Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/09/2024, 15:03 UTC

General

  • Target

    01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html

  • Size

    14KB

  • MD5

    01f4f45ac5a689c0e417697eb8323e1d

  • SHA1

    c455648d4965da61bbd6f36837d5cb5685ccda91

  • SHA256

    750d02fcadf7a35668869139f2166bb21137e582abfe0603e5f3812340f55ebb

  • SHA512

    2b002f72d97e36f4cedf4d4ce54ed54935475d45d5c92dabaf8e990950b2c1b57c47324b7057aa1fa7334d79871921eb121a1eebb5d486233b32c22c56881dfc

  • SSDEEP

    384:gjDQ6xuCq8nLuwYWrSaMnoKPUt5mR3tQ/B8yvzrBC8BWOLSFoQ:g46xxTLdFC8BWOLSFoQ

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe7afd46f8,0x7ffe7afd4708,0x7ffe7afd4718
      2⤵
        PID:4888
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
        2⤵
          PID:1236
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4000
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8
          2⤵
            PID:4908
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
            2⤵
              PID:4804
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
              2⤵
                PID:4184
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5828 /prefetch:8
                2⤵
                  PID:5064
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5828 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:1284
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
                  2⤵
                    PID:2956
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
                    2⤵
                      PID:4964
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
                      2⤵
                        PID:3500
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
                        2⤵
                          PID:692
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1484,990166022636253482,12640147398702626563,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:1832
                      • C:\Windows\System32\CompPkgSrv.exe
                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                        1⤵
                          PID:5004
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:2320

