analyze malware
  • Huge database of samples and IOCs
  • Custom VM setup
  • Unlimited submissions
  • Interactive approach
Sign up, it’s free
File name:

BPS_Questionnaire.html

Full analysis: https://app.any.run/tasks/6be881bc-14a8-4f2c-b717-78559aec1b81
Verdict: Malicious activity
Analysis date: January 24, 2022, 18:53:13
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: text/html
File info: HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
MD5:

09BFEC2FF940DEAC8CDFC0EFE2EFAC9B

SHA1:

02E3DA2A9683F0CD13F404B775C16A6CF87B83DE

SHA256:

3179F925294771977304BCB7936C03EC31C38A9FBAE8CD80A59150702C06B11F

SSDEEP:

1536:WsFv6eBoRbjQHuhw+E3mazA/PWrF7qvEAFiQcpm8tpHzyJRT9UEpdm3BPdBF:UxpQBDbyJ3UEpdmRN

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.
  • MALICIOUS

    No malicious indicators.
  • SUSPICIOUS

    • Reads Microsoft Outlook installation path

      • iexplore.exe (PID: 2676)
      • iexplore.exe (PID: 3108)
  • INFO

    • Reads the computer name

      • iexplore.exe (PID: 2676)
      • iexplore.exe (PID: 2216)
      • iexplore.exe (PID: 3108)
      • iexplore.exe (PID: 2056)
      • chrome.exe (PID: 3916)
      • chrome.exe (PID: 2760)
      • chrome.exe (PID: 2428)
      • chrome.exe (PID: 3832)
      • chrome.exe (PID: 2996)
      • chrome.exe (PID: 3688)
      • chrome.exe (PID: 1564)
    • Checks supported languages

      • iexplore.exe (PID: 2676)
      • iexplore.exe (PID: 2216)
      • iexplore.exe (PID: 3108)
      • iexplore.exe (PID: 2056)
      • chrome.exe (PID: 3916)
      • chrome.exe (PID: 1780)
      • chrome.exe (PID: 2428)
      • chrome.exe (PID: 4028)
      • chrome.exe (PID: 2760)
      • chrome.exe (PID: 760)
      • chrome.exe (PID: 3412)
      • chrome.exe (PID: 1564)
      • chrome.exe (PID: 3688)
      • chrome.exe (PID: 1716)
      • chrome.exe (PID: 2404)
      • chrome.exe (PID: 2996)
      • chrome.exe (PID: 3832)
      • chrome.exe (PID: 2756)
    • Reads settings of System Certificates

      • iexplore.exe (PID: 3108)
      • iexplore.exe (PID: 2676)
      • iexplore.exe (PID: 2216)
      • chrome.exe (PID: 3916)
    • Application launched itself

      • iexplore.exe (PID: 2216)
      • iexplore.exe (PID: 3108)
      • chrome.exe (PID: 2428)
    • Changes internet zones settings

      • iexplore.exe (PID: 2216)
    • Checks Windows Trust Settings

      • iexplore.exe (PID: 3108)
      • iexplore.exe (PID: 2676)
      • iexplore.exe (PID: 2216)
    • Reads internet explorer settings

      • iexplore.exe (PID: 3108)
      • iexplore.exe (PID: 2676)
    • Creates files in the user directory

      • iexplore.exe (PID: 2216)
    • Manual execution by user

      • chrome.exe (PID: 2428)
    • Reads the date of Windows installation

      • iexplore.exe (PID: 2216)
      • chrome.exe (PID: 3832)
    • Reads the hosts file

      • chrome.exe (PID: 2428)
      • chrome.exe (PID: 3916)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.htm/html | HyperText Markup Language with DOCTYPE (80.6)
.html | HyperText Markup Language (19.3)

