URL:

16.ip.gl.ply.gg

Full analysis: https://app.any.run/tasks/e795779d-28e2-4e91-81a3-8623511f9321
Verdict: Malicious activity
Analysis date: March 18, 2024, 13:55:15
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MD5:

E0875FF9A9351CA6669EF6EF9113888A

SHA1:

ACC688412F26608A117274A9BB7F6EDAED16C0CA

SHA256:

EE308CC9B6351957F24E7D3A368943922480DD0ABE9627AA3D742A7955FA0C52

SSDEEP:

3:KLUx2Cn:KYQCn

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Executes as Windows Service

      • VSSVC.exe (PID: 3120)

  • INFO

    • Application launched itself

      • iexplore.exe (PID: 3992)
      • chrome.exe (PID: 2804)

    • Manual execution by a user

      • chrome.exe (PID: 2804)
      • playit.exe (PID: 2052)
      • wmpnscfg.exe (PID: 2692)

    • The process uses the downloaded file

      • chrome.exe (PID: 2976)
      • chrome.exe (PID: 2804)
      • chrome.exe (PID: 3820)

    • Reads security settings of Internet Explorer

      • msiexec.exe (PID: 3344)
      • msiexec.exe (PID: 3860)

    • Reads the software policy settings

      • msiexec.exe (PID: 3344)
      • msiexec.exe (PID: 3860)

    • Executable content was dropped or overwritten

      • chrome.exe (PID: 1728)
      • chrome.exe (PID: 2804)

    • Checks supported languages

      • playit.exe (PID: 2052)
      • wmpnscfg.exe (PID: 2692)

    • Reads the computer name

      • playit.exe (PID: 2052)
      • wmpnscfg.exe (PID: 2692)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
70
Monitored processes
27
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start iexplore.exe iexplore.exe chrome.exe chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs msiexec.exe no specs chrome.exe no specs chrome.exe no specs msiexec.exe no specs vssvc.exe no specs playit.exe wmpnscfg.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1192"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=604 --field-trial-handle=1208,i,2324137039799416695,18158408621535315277,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1232"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=1616 --field-trial-handle=1208,i,2324137039799416695,18158408621535315277,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1380"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=3400 --field-trial-handle=1208,i,2324137039799416695,18158408621535315277,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1652"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=3520 --field-trial-handle=1208,i,2324137039799416695,18158408621535315277,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1728"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-quic --mojo-platform-channel-handle=1364 --field-trial-handle=1208,i,2324137039799416695,18158408621535315277,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exe
chrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1792"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1208,i,2324137039799416695,18158408621535315277,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:2C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1932"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3652 --field-trial-handle=1208,i,2324137039799416695,18158408621535315277,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
2052"C:\Program Files\playit_gg\bin\playit.exe" C:\Program Files\playit_gg\bin\playit.exe
explorer.exe
User:
admin
Integrity Level:
MEDIUM
Description:
playit-cli
Exit code:
0
Version:
0.15.13
Modules
Images
c:\program files\playit_gg\bin\playit.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
2080"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=3604 --field-trial-handle=1208,i,2324137039799416695,18158408621535315277,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
2304"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --disable-quic --mojo-platform-channel-handle=3128 --field-trial-handle=1208,i,2324137039799416695,18158408621535315277,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
Total events
32 959
Read events
32 548
Write events
358
Delete events
53

Modification events

(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
Operation:writeName:NTPDaysSinceLastAutoMigration
Value:
1
(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
Operation:writeName:NTPLastLaunchLowDateTime
Value:
(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
Operation:writeName:NTPLastLaunchHighDateTime
Value:
31095099
(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
Operation:writeName:NextCheckForUpdateLowDateTime
Value:
(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
Operation:writeName:NextCheckForUpdateHighDateTime
Value:
31095099
(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Operation:writeName:CompatibilityFlags
Value:
0
(PID) Process:(3992) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
Executable files
4
Suspicious files
53
Text files
61
Unknown types
51

Dropped files

PID
Process
Filename
Type
3992iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6QGX7LP\urlblockindex[1].binbinary
MD5:FA518E3DFAE8CA3A0E495460FD60C791
SHA256:775853600060162C4B4E5F883F9FD5A278E61C471B3EE1826396B6D129499AA7
2580iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751der
MD5:822467B728B7A66B081C91795373789A
SHA256:AF2343382B88335EEA72251AD84949E244FF54B6995063E24459A7216E9576B9
3992iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\69C6F6EC64E114822DF688DC12CDD86Cbinary
MD5:92FBF1CAD1F8AEDEE72D156DA58E968A
SHA256:A355964047B1D9A9D2945EE278A01A19BEBFA1F23EB9B9A5126D765A43743AB9
3992iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157binary
MD5:CDCBA05C355B8B0447EA7890E50658C8
SHA256:DAAC6DAF41C3BF113BF243CECBE51155A51209E0565AA9DEAB77AC3542AD588A
3992iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\versionlist.xmlxml
MD5:CBD0581678FA40F0EDCBC7C59E0CAD10
SHA256:159BD4343F344A08F6AF3B716B6FA679859C1BD1D7030D26FF5EF0255B86E1D9
3992iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\80237EE4964FC9C409AAF55BF996A292_C0427F5F77D9B3A439FC620EDAAB6177der
MD5:4D3FD8F3BCFF17853E47BDF45000460A
SHA256:8CFD5DE5000F2D77504B5D54BB5B78D8FBBD4B685F5D0E741FCC3B5A3E13CD56
2580iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751binary
MD5:9BECC20B6D9047CF396BED06BFFAADF3
SHA256:5DF32600C26985D6E0BD514E988715CADBAA2C17009FB488CC5C220C6E5AB7C6
3992iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9D6B3FE9E6E4067193F477ABAD990106binary
MD5:911D252CA861B7199E5259CFC8948E15
SHA256:2514738F4CB25005427FB1967F6E961BFCEA1740F3EA3A7A255C021887038D77
3992iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9D6B3FE9E6E4067193F477ABAD990106binary
MD5:DCC9B2026D9D3F366139EF99B6BC4F04
SHA256:1A9C7C32236A315B230DB15464F95F211E4CFE981C1A17C85777F4CF357908C2
2804chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\commerce_subscription_db\LOG.old~RF1a29ff.TMP
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
16
TCP/UDP connections
101
DNS requests
65
Threats
3

