.52.in-addr.arpa

IN PTR

s3-1-w amazonawscom
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

21.155.244.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.155.244.18.in-addr.arpa

IN PTR

Response

21.155.244.18.in-addr.arpa

IN PTR

server-18-244-155-21lhr50r cloudfrontnet
DNS

16.221.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

16.221.240.157.in-addr.arpa

IN PTR

Response

16.221.240.157.in-addr.arpa

IN PTR

xx-fbcdn-shv-01-lhr8fbcdnnet
DNS

168.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

168.179.250.142.in-addr.arpa

IN PTR

Response

168.179.250.142.in-addr.arpa

IN PTR

ams15s41-in-f81e100net
DNS

cdn.jsdelivr.net

Remote address:

8.8.8.8:53

Request

cdn.jsdelivr.net

IN A

Response

cdn.jsdelivr.net

IN CNAME

jsdelivr.map.fastly.net

jsdelivr.map.fastly.net

IN A

151.101.129.229

jsdelivr.map.fastly.net

IN A

151.101.193.229

jsdelivr.map.fastly.net

IN A

151.101.65.229

jsdelivr.map.fastly.net

IN A

151.101.1.229
DNS

cdn.jsdelivr.net

Remote address:

8.8.8.8:53

Request

cdn.jsdelivr.net

IN Unknown

Response

cdn.jsdelivr.net

IN CNAME

jsdelivr.map.fastly.net
DNS

d.adroll.com

Remote address:

8.8.8.8:53

Request

d.adroll.com

IN A

Response

d.adroll.com

IN CNAME

adserver-vpc-alb-3-890571764.eu-west-1.elb.amazonaws.com

adserver-vpc-alb-3-890571764.eu-west-1.elb.amazonaws.com

IN A

52.212.128.175

adserver-vpc-alb-3-890571764.eu-west-1.elb.amazonaws.com

IN A

54.75.196.169
DNS

d.adroll.com

Remote address:

8.8.8.8:53

Request

d.adroll.com

IN Unknown

Response

d.adroll.com

IN CNAME

adserver-vpc-alb-1-1446435489.eu-west-1.elb.amazonaws.com
DNS

p.typekit.net

Remote address:

8.8.8.8:53

Request

p.typekit.net

IN A

Response

p.typekit.net

IN CNAME

p.typekit.net-stls-v3.edgesuite.net

p.typekit.net-stls-v3.edgesuite.net

IN CNAME

a1874.dscg1.akamai.net

a1874.dscg1.akamai.net

IN A

2.18.190.144

a1874.dscg1.akamai.net

IN A

2.18.190.136
DNS

p.typekit.net

Remote address:

8.8.8.8:53

Request

p.typekit.net

IN Unknown

Response

p.typekit.net

IN CNAME

p.typekit.net-stls-v3.edgesuite.net

p.typekit.net-stls-v3.edgesuite.net

IN CNAME

a1874.dscg1.akamai.net
DNS

www.facebook.com

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.221.35
DNS

www.facebook.com

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN Unknown

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com
DNS

region1.analytics.google.com

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN A

Response

region1.analytics.google.com

IN A

216.239.32.36

region1.analytics.google.com

IN A

216.239.34.36
DNS

region1.analytics.google.com

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN Unknown

Response
DNS

stats.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

142.250.102.156

stats.g.doubleclick.net

IN A

142.250.102.157

stats.g.doubleclick.net

IN A

142.250.102.154

stats.g.doubleclick.net

IN A

142.250.102.155
DNS

stats.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN Unknown

Response
DNS

www.google.co.uk

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN A

Response

www.google.co.uk

IN A

172.217.168.195
DNS

www.google.co.uk

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN Unknown

Response

www.google.co.uk

IN Unknown

h2h3
DNS

h.clarity.ms

Remote address:

8.8.8.8:53

Request

h.clarity.ms

IN A

Response

h.clarity.ms

IN CNAME

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

IN A

51.8.64.151
DNS

h.clarity.ms

Remote address:

8.8.8.8:53

Request

h.clarity.ms

IN Unknown

Response

h.clarity.ms

IN CNAME

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com
DNS

143.138.224.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

143.138.224.185.in-addr.arpa

IN PTR

Response
DNS

229.129.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

229.129.101.151.in-addr.arpa

IN PTR

Response
DNS

42.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.36.251.142.in-addr.arpa

IN PTR

Response

42.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f101e100net
DNS

144.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

144.190.18.2.in-addr.arpa

IN PTR

Response

144.190.18.2.in-addr.arpa

IN PTR

a2-18-190-144deploystaticakamaitechnologiescom
DNS

3.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.36.251.142.in-addr.arpa

IN PTR

Response

3.36.251.142.in-addr.arpa

IN PTR

ams15s44-in-f31e100net
DNS

175.128.212.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.128.212.52.in-addr.arpa

IN PTR

Response

175.128.212.52.in-addr.arpa

IN PTR

ec2-52-212-128-175 eu-west-1compute amazonawscom
DNS

35.221.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.221.240.157.in-addr.arpa

IN PTR

Response

35.221.240.157.in-addr.arpa

IN PTR

edge-star-mini-shv-01-lhr8facebookcom
DNS

195.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.168.217.172.in-addr.arpa

IN PTR

Response

195.168.217.172.in-addr.arpa

IN PTR

ams16s32-in-f31e100net
DNS

21.120.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.120.19.2.in-addr.arpa

IN PTR

Response

21.120.19.2.in-addr.arpa

IN PTR

a2-19-120-21deploystaticakamaitechnologiescom
DNS

36.32.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.32.239.216.in-addr.arpa

IN PTR

Response
DNS

156.102.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

156.102.250.142.in-addr.arpa

IN PTR

Response

156.102.250.142.in-addr.arpa

IN PTR

rb-in-f1561e100net
DNS

c.clarity.ms

Remote address:

8.8.8.8:53

Request

c.clarity.ms

IN A

Response

c.clarity.ms

IN CNAME

c.msn.com

c.msn.com

IN CNAME

c-msn-com-nsatc.trafficmanager.net

c-msn-com-nsatc.trafficmanager.net

IN A

13.74.129.1
DNS

c.clarity.ms

Remote address:

8.8.8.8:53

Request

c.clarity.ms

IN Unknown

Response

c.clarity.ms

IN CNAME

c.msn.com

c.msn.com

IN CNAME

c-msn-com-nsatc.trafficmanager.net
DNS

c.bing.com

Remote address:

8.8.8.8:53

Request

c.bing.com

IN A

Response

c.bing.com

IN CNAME

c-bing-com.dual-a-0034.a-msedge.net

c-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

13.107.21.237

dual-a-0034.a-msedge.net

IN A

204.79.197.237
DNS

c.bing.com

Remote address:

8.8.8.8:53

Request

c.bing.com

IN Unknown

Response

c.bing.com

IN CNAME

c-bing-com.dual-a-0034.a-msedge.net
DNS

151.64.8.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

151.64.8.51.in-addr.arpa

IN PTR

Response
DNS

46.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.36.251.142.in-addr.arpa

IN PTR

Response

46.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f141e100net
DNS

237.21.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.21.107.13.in-addr.arpa

IN PTR

Response
DNS

1.129.74.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.129.74.13.in-addr.arpa

IN PTR

Response
DNS

26.165.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.165.165.52.in-addr.arpa

IN PTR

Response
DNS

171.39.242.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.39.242.20.in-addr.arpa

IN PTR

Response
DNS

performance.squarespace.com

Remote address:

8.8.8.8:53

Request

performance.squarespace.com

IN A

Response

performance.squarespace.com

IN A

35.186.236.0
DNS

performance.squarespace.com

Remote address:

8.8.8.8:53

Request

performance.squarespace.com

IN Unknown

Response
DNS

0.236.186.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.236.186.35.in-addr.arpa

IN PTR

Response

0.236.186.35.in-addr.arpa

IN PTR

023618635bcgoogleusercontentcom
DNS

77.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.190.18.2.in-addr.arpa

IN PTR

Response

77.190.18.2.in-addr.arpa

IN PTR

a2-18-190-77deploystaticakamaitechnologiescom
DNS

h.clarity.ms

Remote address:

8.8.8.8:53

Request

h.clarity.ms

IN A

Response

h.clarity.ms

IN CNAME

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

IN A

51.8.64.151
DNS

h.clarity.ms

Remote address:

8.8.8.8:53

Request

h.clarity.ms

IN Unknown

Response

h.clarity.ms

IN CNAME

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com
DNS

101.58.20.217.in-addr.arpa

Remote address:

8.8.8.8:53

Request

101.58.20.217.in-addr.arpa

IN PTR

Response
DNS

h.clarity.ms

Remote address:

8.8.8.8:53

Request

h.clarity.ms

IN A

Response

h.clarity.ms

IN CNAME

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

IN A

51.8.64.151
DNS

h.clarity.ms

Remote address:

8.8.8.8:53

Request

h.clarity.ms

IN Unknown

Response

h.clarity.ms

IN CNAME

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

208.75.122.11:443

kxveh99ab.cc.rs6.net

tls

3.3kB
4.2kB
9
11
208.75.122.11:443

kxveh99ab.cc.rs6.net

tls

2.3kB
3.7kB
10
10
13.107.6.158:443

business.bing.com

tls

3.8kB
10.2kB
19
26
2.18.190.74:443

bzib.nelreports.net

tls

2.8kB
5.4kB
13
15
198.49.23.144:443

www.physicianloansusa.com

tls

8.5kB
59.5kB
58
79
151.101.0.238:443

images.squarespace-cdn.com

tls

31.0kB
1.0MB
567
751
151.101.128.237:443

assets.squarespace.com

tls

2.3kB
5.0kB
10
10
151.101.128.237:443

assets.squarespace.com

tls

18.5kB
842.2kB
334
620
151.101.128.237:443

assets.squarespace.com

tls

2.2kB
5.0kB
11
10
151.101.128.237:443

assets.squarespace.com

tls

2.3kB
5.0kB
10
11
151.101.128.237:443

assets.squarespace.com

tls

2.2kB
4.8kB
9
7
151.101.128.237:443

assets.squarespace.com

tls

2.2kB
5.0kB
11
10
2.18.190.147:443

use.typekit.net

tls

3.9kB
14.3kB
22
28
151.101.64.238:443

static1.squarespace.com

tls

2.3kB
5.0kB
10
11
151.101.64.238:443

static1.squarespace.com

tls

6.3kB
142.4kB
80
114
52.216.115.51:443

simplemaps-com.s3.amazonaws.com

tls

3.5kB
20.7kB
22
31
52.216.115.51:443

simplemaps-com.s3.amazonaws.com

tls

7.0kB
234.9kB
99
184
51.11.108.188:443

nav-edge.smartscreen.microsoft.com

tls

22.7kB
623.4kB
256
471
51.11.108.188:443

nav-edge.smartscreen.microsoft.com

tls

2.5kB
7.6kB
13
13
2.18.190.147:443

use.typekit.net

tls

13.5kB
377.8kB
210
298
18.244.155.21:443

s.adroll.com

tls

7.8kB
167.5kB
75
132
157.240.221.16:443

connect.facebook.net

tls

5.3kB
80.3kB
50
73
13.107.246.64:443

www.clarity.ms

tls

4.3kB
35.0kB
28
41
185.224.138.143:443

lms.usaleads.net

tls

17.8kB
629.9kB
311
464
151.101.128.237:443

assets.squarespace.com

tls

9.6kB
302.3kB
146
237
151.101.129.229:443

cdn.jsdelivr.net

tls

3.9kB
28.6kB
30
33
151.101.129.229:443

cdn.jsdelivr.net

tls

2.2kB
5.5kB
10
10
2.18.190.144:443

p.typekit.net

tls

3.3kB
6.9kB
18
24
52.212.128.175:443

d.adroll.com

tls

3.2kB
7.2kB