EXIF

HTML

Title: Sign in to Outlook
ContentType: text/html; charset=UTF-8
HTTPEquivXUACompatible: IE=edge
viewport: width=device-width, initial-scale=1.0, maximum-scale=2.0, user-scalable=yes
Pragma: no-cache
Robots: noindex, nofollow
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
55
Monitored processes
18
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start iexplore.exe iexplore.exe iexplore.exe iexplore.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2216"C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\admin\Desktop\BPS_Questionnaire.html.htm"C:\Program Files\Internet Explorer\iexplore.exe
Explorer.EXE
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Internet Explorer
Exit code:
1
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
3108"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2216 CREDAT:144385 /prefetch:2C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Internet Explorer
Exit code:
0
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2676"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2216 CREDAT:340995 /prefetch:2C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Internet Explorer
Exit code:
0
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2056"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2216 CREDAT:398593 /prefetch:2C:\Program Files\Internet Explorer\iexplore.exeiexplore.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Internet Explorer
Exit code:
0
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2428"C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument C:\Users\admin\Desktop\BPS_Questionnaire.html.htmC:\Program Files\Google\Chrome\Application\chrome.exe
Explorer.EXE
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
1780"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=86.0.4240.198 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xd4,0x6e74d988,0x6e74d998,0x6e74d9a4C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\shell32.dll
2760"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1032,12924473439598006625,7862315712220082556,131072 --enable-features=PasswordImport --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1084 /prefetch:2C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\shlwapi.dll
3916"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1032,12924473439598006625,7862315712220082556,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1344 /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exe
chrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\version.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\shlwapi.dll
760"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1032,12924473439598006625,7862315712220082556,131072 --enable-features=PasswordImport --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1940 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
3412"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1032,12924473439598006625,7862315712220082556,131072 --enable-features=PasswordImport --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1916 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\shell32.dll
Total events
71 969
Read events
71 717
Write events
0
Delete events
0