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3992
iexplore.exe
GET
304
23.32.238.168:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?008206919ad039a2
unknown
unknown
2580
iexplore.exe
GET
147.185.221.16:80
http://16.ip.gl.ply.gg/
unknown
unknown
3992
iexplore.exe
GET
200
192.229.221.95:80
http://crl3.digicert.com/DigiCertGlobalRootCA.crl
unknown
binary
779 b
unknown
3992
iexplore.exe
GET
304
23.32.238.208:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?e01f9f5b34fa36be
unknown
unknown
2580
iexplore.exe
GET
200
72.246.169.163:80
http://x1.c.lencr.org/
unknown
binary
717 b
unknown
2580
iexplore.exe
GET
200
72.246.169.163:80
http://x2.c.lencr.org/
unknown
binary
299 b
unknown
3992
iexplore.exe
GET
200
192.229.221.95:80
http://crl3.digicert.com/DigiCertGlobalRootG3.crl
unknown
binary
862 b
unknown
3992
iexplore.exe
GET
304
23.32.238.178:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?dca56d26e7d9ce15
unknown
unknown
3992
iexplore.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAxq6XzO1ZmDhpCgCp6lMhQ%3D
unknown
binary
471 b
unknown
1080
svchost.exe
GET
304
95.101.54.136:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?4f071b604691de88
unknown
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
224.0.0.252:5355
unknown
4
System
192.168.100.255:138
whitelisted
2580
iexplore.exe
147.185.221.16:80
16.ip.gl.ply.gg
PLAYIT-GG
US
malicious
2580
iexplore.exe
104.26.5.160:443
playit.gg
CLOUDFLARENET
US
unknown
1080
svchost.exe
224.0.0.252:5355
unknown
3992
iexplore.exe
2.19.96.89:443
www.bing.com
Akamai International B.V.
DE
unknown
2580
iexplore.exe
104.26.4.160:443
playit.gg
CLOUDFLARENET
US
unknown
3992
iexplore.exe
2.19.96.88:443
www.bing.com
Akamai International B.V.
DE
unknown
3992
iexplore.exe
23.32.238.168:80
ctldl.windowsupdate.com
Akamai International B.V.
DE
unknown

DNS requests

Domain
IP
Reputation
16.ip.gl.ply.gg
  • 147.185.221.16
unknown
playit.gg
  • 104.26.5.160
  • 104.26.4.160
  • 172.67.72.68
unknown
api.bing.com
  • 13.107.5.80
whitelisted
www.bing.com
  • 2.19.96.89
  • 2.19.96.88
  • 2.19.96.106
  • 2.19.96.104
  • 2.19.96.96
  • 2.19.96.98
  • 2.19.96.97
  • 2.19.96.99
  • 2.19.96.91
  • 2.19.96.123
  • 2.19.96.121
  • 2.19.96.122
  • 2.19.96.90
  • 2.19.96.112
  • 2.19.96.107
  • 104.26.4.160
  • 104.26.5.160
  • 172.67.72.68
whitelisted
dns.msftncsi.com
  • 131.107.255.255
shared
ctldl.windowsupdate.com
  • 23.32.238.168
  • 23.32.238.208
  • 23.32.238.179
  • 23.32.238.178
  • 23.32.238.185
  • 23.32.238.169
  • 23.32.238.203
  • 23.32.238.195
  • 23.32.238.241
  • 173.222.108.226
  • 95.101.54.136
  • 95.101.54.121
  • 95.101.54.128
  • 23.32.238.224
  • 23.32.238.209
  • 23.32.238.211
  • 23.32.238.201
  • 23.32.238.225
  • 23.32.238.202
  • 23.32.238.218
  • 23.32.238.219
whitelisted
r20swj13mr.microsoft.com
  • 152.199.19.161
whitelisted
iecvlist.microsoft.com
  • 152.199.19.161
whitelisted
ocsp.digicert.com
  • 192.229.221.95
whitelisted
crl3.digicert.com
  • 192.229.221.95
whitelisted

Threats

PID
Process
Class
Message
1728
chrome.exe
Not Suspicious Traffic
INFO [ANY.RUN] Global content delivery network (unpkg .com)
1728
chrome.exe
Not Suspicious Traffic
INFO [ANY.RUN] Global content delivery network (unpkg .com)
1728
chrome.exe
Not Suspicious Traffic
INFO [ANY.RUN] Cloudflare Network Error Logging (NEL)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
16.ip.gl.ply.gg