16
18
157.240.221.35:443

www.facebook.com

tls

3.3kB
3.8kB
15
16
142.250.102.156:443

stats.g.doubleclick.net

tls

3.2kB
7.7kB
16
18
216.239.32.36:443

region1.analytics.google.com

tls

3.6kB
8.1kB
17
19
51.8.64.151:443

h.clarity.ms

tls

82.3kB
8.2kB
73
48
13.74.129.1:443

c.clarity.ms

tls

3.3kB
8.1kB
15
16
13.107.21.237:443

c.bing.com

tls

3.8kB
9.6kB
16
21
51.8.64.151:443

h.clarity.ms

tls

27.5kB
7.0kB
32
26
35.186.236.0:443

performance.squarespace.com

tls

7.2kB
6.2kB
17
16
2.19.120.21:443

www.bing.com

tls

2.3kB
5.1kB
10
13
51.8.64.151:443

h.clarity.ms

tls

3.6kB
6.4kB
14
12
51.8.64.151:443

h.clarity.ms

tls

3.4kB
6.4kB
11
12

8.8.8.8:53

kxveh99ab.cc.rs6.net

dns

66 B
82 B
1
1

DNS Request

kxveh99ab.cc.rs6.net

DNS Response

208.75.122.11
8.8.8.8:53

kxveh99ab.cc.rs6.net

dns

66 B
141 B
1
1

DNS Request

kxveh99ab.cc.rs6.net
8.8.8.8:53

kxveh99ab.cc.rs6.net

dns

66 B
82 B
1
1

DNS Request

kxveh99ab.cc.rs6.net

DNS Response

208.75.122.11
8.8.8.8:53

business.bing.com

dns

63 B
144 B
1
1

DNS Request

business.bing.com

DNS Response

13.107.6.158
8.8.8.8:53

business.bing.com

dns

63 B
185 B
1
1

DNS Request

business.bing.com
8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

bzib.nelreports.net

dns

65 B
172 B
1
1

DNS Request

bzib.nelreports.net

DNS Response

2.18.190.74

2.18.190.83
8.8.8.8:53

bzib.nelreports.net

dns

65 B
204 B
1
1

DNS Request

bzib.nelreports.net
8.8.8.8:53

www.physicianloansusa.com

dns

71 B
170 B
1
1

DNS Request

www.physicianloansusa.com

DNS Response

198.185.159.145

198.49.23.145

198.49.23.144

198.185.159.144
8.8.8.8:53

www.physicianloansusa.com

dns

71 B
170 B
1
1

DNS Request

www.physicianloansusa.com

DNS Response

198.49.23.144

198.185.159.144

198.185.159.145

198.49.23.145
8.8.8.8:53

www.physicianloansusa.com

dns

71 B
170 B
1
1

DNS Request

www.physicianloansusa.com
8.8.8.8:53

www.physicianloansusa.com

dns

71 B
170 B
1
1

DNS Request

www.physicianloansusa.com

DNS Response

198.49.23.145

198.185.159.145

198.185.159.144

198.49.23.144
8.8.8.8:53

images.squarespace-cdn.com

dns

72 B
176 B
1
1

DNS Request

images.squarespace-cdn.com

DNS Response

151.101.0.238

151.101.192.238

151.101.64.238

151.101.128.238
8.8.8.8:53

images.squarespace-cdn.com

dns

72 B
170 B
1
1

DNS Request

images.squarespace-cdn.com
8.8.8.8:53

use.typekit.net

dns

61 B
169 B
1
1

DNS Request

use.typekit.net

DNS Response

2.18.190.147

2.18.190.136
8.8.8.8:53

use.typekit.net

dns

61 B
202 B
1
1

DNS Request

use.typekit.net
8.8.8.8:53

assets.squarespace.com

dns

68 B
179 B
1
1

DNS Request

assets.squarespace.com

DNS Response

151.101.128.237

151.101.64.237

151.101.0.237

151.101.192.237
8.8.8.8:53

assets.squarespace.com

dns

68 B
173 B
1
1

DNS Request

assets.squarespace.com
8.8.8.8:53

static1.squarespace.com

dns

69 B
178 B
1
1

DNS Request

static1.squarespace.com

DNS Response

151.101.64.238

151.101.0.238

151.101.192.238

151.101.128.238
8.8.8.8:53

static1.squarespace.com

dns

69 B
172 B
1
1

DNS Request

static1.squarespace.com
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
197 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com