                          Network

                          • flag-us
                            DNS
                            13.86.106.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            13.86.106.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            school-shop.su
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            school-shop.su
                            IN A
                            Response
                            school-shop.su
                            IN A
                            185.72.146.162
                          • flag-us
                            DNS
                            mc.yandex.ru
                            Remote address:
                            8.8.8.8:53
                            Request
                            mc.yandex.ru
                            IN A
                            Response
                            mc.yandex.ru
                            IN A
                            77.88.21.119
                            mc.yandex.ru
                            IN A
                            93.158.134.119
                            mc.yandex.ru
                            IN A
                            87.250.251.119
                            mc.yandex.ru
                            IN A
                            87.250.250.119
                          • flag-ru
                            GET
                            http://school-shop.su/f/js/jquery.favicon.js
                            msedge.exe
                            Remote address:
                            185.72.146.162:80
                            Request
                            GET /f/js/jquery.favicon.js HTTP/1.1
                            Host: school-shop.su
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.18.0
                            Date: Mon, 30 Sep 2024 15:03:21 GMT
                            Content-Type: application/x-javascript
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Keep-Alive: timeout=30
                            Vary: Accept-Encoding
                            Last-Modified: Fri, 24 Sep 2010 10:32:04 GMT
                            ETag: W/"1379-490fee3c0d100"
                            X-Content-Type-Options: nosniff
                            Content-Encoding: gzip
                          • flag-ru
                            GET
                            http://school-shop.su/f/i/detsad.jpg
                            msedge.exe
                            Remote address:
                            185.72.146.162:80
                            Request
                            GET /f/i/detsad.jpg HTTP/1.1
                            Host: school-shop.su
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.18.0
                            Date: Mon, 30 Sep 2024 15:03:21 GMT
                            Content-Type: image/jpeg
                            Content-Length: 9164
                            Connection: keep-alive
                            Keep-Alive: timeout=30
                            Last-Modified: Mon, 21 Jan 2013 18:58:16 GMT
                            ETag: "23cc-4d3d10b2d8200"
                            Accept-Ranges: bytes
                            X-Content-Type-Options: nosniff
                          • flag-ru
                            GET
                            http://school-shop.su/f/i/school.jpg
                            msedge.exe
                            Remote address:
                            185.72.146.162:80
                            Request
                            GET /f/i/school.jpg HTTP/1.1
                            Host: school-shop.su
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.18.0
                            Date: Mon, 30 Sep 2024 15:03:21 GMT
                            Content-Type: image/jpeg
                            Content-Length: 7218
                            Connection: keep-alive
                            Keep-Alive: timeout=30
                            Last-Modified: Mon, 21 Jan 2013 18:55:08 GMT
                            ETag: "1c32-4d3d0fff8db00"
                            Accept-Ranges: bytes
                            X-Content-Type-Options: nosniff
                          • flag-ru
                            GET
                            http://school-shop.su/f/i/xls.png
                            msedge.exe
                            Remote address:
                            185.72.146.162:80
                            Request
                            GET /f/i/xls.png HTTP/1.1
                            Host: school-shop.su
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.18.0
                            Date: Mon, 30 Sep 2024 15:03:22 GMT
                            Content-Type: image/png
                            Content-Length: 3550
                            Connection: keep-alive
                            Keep-Alive: timeout=30
                            Last-Modified: Wed, 09 Jan 2013 15:51:45 GMT
                            ETag: "dde-4d2dd0a0be640"
                            Accept-Ranges: bytes
                            X-Content-Type-Options: nosniff
                          • flag-ru
                            GET
                            http://school-shop.su/f/js/jquery.favicon.run.js
                            msedge.exe
                            Remote address:
                            185.72.146.162:80
                            Request
                            GET /f/js/jquery.favicon.run.js HTTP/1.1
                            Host: school-shop.su
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.18.0
                            Date: Mon, 30 Sep 2024 15:03:21 GMT
                            Content-Type: application/x-javascript
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Keep-Alive: timeout=30
                            Vary: Accept-Encoding
                            Last-Modified: Sat, 26 Jan 2013 11:30:10 GMT
                            ETag: W/"5e-4d42f5dda9480"
                            X-Content-Type-Options: nosniff
                            Content-Encoding: gzip
                          • flag-ru
                            GET
                            http://school-shop.su/f/i/prof.jpg
                            msedge.exe
                            Remote address:
                            185.72.146.162:80
                            Request
                            GET /f/i/prof.jpg HTTP/1.1
                            Host: school-shop.su
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.18.0
                            Date: Mon, 30 Sep 2024 15:03:21 GMT
                            Content-Type: image/jpeg
                            Content-Length: 7266
                            Connection: keep-alive
                            Keep-Alive: timeout=30
                            Last-Modified: Mon, 21 Jan 2013 19:00:31 GMT
                            ETag: "1c62-4d3d1133971c0"
                            Accept-Ranges: bytes
                            X-Content-Type-Options: nosniff
                          • flag-ru
                            GET
                            http://school-shop.su/f/js/jquery-1.7.2.min.js
                            msedge.exe
                            Remote address:
                            185.72.146.162:80
                            Request
                            GET /f/js/jquery-1.7.2.min.js HTTP/1.1
                            Host: school-shop.su
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.18.0
                            Date: Mon, 30 Sep 2024 15:03:21 GMT
                            Content-Type: application/x-javascript
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Keep-Alive: timeout=30
                            Vary: Accept-Encoding
                            Last-Modified: Fri, 23 Mar 2012 08:05:36 GMT
                            ETag: W/"17278-4bbe47d4d5400"
                            X-Content-Type-Options: nosniff
                            Content-Encoding: gzip
                          • flag-ru
                            GET
                            http://school-shop.su/f/i/logo2.png
                            msedge.exe
                            Remote address:
                            185.72.146.162:80
                            Request
                            GET /f/i/logo2.png HTTP/1.1
                            Host: school-shop.su
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.18.0
                            Date: Mon, 30 Sep 2024 15:03:21 GMT
                            Content-Type: image/png
                            Content-Length: 8622
                            Connection: keep-alive
                            Keep-Alive: timeout=30
                            Last-Modified: Mon, 21 Jan 2013 18:39:22 GMT
                            ETag: "21ae-4d3d0c7960a80"
                            Accept-Ranges: bytes
                            X-Content-Type-Options: nosniff
                          • flag-ru
                            GET
                            http://school-shop.su/4.gif
                            msedge.exe
                            Remote address:
                            185.72.146.162:80
                            Request
                            GET /4.gif HTTP/1.1
                            Host: school-shop.su
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.18.0
                            Date: Mon, 30 Sep 2024 15:03:43 GMT
                            Content-Type: image/gif
                            Content-Length: 1058
                            Connection: keep-alive
                            Keep-Alive: timeout=30
                            Last-Modified: Fri, 25 Jan 2013 21:24:48 GMT
                            ETag: "422-4d4238e964800"
                            Accept-Ranges: bytes
                            X-Content-Type-Options: nosniff
                          • flag-us
                            DNS
                            counter.rambler.ru
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            counter.rambler.ru
                            IN A
                            Response
                            counter.rambler.ru
                            IN A
                            81.19.89.16
                            counter.rambler.ru
                            IN A
                            81.19.89.18
                            counter.rambler.ru
                            IN A
                            81.19.89.17
                          • flag-ru
                            GET
                            http://counter.rambler.ru/top100.jcn?2870985
                            msedge.exe
                            Remote address:
                            81.19.89.16:80
                            Request
                            GET /top100.jcn?2870985 HTTP/1.1
                            Host: counter.rambler.ru
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 307 Temporary Redirect
                            Server: nginx
                            Date: Mon, 30 Sep 2024 15:03:21 GMT
                            Content-Type: text/html
                            Content-Length: 164
                            Connection: keep-alive
                            Location: https://counter.rambler.ru/top100.jcn?2870985
                            Access-Control-Allow-Methods: GET, POST, OPTIONS
                            Access-Control-Allow-Headers: content-type
                            Access-Control-Allow-Credentials: true
                          • flag-us
                            DNS
                            site.yandex.net
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            site.yandex.net
                            IN A
                            Response
                            site.yandex.net
                            IN CNAME
                            static.yandex.net
                            static.yandex.net
                            IN CNAME
                            cdnruntyf7lllogy6adk.svc.cdn.yandex.net
                            cdnruntyf7lllogy6adk.svc.cdn.yandex.net
                            IN CNAME