Modification events

No data
Executable files
0
Suspicious files
28
Text files
78
Unknown types
11

Dropped files

PID
Process
Filename
Type
2428chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61EEF5D5-97C.pma
MD5:
SHA256:
2216iexplore.exeC:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\7RNHVFYBSZ2SFV1C1HDU.tempbinary
MD5:016BF0D14EBC7FF1DAD6AB126170FC2D
SHA256:744218F6BA920152826ADC332A0F22A6E57D63AE011D67D39E4C983BBEC58D0F
2216iexplore.exeC:\Users\admin\AppData\Local\Temp\~DF5B4C9062FA64965F.TMPgmc
MD5:3F217FBFF2C17DF207725C2C93AE91FA
SHA256:5952F2705C322787F3B3FA9581FF526F1942D0F85090915415E40D7E12480F58
2216iexplore.exeC:\Users\admin\AppData\Local\Temp\~DF7D1EC847917D0127.TMPgmc
MD5:1CD5C99C91088C1B02519C47AFF4AAEF
SHA256:C245F8E0610E30C1630193413F6D383FE1E6A9F509CC4A8F7FD950D3058A4756
2216iexplore.exeC:\Users\admin\AppData\Local\Temp\~DFA8E385B6298E9C3C.TMPatn
MD5:2A0E329D88F3C20656F41703ED600B5D
SHA256:F39C8539EAAE6468FB18C69CD4C6A87B63B007A2984BD1DA28B72AB6DD2B1806
2216iexplore.exeC:\Users\admin\AppData\Local\Temp\~DFDF569F7E61A7A6CF.TMPgmc
MD5:8FEAFBF44B5ABB76AECBB52515CBF4B0
SHA256:6793509A315633E7F1F13E9BAC4CE1B662BBC1C95CCA608F38468A3DE417E0AE
2216iexplore.exeC:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\28c8b86deab549a1.customDestinations-msbinary
MD5:016BF0D14EBC7FF1DAD6AB126170FC2D
SHA256:744218F6BA920152826ADC332A0F22A6E57D63AE011D67D39E4C983BBEC58D0F
2216iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{E35C0DBC-7D46-11EC-A45D-12A9866C77DE}.datbinary
MD5:08F81D8EC7AB529768A4BF9E956B8463
SHA256:895770F694AF1C9E89C39D7DDC3F9069AF9777FACB205239209E440F922E07BD
2216iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{42C873D0-1D90-11EB-BA2C-12A9866C77DE}.datbinary
MD5:60419E7DE01CB1C62569F5660051D80B
SHA256:D9E37BE6137C2390085D8E8ADD253E72AEDAEDC66AABE939FC1E2CD7D158A83E
2216iexplore.exeC:\Users\admin\AppData\Local\Temp\~DF224C30A20F5660CA.TMPgmc
MD5:E3C0CB098F7ACF4E19ACE77F39B16BC0
SHA256:13413B9B3D7C8BA79DDECD490B2DAB51F1811E030F2E6D5BA9FAF269CF45CF53
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
21
TCP/UDP connections
71
DNS requests
28
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
2676
iexplore.exe
GET
404
8.248.137.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?48eed4b4204f9732
US
xml
341 b
whitelisted
2216
iexplore.exe
GET
404
8.248.137.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?ffb05699d1a0da9d
US
xml
341 b
whitelisted
3108
iexplore.exe
GET
404
93.184.221.240:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?5656186a7cab756e
US
xml
341 b
whitelisted
364
svchost.exe
GET
404
8.248.137.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?5a8d42f77d9a8c48
US
xml
341 b
whitelisted
2676
iexplore.exe
GET
404
8.248.137.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?2855f7e4c6c9b14c
US
xml
341 b
whitelisted
2216
iexplore.exe
GET
404
8.248.137.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?a53a6cc97fb8ab6b
US
xml
341 b
whitelisted
3108
iexplore.exe
GET
404
93.184.221.240:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?8f92e675dedefc6e
US
xml
341 b
whitelisted
2676
iexplore.exe
GET
404
8.248.137.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?581cd3237c3f29ee
US
xml
341 b
whitelisted
3108
iexplore.exe
GET
404
8.248.137.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?b48d66bc5942eece
US
xml
341 b
whitelisted
3108
iexplore.exe
GET
404
8.248.137.254:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?bb7e75778f46b441
US
xml
341 b
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
3108
iexplore.exe
142.250.186.170:443
ajax.googleapis.com
Google Inc.
US
whitelisted
2676
iexplore.exe
142.250.186.170:443
ajax.googleapis.com
Google Inc.
US
whitelisted
2676
iexplore.exe
104.16.19.94:443
cdnjs.cloudflare.com
Cloudflare Inc
US
suspicious
3108
iexplore.exe
104.16.19.94:443
cdnjs.cloudflare.com
Cloudflare Inc
US
suspicious
2676
iexplore.exe
104.16.89.20:443
cdn.jsdelivr.net
Cloudflare Inc
US
shared
3108
iexplore.exe
152.199.23.37:443
aadcdn.msftauth.net
MCI Communications Services, Inc. d/b/a Verizon Business
US
suspicious
2676
iexplore.exe
152.199.23.37:443
aadcdn.msftauth.net
MCI Communications Services, Inc. d/b/a Verizon Business
US
suspicious
3108
iexplore.exe
104.16.89.20:443
cdn.jsdelivr.net
Cloudflare Inc
US
shared
3108
iexplore.exe
93.184.221.240:80
ctldl.windowsupdate.com
MCI Communications Services, Inc. d/b/a Verizon Business
US
whitelisted
2216
iexplore.exe
13.107.21.200:443
www.bing.com
Microsoft Corporation
US
whitelisted

DNS requests

Domain
IP
Reputation
cdnjs.cloudflare.com
  • 104.16.19.94
  • 104.16.18.94
whitelisted
aadcdn.msftauth.net
  • 152.199.23.37
whitelisted
cdn.jsdelivr.net
  • 104.16.89.20
  • 104.16.86.20
  • 104.16.88.20
  • 104.16.87.20
  • 104.16.85.20
whitelisted
ajax.googleapis.com
  • 142.250.186.170
whitelisted
ctldl.windowsupdate.com
  • 93.184.221.240
  • 8.248.137.254
  • 67.26.73.254
  • 8.248.133.254
  • 8.248.143.254
  • 67.27.157.254
whitelisted
api.bing.com
  • 13.107.5.80
whitelisted
www.bing.com
  • 131.253.33.200
  • 13.107.22.200
  • 13.107.21.200
  • 204.79.197.200
whitelisted
iecvlist.microsoft.com
  • 152.199.19.161
whitelisted
r20swj13mr.microsoft.com
  • 152.199.19.161
whitelisted
clients2.google.com
  • 142.250.185.174
whitelisted

Threats

Found threats are available for the paid subscriptions
27 ETPRO signatures available at the full report
No debug info