DNS Response

51.11.108.188
8.8.8.8:53

nav-edge.smartscreen.microsoft.com

dns

80 B
242 B
1
1

DNS Request

nav-edge.smartscreen.microsoft.com
8.8.8.8:53

simplemaps-com.s3.amazonaws.com

dns

77 B
255 B
1
1

DNS Request

simplemaps-com.s3.amazonaws.com

DNS Response

52.216.115.51

52.216.221.97

3.5.29.137

52.217.43.20

3.5.30.212

3.5.3.211

52.217.119.113

52.216.221.121
8.8.8.8:53

simplemaps-com.s3.amazonaws.com

dns

77 B
205 B
1
1

DNS Request

simplemaps-com.s3.amazonaws.com
8.8.8.8:53

11.122.75.208.in-addr.arpa

dns

72 B
93 B
1
1

DNS Request

11.122.75.208.in-addr.arpa
8.8.8.8:53

74.190.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

74.190.18.2.in-addr.arpa
8.8.8.8:53

74.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

74.32.126.40.in-addr.arpa
8.8.8.8:53

144.23.49.198.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

144.23.49.198.in-addr.arpa
8.8.8.8:53

79.190.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

79.190.18.2.in-addr.arpa
8.8.8.8:53

data-edge.smartscreen.microsoft.com

dns

81 B
198 B
1
1

DNS Request

data-edge.smartscreen.microsoft.com

DNS Response

51.11.108.188
8.8.8.8:53

data-edge.smartscreen.microsoft.com

dns

81 B
243 B
1
1

DNS Request

data-edge.smartscreen.microsoft.com
8.8.8.8:53

connect.facebook.net

dns

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

157.240.221.16
8.8.8.8:53

connect.facebook.net

dns

66 B
155 B
1
1

DNS Request

connect.facebook.net
8.8.8.8:53

s.adroll.com

dns

58 B
165 B
1
1

DNS Request

s.adroll.com

DNS Response

18.244.155.21

18.244.155.115

18.244.155.127

18.244.155.80
8.8.8.8:53

s.adroll.com

dns

58 B
178 B
1
1

DNS Request

s.adroll.com
8.8.8.8:53

www.clarity.ms

dns

60 B
223 B
1
1

DNS Request

www.clarity.ms

DNS Response

13.107.246.64
8.8.8.8:53

www.clarity.ms

dns

60 B
349 B
1
1

DNS Request

www.clarity.ms
8.8.8.8:53

lms.usaleads.net

dns

62 B
78 B
1
1

DNS Request

lms.usaleads.net

DNS Response

185.224.138.143
8.8.8.8:53

lms.usaleads.net

dns

62 B
131 B
1
1

DNS Request

lms.usaleads.net
8.8.8.8:53

lms.usaleads.net

dns

62 B
78 B
1
1

DNS Request

lms.usaleads.net

DNS Response

185.224.138.143
8.8.8.8:53

www.physicianloansusa.com

dns

71 B
170 B
1
1

DNS Request

www.physicianloansusa.com

DNS Response

198.185.159.145

198.49.23.145

198.185.159.144

198.49.23.144
8.8.8.8:53

238.0.101.151.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

238.0.101.151.in-addr.arpa
8.8.8.8:53

237.128.101.151.in-addr.arpa

dns

74 B
134 B
1
1

DNS Request

237.128.101.151.in-addr.arpa
8.8.8.8:53

147.190.18.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

147.190.18.2.in-addr.arpa
8.8.8.8:53

238.64.101.151.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

238.64.101.151.in-addr.arpa
8.8.8.8:53