                            cloud.cdn.yandex.net
                            cloud.cdn.yandex.net
                            IN A
                            37.9.64.225
                          • flag-gb
                            GET
                            http://www.google-analytics.com/ga.js
                            msedge.exe
                            Remote address:
                            172.217.169.46:80
                            Request
                            GET /ga.js HTTP/1.1
                            Host: www.google-analytics.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                            X-Content-Type-Options: nosniff
                            Content-Encoding: gzip
                            Cross-Origin-Resource-Policy: cross-origin
                            Server: Golfe2
                            Content-Length: 17168
                            Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
                            Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
                            Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
                            Date: Mon, 30 Sep 2024 13:37:06 GMT
                            Expires: Mon, 30 Sep 2024 15:37:06 GMT
                            Cache-Control: public, max-age=7200
                            Age: 5175
                            Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
                            Content-Type: text/javascript
                            Vary: Accept-Encoding
                          • flag-ru
                            GET
                            https://counter.rambler.ru/top100.jcn?2870985
                            msedge.exe
                            Remote address:
                            81.19.89.16:443
                            Request
                            GET /top100.jcn?2870985 HTTP/2.0
                            host: counter.rambler.ru
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            dnt: 1
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:22 GMT
                            content-type: application/javascript
                            x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
                            x-amz-request-id: 00000192432C1055A8041FF514D32F89
                            etag: W/"992f9bac25fec316365533404b6e34d9"
                            last-modified: Fri, 27 Sep 2024 10:57:18 GMT
                            x-amz-meta-s3cmd-attrs: atime:1727434505/ctime:1727434504/gid:0/gname:root/md5:992f9bac25fec316365533404b6e34d9/mode:33188/mtime:1727434503/uid:0/uname:root
                            x-amz-tagging-count: 0
                            x-amz-content-sha256: 8c02daa739c422c7e17056502bb96be8957f130376f23d96f59cd9858da91844
                            x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                            content-encoding: gzip
                            x-cdn-request-id: 71bfe76fa5810a2f88617e6293969c05
                            x-cdn-edge-id: 1173
                            x-cdn-edge-cache: HIT
                            expires: Mon, 30 Sep 2024 16:03:22 GMT
                            cache-control: max-age=3600
                          • flag-ru
                            POST
                            https://kraken.rambler.ru/cnt/v2/
                            msedge.exe
                            Remote address:
                            81.19.89.16:443
                            Request
                            POST /cnt/v2/ HTTP/2.0
                            host: kraken.rambler.ru
                            content-length: 1250
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            content-type: application/x-www-form-urlencoded
                            accept: */*
                            origin: null
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:22 GMT
                            content-type: image/gif
                            content-length: 43
                            accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
                            access-control-allow-credentials: true
                            access-control-allow-headers: content-type
                            access-control-allow-methods: GET, POST, OPTIONS
                            access-control-allow-origin: *
                            cache-control: no-cache
                            expires: Thu, 01 Jan 1970 00:00:01 GMT
                            pragma: no-cache
                            set-cookie: ruid=1CIAALq9+mYBAIprAxBD1wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly,; Secure
                            set-cookie: proto_uid=1CIAALq9+mYBAIprAxBD1wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly; Secure
                            strict-transport-security: max-age=31536000; includeSubDomains
                            x-sca-elb: nginx-top100-ext-dedicated
                          • flag-ru
                            POST
                            https://kraken.rambler.ru/cnt/v2/
                            msedge.exe
                            Remote address:
                            81.19.89.16:443
                            Request
                            POST /cnt/v2/ HTTP/2.0
                            host: kraken.rambler.ru
                            content-length: 1258
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            content-type: application/x-www-form-urlencoded
                            accept: */*
                            origin: null
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:23 GMT
                            content-type: image/gif
                            content-length: 43
                            accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
                            access-control-allow-credentials: true
                            access-control-allow-headers: content-type
                            access-control-allow-methods: GET, POST, OPTIONS
                            access-control-allow-origin: *
                            cache-control: no-cache
                            expires: Thu, 01 Jan 1970 00:00:01 GMT
                            pragma: no-cache
                            set-cookie: ruid=1CIAALu9+mYBAMulAySbpwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly,; Secure
                            set-cookie: proto_uid=1CIAALu9+mYBAMulAySbpwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly; Secure
                            strict-transport-security: max-age=31536000; includeSubDomains
                            x-sca-elb: nginx-top100-ext-dedicated
                          • flag-ru
                            POST
                            https://kraken.rambler.ru/cnt/v2/
                            msedge.exe
                            Remote address:
                            81.19.89.16:443
                            Request
                            POST /cnt/v2/ HTTP/2.0
                            host: kraken.rambler.ru
                            content-length: 1258
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            content-type: application/x-www-form-urlencoded
                            accept: */*
                            origin: null
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:23 GMT
                            content-type: image/gif
                            content-length: 43
                            accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
                            access-control-allow-credentials: true
                            access-control-allow-headers: content-type
                            access-control-allow-methods: GET, POST, OPTIONS
                            access-control-allow-origin: *
                            cache-control: no-cache
                            expires: Thu, 01 Jan 1970 00:00:01 GMT
                            pragma: no-cache
                            set-cookie: ruid=1CIAALu9+mYBAFq2A0wjnwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly,; Secure
                            set-cookie: proto_uid=1CIAALu9+mYBAFq2A0wjnwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly; Secure
                            strict-transport-security: max-age=31536000; includeSubDomains
                            x-sca-elb: nginx-top100-ext-dedicated
                          • flag-ru
                            POST
                            https://kraken.rambler.ru/cnt/v2/
                            msedge.exe
                            Remote address:
                            81.19.89.16:443
                            Request
                            POST /cnt/v2/ HTTP/2.0
                            host: kraken.rambler.ru
                            content-length: 1258
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            content-type: application/x-www-form-urlencoded
                            accept: */*
                            origin: null
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:24 GMT
                            content-type: image/gif
                            content-length: 43
                            accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
                            access-control-allow-credentials: true
                            access-control-allow-headers: content-type
                            access-control-allow-methods: GET, POST, OPTIONS
                            access-control-allow-origin: *
                            cache-control: no-cache
                            expires: Thu, 01 Jan 1970 00:00:01 GMT
                            pragma: no-cache
                            set-cookie: ruid=1CIAALy9+mYBACkQA0iTvwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly,; Secure
                            set-cookie: proto_uid=1CIAALy9+mYBACkQA0iTvwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly; Secure
                            strict-transport-security: max-age=31536000; includeSubDomains
                            x-sca-elb: nginx-top100-ext-dedicated
                          • flag-ru
                            POST
                            https://kraken.rambler.ru/cnt/v2/
                            msedge.exe
                            Remote address:
                            81.19.89.16:443
                            Request
                            POST /cnt/v2/ HTTP/2.0
                            host: kraken.rambler.ru
                            content-length: 1258
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            content-type: application/x-www-form-urlencoded
                            accept: */*
                            origin: null
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:25 GMT
                            content-type: image/gif
                            content-length: 43
                            accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
                            access-control-allow-credentials: true
                            access-control-allow-headers: content-type
                            access-control-allow-methods: GET, POST, OPTIONS
                            access-control-allow-origin: *
                            cache-control: no-cache
                            expires: Thu, 01 Jan 1970 00:00:01 GMT
                            pragma: no-cache
                            set-cookie: ruid=1CIAAL29+mYBAK7GA9efpwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly,; Secure
                            set-cookie: proto_uid=1CIAAL29+mYBAK7GA9efpwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly; Secure
                            strict-transport-security: max-age=31536000; includeSubDomains
                            x-sca-elb: nginx-top100-ext-dedicated
                          • flag-ru
                            POST
                            https://kraken.rambler.ru/cnt/v2/
                            msedge.exe
                            Remote address:
                            81.19.89.16:443
                            Request
                            POST /cnt/v2/ HTTP/2.0
                            host: kraken.rambler.ru
                            content-length: 1258
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            content-type: application/x-www-form-urlencoded
                            accept: */*
                            origin: null
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:27 GMT
                            content-type: image/gif
                            content-length: 43
                            accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
                            access-control-allow-credentials: true
                            access-control-allow-headers: content-type
                            access-control-allow-methods: GET, POST, OPTIONS
                            access-control-allow-origin: *
                            cache-control: no-cache
                            expires: Thu, 01 Jan 1970 00:00:01 GMT
                            pragma: no-cache
                            set-cookie: ruid=1CIAAL+9+mYBAK7GAx8vqwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly,; Secure
                            set-cookie: proto_uid=1CIAAL+9+mYBAK7GAx8vqwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly; Secure
                            strict-transport-security: max-age=31536000; includeSubDomains
                            x-sca-elb: nginx-top100-ext-dedicated
                          • flag-ru
                            POST
                            https://kraken.rambler.ru/cnt/v2/
                            msedge.exe
                            Remote address:
                            81.19.89.16:443
                            Request
                            POST /cnt/v2/ HTTP/2.0
                            host: kraken.rambler.ru
                            content-length: 1258
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            content-type: application/x-www-form-urlencoded
                            accept: */*
                            origin: null
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:57 GMT
                            content-type: image/gif
                            content-length: 43
                            accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
                            access-control-allow-credentials: true
                            access-control-allow-headers: content-type
                            access-control-allow-methods: GET, POST, OPTIONS
                            access-control-allow-origin: *
                            cache-control: no-cache
                            expires: Thu, 01 Jan 1970 00:00:01 GMT
                            pragma: no-cache
                            set-cookie: ruid=1CIAAN29+mYBAMulAz9n3wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly,; Secure
                            set-cookie: proto_uid=1CIAAN29+mYBAMulAz9n3wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly; Secure
                            strict-transport-security: max-age=31536000; includeSubDomains
                            x-sca-elb: nginx-top100-ext-dedicated
                          • flag-ru
                            POST
                            https://kraken.rambler.ru/cnt/v2/
                            msedge.exe
                            Remote address:
                            81.19.89.16:443
                            Request
                            POST /cnt/v2/ HTTP/2.0
                            host: kraken.rambler.ru
                            content-length: 1258
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            content-type: application/x-www-form-urlencoded
                            accept: */*
                            origin: null
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:04:57 GMT
                            content-type: image/gif
                            content-length: 43
                            accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
                            access-control-allow-credentials: true
                            access-control-allow-headers: content-type
                            access-control-allow-methods: GET, POST, OPTIONS
                            access-control-allow-origin: *
                            cache-control: no-cache
                            expires: Thu, 01 Jan 1970 00:00:01 GMT
                            pragma: no-cache
                            set-cookie: ruid=1CIAABm++mYBACkQA1gjVwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly,; Secure
                            set-cookie: proto_uid=1CIAABm++mYBACkQA1gjVwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/; HttpOnly; Secure
                            strict-transport-security: max-age=31536000; includeSubDomains
                            x-sca-elb: nginx-top100-ext-dedicated
                          • flag-ru
                            GET
                            http://site.yandex.net/v2.0/js/all.js
                            msedge.exe
                            Remote address:
                            37.9.64.225:80
                            Request
                            GET /v2.0/js/all.js HTTP/1.1
                            Host: site.yandex.net
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx
                            Date: Mon, 30 Sep 2024 15:03:21 GMT
                            Content-Type: application/javascript
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Keep-Alive: timeout=60
                            Vary: Accept-Encoding
                            Access-Control-Allow-Origin: *
                            Cache-Control: public, max-age=216013
                            Etag: W/"f7635abc3bcad1a251f1d35c2fbe002e"
                            Expires: Thu, 26 Sep 2024 12:15:31 GMT
                            Last-Modified: Thu, 14 Mar 2024 10:20:57 GMT
                            NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
                            Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
                            Strict-Transport-Security: max-age=43200000; includeSubDomains;
                            Timing-Allow-Origin: *
                            Vary: Accept-Encoding
                            X-Robots-Tag: noindex, noarchive, nofollow
                            X-Request-Id: fa5c6a443ee163e8
                            Cache-Host: cloudcdn-std-43.cdn.yandex.net
                            Cache-Status: HIT
                            Content-Encoding: gzip
                          • flag-us
                            DNS
                            83.210.23.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            83.210.23.2.in-addr.arpa
                            IN PTR
                            Response
                            83.210.23.2.in-addr.arpa
                            IN PTR
                            a2-23-210-83deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            95.221.229.192.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            95.221.229.192.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            162.146.72.185.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            162.146.72.185.in-addr.arpa
                            IN PTR
                            Response
                            162.146.72.185.in-addr.arpa
                            IN PTR
                            sn003 fullspaceru
                          • flag-us
                            DNS
                            16.89.19.81.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            16.89.19.81.in-addr.arpa
                            IN PTR
                            Response
                            16.89.19.81.in-addr.arpa
                            IN PTR
                            krakenramblerru
                          • flag-us
                            DNS
                            46.169.217.172.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            46.169.217.172.in-addr.arpa
                            IN PTR
                            Response
                            46.169.217.172.in-addr.arpa
                            IN PTR
                            lhr48s08-in-f141e100net
                          • flag-us
                            DNS
                            225.64.9.37.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            225.64.9.37.in-addr.arpa
                            IN PTR
                            Response
                            225.64.9.37.in-addr.arpa
                            IN PTR
                            cloudcdnyandexnet
                          • flag-us
                            DNS
                            yastatic.net
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            yastatic.net
                            IN A
                            Response
                            yastatic.net
                            IN A
                            178.154.131.215
                            yastatic.net
                            IN A
                            178.154.131.217
                          • flag-ru
                            GET
                            https://yastatic.net/jquery/1.6.2/jquery.min.js
                            msedge.exe
                            Remote address:
                            178.154.131.215:443
                            Request
                            GET /jquery/1.6.2/jquery.min.js HTTP/2.0
                            host: yastatic.net
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx/1.17.9
                            date: Mon, 30 Sep 2024 15:03:22 GMT
                            content-type: application/x-javascript
                            content-length: 28368
                            access-control-allow-origin: *
                            cache-control: public, max-age=31556952
                            content-encoding: br
                            etag: "57f5e4ce99f95e1eb0f18d52b65b6769"
                            expires: Thu, 14 Aug 2025 20:44:15 GMT
                            last-modified: Mon, 12 Nov 2018 13:13:42 GMT
                            nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
                            report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
                            strict-transport-security: max-age=43200000; includeSubDomains;
                            timing-allow-origin: *
                            vary: Accept-Encoding
                            x-nginx-request-id: 4f863fe047210134
                            accept-ranges: bytes
                          • flag-us
                            DNS
                            kraken.rambler.ru
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            kraken.rambler.ru
                            IN A
                            Response
                            kraken.rambler.ru
                            IN A
                            81.19.89.18
                            kraken.rambler.ru
                            IN A
                            81.19.89.17
                            kraken.rambler.ru
                            IN A
                            81.19.89.16
                            kraken.rambler.ru
                            IN A
                            46.243.143.140
                          • flag-us
                            DNS
                            counter.yadro.ru
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            counter.yadro.ru
                            IN A
                            Response
                            counter.yadro.ru
                            IN A
                            88.212.201.204
                            counter.yadro.ru
                            IN A
                            88.212.202.52
                            counter.yadro.ru
                            IN A
                            88.212.201.198
                          • flag-us
                            DNS
                            widget.siteheart.com
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            widget.siteheart.com
                            IN A
                            Response