188.108.11.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

188.108.11.51.in-addr.arpa
8.8.8.8:53

51.115.216.52.in-addr.arpa

dns

72 B
106 B
1
1

DNS Request

51.115.216.52.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
8.8.8.8:53

21.155.244.18.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

21.155.244.18.in-addr.arpa
8.8.8.8:53

16.221.240.157.in-addr.arpa

dns

73 B
117 B
1
1

DNS Request

16.221.240.157.in-addr.arpa
8.8.8.8:53

168.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

168.179.250.142.in-addr.arpa
157.240.221.16:443

connect.facebook.net

https

4.2kB
4.5kB
7
8
185.224.138.143:443

lms.usaleads.net

https

3.0kB
4.3kB
8
8
8.8.8.8:53

cdn.jsdelivr.net

dns

62 B
160 B
1
1

DNS Request

cdn.jsdelivr.net

DNS Response

151.101.129.229

151.101.193.229

151.101.65.229

151.101.1.229
8.8.8.8:53

cdn.jsdelivr.net

dns

62 B
157 B
1
1

DNS Request

cdn.jsdelivr.net
8.8.8.8:53

d.adroll.com

dns

58 B
157 B
1
1

DNS Request

d.adroll.com

DNS Response

52.212.128.175

54.75.196.169
8.8.8.8:53

d.adroll.com

dns

58 B
208 B
1
1

DNS Request

d.adroll.com
8.8.8.8:53

p.typekit.net

dns

59 B
170 B
1
1

DNS Request

p.typekit.net

DNS Response

2.18.190.144

2.18.190.136
8.8.8.8:53

p.typekit.net

dns

59 B
203 B
1
1

DNS Request

p.typekit.net
8.8.8.8:53

www.facebook.com

dns

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.221.35
8.8.8.8:53

www.facebook.com

dns

62 B
136 B
1
1

DNS Request

www.facebook.com
8.8.8.8:53

region1.analytics.google.com

dns

74 B
106 B
1
1

DNS Request

region1.analytics.google.com

DNS Response

216.239.32.36

216.239.34.36
8.8.8.8:53

region1.analytics.google.com

dns

74 B
124 B
1
1

DNS Request

region1.analytics.google.com
8.8.8.8:53

stats.g.doubleclick.net

dns

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

142.250.102.156

142.250.102.157

142.250.102.154

142.250.102.155
8.8.8.8:53

stats.g.doubleclick.net

dns

69 B
129 B
1
1

DNS Request

stats.g.doubleclick.net
8.8.8.8:53

www.google.co.uk

dns

62 B
78 B
1
1

DNS Request

www.google.co.uk

DNS Response

172.217.168.195
8.8.8.8:53

www.google.co.uk

dns

62 B
87 B
1
1

DNS Request

www.google.co.uk
172.217.168.195:443

www.google.co.uk

https

5.0kB
9.3kB
11
12
2.19.120.21:443

www.bing.com

https

9.0kB
653.9kB
101
519
8.8.8.8:53

h.clarity.ms

dns

58 B
139 B
1
1

DNS Request

h.clarity.ms

DNS Response

51.8.64.151
8.8.8.8:53

h.clarity.ms

dns

58 B
194 B
1
1

DNS Request

h.clarity.ms
8.8.8.8:53

143.138.224.185.in-addr.arpa

dns

74 B
134 B
1
1

DNS Request

143.138.224.185.in-addr.arpa
8.8.8.8:53

229.129.101.151.in-addr.arpa

dns

74 B
134 B
1
1

DNS Request

229.129.101.151.in-addr.arpa
8.8.8.8:53

42.36.251.142.in-addr.arpa

dns

72 B
111 B
1
1

DNS Request

42.36.251.142.in-addr.arpa