                          • flag-ru
                            GET
                            https://site.yandex.net/v2.0/i/yandex-hint-rb.png
                            msedge.exe
                            Remote address:
                            37.9.64.225:443
                            Request
                            GET /v2.0/i/yandex-hint-rb.png HTTP/2.0
                            host: site.yandex.net
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:22 GMT
                            content-type: image/png
                            content-length: 425
                            access-control-allow-origin: *
                            cache-control: public, max-age=216013
                            etag: "fbe624b4939c4538e386beffac5861f6"
                            expires: Tue, 23 Jul 2024 06:52:22 GMT
                            last-modified: Thu, 14 Mar 2024 10:20:57 GMT
                            nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
                            report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
                            strict-transport-security: max-age=43200000; includeSubDomains;
                            timing-allow-origin: *
                            vary: Accept-Encoding
                            x-robots-tag: noindex, noarchive, nofollow
                            x-request-id: 4220f2c1dfc7935c
                            cache-host: cloudcdn-m9-11.cdn.yandex.net
                            cache-status: HIT
                            accept-ranges: bytes
                          • flag-ru
                            GET
                            https://site.yandex.net/v2.0/js/suggest.js
                            msedge.exe
                            Remote address:
                            37.9.64.225:443
                            Request
                            GET /v2.0/js/suggest.js HTTP/2.0
                            host: site.yandex.net
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:22 GMT
                            content-type: application/javascript
                            vary: Accept-Encoding
                            access-control-allow-origin: *
                            cache-control: public, max-age=216013
                            etag: W/"7b6f38e40b4c5677b862a187cb8b3e24"
                            expires: Sat, 14 Sep 2024 21:26:35 GMT
                            last-modified: Thu, 14 Mar 2024 10:20:57 GMT
                            nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
                            report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
                            strict-transport-security: max-age=43200000; includeSubDomains;
                            timing-allow-origin: *
                            vary: Accept-Encoding
                            x-robots-tag: noindex, noarchive, nofollow
                            content-encoding: br
                            x-request-id: e73b05b13db7c1e7
                            cache-host: cloudcdn-m9-11.cdn.yandex.net
                            cache-status: HIT
                          • flag-ru
                            GET
                            https://site.yandex.net/v2.0/js/opensearch.js
                            msedge.exe
                            Remote address:
                            37.9.64.225:443
                            Request
                            GET /v2.0/js/opensearch.js HTTP/2.0
                            host: site.yandex.net
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:22 GMT
                            content-type: application/javascript
                            vary: Accept-Encoding
                            access-control-allow-origin: *
                            cache-control: public, max-age=216013
                            etag: W/"d12257f87644c4e89830f47705dee860"
                            expires: Sat, 14 Sep 2024 21:26:35 GMT
                            last-modified: Thu, 14 Mar 2024 10:20:57 GMT
                            nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
                            report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
                            strict-transport-security: max-age=43200000; includeSubDomains;
                            timing-allow-origin: *
                            vary: Accept-Encoding
                            x-robots-tag: noindex, noarchive, nofollow
                            content-encoding: br
                            x-request-id: 7b47db4176197070
                            cache-host: cloudcdn-m9-11.cdn.yandex.net
                            cache-status: HIT
                          • flag-ru
                            GET
                            https://site.yandex.net/v2.0/js/punycode.js
                            msedge.exe
                            Remote address:
                            37.9.64.225:443
                            Request
                            GET /v2.0/js/punycode.js HTTP/2.0
                            host: site.yandex.net
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            date: Mon, 30 Sep 2024 15:03:23 GMT
                            content-type: application/javascript
                            vary: Accept-Encoding
                            access-control-allow-origin: *
                            cache-control: public, max-age=216013
                            etag: W/"0fb20dc655bce6eec71e5cee38b400fe"
                            expires: Sat, 14 Sep 2024 21:26:55 GMT
                            last-modified: Thu, 14 Mar 2024 10:20:57 GMT
                            nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
                            report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
                            strict-transport-security: max-age=43200000; includeSubDomains;
                            timing-allow-origin: *
                            vary: Accept-Encoding
                            x-robots-tag: noindex, noarchive, nofollow
                            content-encoding: br
                            x-request-id: 7775cfb2f49fa7cf
                            cache-host: cloudcdn-m9-11.cdn.yandex.net
                            cache-status: HIT
                          • flag-ru
                            GET
                            http://counter.yadro.ru/hit?t14.11;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html;0.5807951734303114
                            msedge.exe
                            Remote address:
                            88.212.201.204:80
                            Request
                            GET /hit?t14.11;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html;0.5807951734303114 HTTP/1.1
                            Host: counter.yadro.ru
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 302 Moved Temporarily
                            Date: Mon, 30 Sep 2024 15:03:22 GMT
                            Server: 0W/0.8c
                            Content-Type: text/html
                            Location: https://counter.yadro.ru/hit?t14.11;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html;0.5807951734303114
                            Content-Length: 32
                            Expires: Sat, 30 Sep 2023 21:00:00 GMT
                            Pragma: no-cache
                            Cache-control: no-cache
                          • flag-ru
                            GET
                            https://counter.yadro.ru/hit?t14.11;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html;0.5807951734303114
                            msedge.exe
                            Remote address:
                            88.212.201.204:443
                            Request
                            GET /hit?t14.11;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html;0.5807951734303114 HTTP/1.1
                            Host: counter.yadro.ru
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            Sec-Fetch-Site: cross-site
                            Sec-Fetch-Mode: no-cors
                            Sec-Fetch-Dest: image
                            Accept-Encoding: gzip, deflate, br
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Server: nginx/1.17.9
                            Date: Mon, 30 Sep 2024 15:03:23 GMT
                            Content-Type: image/gif
                            Content-Length: 177
                            Connection: keep-alive
                            Expires: Sat, 30 Sep 2023 21:00:00 GMT
                            Pragma: no-cache
                            Cache-control: no-cache
                            Access-Control-Allow-Origin: *
                            Strict-Transport-Security: max-age=86400
                          • flag-us
                            DNS
                            215.131.154.178.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            215.131.154.178.in-addr.arpa
                            IN PTR
                            Response
                            215.131.154.178.in-addr.arpa
                            IN PTR
                            staticyandexnet
                          • flag-us
                            DNS
                            204.201.212.88.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            204.201.212.88.in-addr.arpa
                            IN PTR
                            Response
                            204.201.212.88.in-addr.arpa
                            IN CNAME
                            204.192/26.201.212.88.in-addr.arpa
                            204.192/26.201.212.88.in-addr.arpa
                            IN PTR
                            host204raxru
                          • flag-us
                            DNS
                            mc.yandex.ru
                            Remote address:
                            8.8.8.8:53
                            Request
                            mc.yandex.ru
                            IN A
                            Response
                            mc.yandex.ru
                            IN A
                            87.250.251.119
                            mc.yandex.ru
                            IN A
                            77.88.21.119
                            mc.yandex.ru
                            IN A
                            87.250.250.119
                            mc.yandex.ru
                            IN A
                            93.158.134.119
                          • flag-us
                            DNS
                            104.219.191.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            104.219.191.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            196.249.167.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            196.249.167.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            183.59.114.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            183.59.114.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            15.164.165.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            15.164.165.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            98.117.19.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            98.117.19.2.in-addr.arpa
                            IN PTR
                            Response
                            98.117.19.2.in-addr.arpa
                            IN PTR
                            a2-19-117-98deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            14.227.111.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            14.227.111.52.in-addr.arpa
                            IN PTR
                            Response
                          • 77.88.21.119:445
                            mc.yandex.ru
                            260 B
                            5
                          • 185.72.146.162:80
                            http://school-shop.su/f/i/xls.png
                            http
                            msedge.exe
                            2.2kB
                            23.9kB
                            18
                            25

                            HTTP Request

                            GET http://school-shop.su/f/js/jquery.favicon.js

                            HTTP Response

                            200

                            HTTP Request

                            GET http://school-shop.su/f/i/detsad.jpg

                            HTTP Response

                            200

                            HTTP Request

                            GET http://school-shop.su/f/i/school.jpg

                            HTTP Response

                            200

                            HTTP Request

                            GET http://school-shop.su/f/i/xls.png

                            HTTP Response

                            200
                          • 185.72.146.162:80
                            http://school-shop.su/f/i/prof.jpg
                            http
                            msedge.exe
                            1.3kB
                            8.5kB
                            13
                            12

                            HTTP Request

                            GET http://school-shop.su/f/js/jquery.favicon.run.js

                            HTTP Response

                            200

                            HTTP Request

                            GET http://school-shop.su/f/i/prof.jpg

                            HTTP Response

                            200
                          • 185.72.146.162:80
                            http://school-shop.su/4.gif
                            http
                            msedge.exe
                            2.5kB
                            51.4kB
                            31
                            44

                            HTTP Request

                            GET http://school-shop.su/f/js/jquery-1.7.2.min.js

                            HTTP Response

                            200

                            HTTP Request

                            GET http://school-shop.su/f/i/logo2.png

                            HTTP Response

                            200

                            HTTP Request

                            GET http://school-shop.su/4.gif

                            HTTP Response

                            200
                          • 81.19.89.16:80
                            http://counter.rambler.ru/top100.jcn?2870985
                            http
                            msedge.exe
                            593 B
                            724 B
                            6
                            5

                            HTTP Request

                            GET http://counter.rambler.ru/top100.jcn?2870985

                            HTTP Response

                            307
                          • 185.72.146.162:80
                            school-shop.su
                            msedge.exe
                            288 B
                            184 B
                            6
                            4
                          • 185.72.146.162:80
                            school-shop.su
                            msedge.exe
                            288 B
                            184 B
                            6
                            4
                          • 172.217.169.46:80
                            http://www.google-analytics.com/ga.js
                            http
                            msedge.exe
                            908 B
                            18.8kB
                            13
                            19

                            HTTP Request

                            GET http://www.google-analytics.com/ga.js

                            HTTP Response

                            200
                          • 81.19.89.16:443
                            https://kraken.rambler.ru/cnt/v2/
                            tls, http2
                            msedge.exe
                            14.6kB
                            53.8kB
                            60
                            69

                            HTTP Request

                            GET https://counter.rambler.ru/top100.jcn?2870985

                            HTTP Response

                            200

                            HTTP Request

                            POST https://kraken.rambler.ru/cnt/v2/

                            HTTP Response

                            200

                            HTTP Request

                            POST https://kraken.rambler.ru/cnt/v2/

                            HTTP Response

                            200

                            HTTP Request

                            POST https://kraken.rambler.ru/cnt/v2/

                            HTTP Response

                            200

                            HTTP Request

                            POST https://kraken.rambler.ru/cnt/v2/

                            HTTP Response

                            200

                            HTTP Request

                            POST https://kraken.rambler.ru/cnt/v2/

                            HTTP Response

                            200

                            HTTP Request

                            POST https://kraken.rambler.ru/cnt/v2/

                            HTTP Response

                            200

                            HTTP Request

                            POST https://kraken.rambler.ru/cnt/v2/

                            HTTP Response

                            200

                            HTTP Request

                            POST https://kraken.rambler.ru/cnt/v2/

                            HTTP Response

                            200
                          • 37.9.64.225:80
                            http://site.yandex.net/v2.0/js/all.js
                            http
                            msedge.exe
                            1.0kB
                            22.4kB
                            15
                            23

                            HTTP Request

                            GET http://site.yandex.net/v2.0/js/all.js

                            HTTP Response

                            200
                          • 178.154.131.215:443
                            https://yastatic.net/jquery/1.6.2/jquery.min.js
                            tls, http2
                            msedge.exe
                            2.3kB
                            35.1kB
                            28
                            40