8.8.8.8:53

144.190.18.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

144.190.18.2.in-addr.arpa
8.8.8.8:53

3.36.251.142.in-addr.arpa

dns

71 B
109 B
1
1

DNS Request

3.36.251.142.in-addr.arpa
8.8.8.8:53

175.128.212.52.in-addr.arpa

dns

73 B
137 B
1
1

DNS Request

175.128.212.52.in-addr.arpa
8.8.8.8:53

35.221.240.157.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

35.221.240.157.in-addr.arpa
8.8.8.8:53

195.168.217.172.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.168.217.172.in-addr.arpa
8.8.8.8:53

21.120.19.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

21.120.19.2.in-addr.arpa
8.8.8.8:53

36.32.239.216.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

36.32.239.216.in-addr.arpa
8.8.8.8:53

156.102.250.142.in-addr.arpa

dns

74 B
108 B
1
1

DNS Request

156.102.250.142.in-addr.arpa
8.8.8.8:53

c.clarity.ms

dns

58 B
145 B
1
1

DNS Request

c.clarity.ms

DNS Response

13.74.129.1
8.8.8.8:53

c.clarity.ms

dns

58 B
187 B
1
1

DNS Request

c.clarity.ms
8.8.8.8:53

c.bing.com

dns

56 B
151 B
1
1

DNS Request

c.bing.com

DNS Response

13.107.21.237

204.79.197.237
8.8.8.8:53

c.bing.com

dns

56 B
162 B
1
1

DNS Request

c.bing.com
8.8.8.8:53

151.64.8.51.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

151.64.8.51.in-addr.arpa
8.8.8.8:53

46.36.251.142.in-addr.arpa

dns

72 B
111 B
1
1

DNS Request

46.36.251.142.in-addr.arpa
8.8.8.8:53

237.21.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

237.21.107.13.in-addr.arpa
8.8.8.8:53

1.129.74.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

1.129.74.13.in-addr.arpa
224.0.0.251:5353

204 B
3
8.8.8.8:53

26.165.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

26.165.165.52.in-addr.arpa
8.8.8.8:53

171.39.242.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

171.39.242.20.in-addr.arpa
8.8.8.8:53

performance.squarespace.com

dns

73 B
89 B
1
1

DNS Request

performance.squarespace.com

DNS Response

35.186.236.0
8.8.8.8:53

performance.squarespace.com

dns

73 B
137 B
1
1

DNS Request

performance.squarespace.com
8.8.8.8:53

0.236.186.35.in-addr.arpa

dns

71 B
122 B
1
1

DNS Request

0.236.186.35.in-addr.arpa
8.8.8.8:53

77.190.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

77.190.18.2.in-addr.arpa
8.8.8.8:53

h.clarity.ms

dns

58 B
139 B
1
1

DNS Request

h.clarity.ms

DNS Response

51.8.64.151
8.8.8.8:53

h.clarity.ms

dns

58 B
194 B
1
1

DNS Request

h.clarity.ms
8.8.8.8:53

101.58.20.217.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

101.58.20.217.in-addr.arpa
8.8.8.8:53

h.clarity.ms

dns

58 B
139 B
1
1

DNS Request

h.clarity.ms

DNS Response

51.8.64.151
8.8.8.8:53

h.clarity.ms

dns

58 B
194 B
1
1

DNS Request

h.clarity.ms

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response