                            HTTP Request

                            GET https://yastatic.net/jquery/1.6.2/jquery.min.js

                            HTTP Response

                            200
                          • 93.158.134.119:445
                            mc.yandex.ru
                            260 B
                            5
                          • 87.250.251.119:445
                            mc.yandex.ru
                            260 B
                            5
                          • 87.250.250.119:445
                            mc.yandex.ru
                            260 B
                            5
                          • 37.9.64.225:443
                            site.yandex.net
                            tls
                            msedge.exe
                            1.0kB
                            5.8kB
                            9
                            10
                          • 37.9.64.225:443
                            https://site.yandex.net/v2.0/js/punycode.js
                            tls, http2
                            msedge.exe
                            2.6kB
                            23.4kB
                            28
                            34

                            HTTP Request

                            GET https://site.yandex.net/v2.0/i/yandex-hint-rb.png

                            HTTP Request

                            GET https://site.yandex.net/v2.0/js/suggest.js

                            HTTP Request

                            GET https://site.yandex.net/v2.0/js/opensearch.js

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Request

                            GET https://site.yandex.net/v2.0/js/punycode.js

                            HTTP Response

                            200
                          • 37.9.64.225:443
                            site.yandex.net
                            tls
                            msedge.exe
                            977 B
                            5.1kB
                            10
                            8
                          • 88.212.201.204:80
                            http://counter.yadro.ru/hit?t14.11;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html;0.5807951734303114
                            http
                            msedge.exe
                            766 B
                            600 B
                            6
                            4

                            HTTP Request

                            GET http://counter.yadro.ru/hit?t14.11;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html;0.5807951734303114

                            HTTP Response

                            302
                          • 88.212.201.204:443
                            https://counter.yadro.ru/hit?t14.11;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html;0.5807951734303114
                            tls, http
                            msedge.exe
                            1.7kB
                            4.0kB
                            11
                            9

                            HTTP Request

                            GET https://counter.yadro.ru/hit?t14.11;r;s1280*720*24;ufile%3A///C%3A/Users/Admin/AppData/Local/Temp/01f4f45ac5a689c0e417697eb8323e1d_JaffaCakes118.html;0.5807951734303114

                            HTTP Response

                            200
                          • 8.8.8.8:53
                            13.86.106.20.in-addr.arpa
                            dns
                            71 B
                            157 B
                            1
                            1

                            DNS Request

                            13.86.106.20.in-addr.arpa

                          • 8.8.8.8:53
                            school-shop.su
                            dns
                            msedge.exe
                            60 B
                            76 B
                            1
                            1

                            DNS Request

                            school-shop.su

                            DNS Response

                            185.72.146.162

                          • 8.8.8.8:53
                            mc.yandex.ru
                            dns
                            58 B
                            122 B
                            1
                            1

                            DNS Request

                            mc.yandex.ru

                            DNS Response

                            77.88.21.119
                            93.158.134.119
                            87.250.251.119
                            87.250.250.119

                          • 8.8.8.8:53
                            counter.rambler.ru
                            dns
                            msedge.exe
                            64 B
                            112 B
                            1
                            1

                            DNS Request

                            counter.rambler.ru

                            DNS Response

                            81.19.89.16
                            81.19.89.18
                            81.19.89.17

                          • 8.8.8.8:53
                            site.yandex.net
                            dns
                            msedge.exe
                            61 B
                            161 B
                            1
                            1

                            DNS Request

                            site.yandex.net

                            DNS Response

                            37.9.64.225

                          • 8.8.8.8:53
                            83.210.23.2.in-addr.arpa
                            dns
                            70 B
                            133 B
                            1
                            1

                            DNS Request

                            83.210.23.2.in-addr.arpa

                          • 8.8.8.8:53
                            95.221.229.192.in-addr.arpa
                            dns
                            73 B
                            144 B
                            1
                            1

                            DNS Request

                            95.221.229.192.in-addr.arpa

                          • 8.8.8.8:53
                            162.146.72.185.in-addr.arpa
                            dns
                            73 B
                            105 B
                            1
                            1

                            DNS Request

                            162.146.72.185.in-addr.arpa

                          • 8.8.8.8:53
                            16.89.19.81.in-addr.arpa
                            dns
                            70 B
                            101 B
                            1
                            1

                            DNS Request

                            16.89.19.81.in-addr.arpa

                          • 8.8.8.8:53
                            46.169.217.172.in-addr.arpa
                            dns
                            73 B
                            112 B
                            1
                            1

                            DNS Request

                            46.169.217.172.in-addr.arpa

                          • 8.8.8.8:53
                            225.64.9.37.in-addr.arpa
                            dns
                            70 B
                            104 B
                            1
                            1

                            DNS Request

                            225.64.9.37.in-addr.arpa

                          • 8.8.8.8:53
                            yastatic.net
                            dns
                            msedge.exe
                            58 B
                            90 B
                            1
                            1

                            DNS Request

                            yastatic.net

                            DNS Response

                            178.154.131.215
                            178.154.131.217

                          • 8.8.8.8:53
                            kraken.rambler.ru
                            dns
                            msedge.exe
                            63 B
                            127 B
                            1
                            1

                            DNS Request

                            kraken.rambler.ru

                            DNS Response

                            81.19.89.18
                            81.19.89.17
                            81.19.89.16
                            46.243.143.140

                          • 8.8.8.8:53
                            counter.yadro.ru
                            dns
                            msedge.exe
                            62 B
                            110 B
                            1
                            1

                            DNS Request

                            counter.yadro.ru

                            DNS Response

                            88.212.201.204
                            88.212.202.52
                            88.212.201.198

                          • 8.8.8.8:53
                            widget.siteheart.com
                            dns
                            msedge.exe
                            66 B
                            144 B
                            1
                            1

                            DNS Request

                            widget.siteheart.com

                          • 8.8.8.8:53
                            215.131.154.178.in-addr.arpa
                            dns
                            74 B
                            105 B
                            1
                            1

                            DNS Request

                            215.131.154.178.in-addr.arpa

                          • 8.8.8.8:53
                            204.201.212.88.in-addr.arpa
                            dns
                            73 B
                            126 B
                            1
                            1

                            DNS Request

                            204.201.212.88.in-addr.arpa

                          • 8.8.8.8:53
                            mc.yandex.ru
                            dns
                            58 B
                            122 B
                            1
                            1

                            DNS Request

                            mc.yandex.ru

                            DNS Response

                            87.250.251.119
                            77.88.21.119
                            87.250.250.119
                            93.158.134.119

                          • 8.8.8.8:53
                            104.219.191.52.in-addr.arpa
                            dns
                            73 B
                            147 B
                            1
                            1

                            DNS Request

                            104.219.191.52.in-addr.arpa

                          • 224.0.0.251:5353
                            msedge.exe
                            522 B
                            8
                          • 8.8.8.8:53
                            196.249.167.52.in-addr.arpa
                            dns
                            73 B
                            147 B
                            1
                            1

                            DNS Request

                            196.249.167.52.in-addr.arpa

                          • 8.8.8.8:53
                            183.59.114.20.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            183.59.114.20.in-addr.arpa

                          • 8.8.8.8:53
                            15.164.165.52.in-addr.arpa
                            dns
                            72 B
                            146 B
                            1
                            1

                            DNS Request

                            15.164.165.52.in-addr.arpa

                          • 8.8.8.8:53
                            98.117.19.2.in-addr.arpa
                            dns
                            70 B
                            133 B
                            1
                            1

                            DNS Request

                            98.117.19.2.in-addr.arpa

                          • 8.8.8.8:53
                            14.227.111.52.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            14.227.111.52.in-addr.arpa

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                            Filesize

                            152B

                            MD5

                            f9664c896e19205022c094d725f820b6

                            SHA1

                            f8f1baf648df755ba64b412d512446baf88c0184

                            SHA256

                            7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

                            SHA512

                            3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                            Filesize

                            152B

                            MD5

                            847d47008dbea51cb1732d54861ba9c9

                            SHA1

                            f2099242027dccb88d6f05760b57f7c89d926c0d

                            SHA256

                            10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

                            SHA512

                            bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                            Filesize

                            329B

                            MD5

                            6050b694806f4bf336f1ac57f427036a

                            SHA1

                            86e8a7fff2a16526df1ec384586e0fdd4f79b1a9

                            SHA256

                            46465be3da43dac88df24df3d16e61b86a72470ac60b9213f8f8a549a0b4fe1c

                            SHA512

                            e54bd0e0f56b279b5ce13455b895dea48cb69f0a4970a9bd38a6ef3d2ad8c8db77b7c53c15acf6cbd4ca37dd73f9c28b4985201ae387c330bb374e97c503fe51

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                            Filesize

                            5KB

                            MD5

                            be2d2656df5bd77ceb1d571a41e272f5

                            SHA1

                            7ed920c5d1ce0957448ace2eef4b0b395e97a099

                            SHA256

                            e216e1896b79a8aa52203127b536b2d233c2874290bddcaa65fca8c01b45f8b6

                            SHA512

                            140d474df806cf1b91017f2e75d24e7bba3733046a950d21bd93f3b426ed0a7a3ffcbbe9adb0b1447c57b39946349eb991bfe06a92be253ff110daaabeb4eacd

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                            Filesize

                            6KB

                            MD5

                            9fd4aac9099a266b885aed3e3e17ba93

                            SHA1

                            79e91cf59a104deac8dbdceaf4a5bd1889a861d9

                            SHA256

                            ed5671cb143830dc14c001e091cf468036e2b13ab289919002306d5fd05cdc41

                            SHA512

                            4267184df74d6484d7a1e07cd11f6f683ade0af350f900160dc981bf67def2a968c8d56346baa1fdce0138c27ee84756b4298030259bd0a355de30b07433a559

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                            Filesize

                            705B

                            MD5

                            528dd34d8c0ae62a6c8878c0fc8ef1d7

                            SHA1

                            2c9ee53dd65370adab79a05a0e744b3d4b73d4d8

                            SHA256

                            4726ac658889a4b4dbd6ebca9ce1a379e919552690a631b68174a30408960350

                            SHA512

                            2de72c82e5f412cfd1193ccca8a1a19155f1af6e5b17b457a8703abf53fa8a0f8fc13ec7773632b632d3ba16a75298370ff11e8c349037b9dc18ba54c3920caf

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                            Filesize

                            705B

                            MD5

                            47f792d2ee2bb3c1cbab2dffb5f976f5

                            SHA1

                            10e25e77fb6ef5d1bf1569f571aeec69ccaab79a

                            SHA256

                            3562b760eebbeaa3bc580d126cdd55e9d18496a0164dd89a27176ad29a2b79a2

                            SHA512

                            612e898ad2a7a6a705a8a4faa55f7af1feef3b5e9e2e7a239be109da1a35298930ae2285c8c5ded73f51f49b635a0a7427a44413ef7538eb2c176fdeafdcb8eb

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587b65.TMP

                            Filesize

                            705B

                            MD5

                            07e04fdced6e4996c1c3398a8cc418e6

                            SHA1

                            bcf5192962f3a2b5e6a7136e0e1b59408907ed48

                            SHA256

                            22df996ef29fb05e7749988af093bfb61d3de6a43714c6c20d4e172739b641cb

                            SHA512

                            eace56bb2474039272fe1a09eb3bd4639ada008c6b0b58a7be30b52d1252b2bf9775c017d5fe228a7620efd68cc835aad158f0f6f8aac8eca58569f16cf928fc

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cc5b7b36-cefa-47c1-adf6-209c23e5c927.tmp

                            Filesize

                            6KB

                            MD5

                            82c1f6adbe1ed729f9a838db6287002f

                            SHA1

                            1e91819a5fc6f49bce992803f499db08f45c19f9

                            SHA256

                            0af9c11336c0cbbed8a572e0fadbd6fc22c1e398e27f7d940b3d32290220fcbb

                            SHA512

                            f7fa8e26dacbf613033369e9c29b3f831302bacc7e10c9360d61a986826fbc7499b3c3674034216d4dc1da1a63bd06f1fd05d6e7a22a3a0771225e5e7f59043f

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                            Filesize

                            16B

                            MD5

                            6752a1d65b201c13b62ea44016eb221f

                            SHA1

                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                            SHA256

                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                            SHA512

                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                            Filesize

                            10KB

                            MD5

                            f2585c18c778e4f51bf85654ad3ced75

                            SHA1

                            ddf3c2d7abc3bcc7f3c68e40ae6166615c233a25

                            SHA256

                            e3ed34a0c992a4de886b1d9780dc1d97a70c7844d8fc856e35f6bc537b59b0f7

                            SHA512

                            2e7a28f13d80f71da18f5de7171c95afdea7f4736d5c2b511153c46beb96e153363e960ef4cf5a8376711246759e411a513caf45f28b9f3573405e9375d9861a

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.