popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

DNSBench.exe

UPX PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 17, 2024, 10:52 p.m. Aug. 17, 2024, 10:54 p.m.
Size 168.6KB
Type PE32 executable (GUI) Intel 80386, for MS Windows, PECompact2 compressed
MD5 04177f89fa23b9d6fec146d9be737566
SHA256 a1375a7ecbacf70efd3d54c7ec3c1ceae7166ad1c723b390ac78d7a3e1b19f92
CRC32 1AF7872D
ssdeep 3072:5Sww+ICvU0Qv8Z9yzvSh3gzaDKzHDa4cn2qTWM9gbYfOheIB2:5SwwPC08CzvSh3geOzm4cn2AWM9gbi
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
bv0khonwiheup0guiqqcv0ky2h.Youtube.com
mhf1ptyts51xwuxq0pryfbddgd.com
as13335.asn.cymru.com
TXT 13335 | US | arin | 2010-07-14 | CLOUDFLARENET, US
2r1p0fksxdbydh5snprqovgiwf.Google.com
251.35.250.129.in-addr.arpa
PTR y.ns.gin.ntt.net
carforfs1fl4vp31coqsyxgmrf.Google.com
w5abunztb2kkeabt33rar05fsa.com
sjvdontww3wpo2unfwtwydq4nh.com
gcx5b3eubs2aybjnzyq0f0ghug.com
loiumtsriroseascwoswg3fnua.Youtube.com
4x341neujlm4cvv54zqw4yzpcg.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
vvdfeuhruo2ev13hmusqbmrjpg.Yahoo.com
251.35.250.129.test.senderbase.org
uhlmljst30to4fbng1survt5ye.com
123.220.67.208.test.senderbase.org
30.16.12.68.test.senderbase.org
tdtdhtxwifomqfov2irym53qib.Youtube.com
ciwlhowxtrqu3cfaxdsaj5pk5g.Youtube.com
vwpomk0udtuqfu4neqs4myzibd.com
sy5b5nkxai5pmfkxvnssgia4le.Google.com
6.2.2.4.origin.asn.cymru.com
TXT 3356 | 4.0.0.0/9 | US | arin | 1992-12-01
127.0.0.2
dyjzhgytugw4gqwkefrcflh2ca.com
30.16.4.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.4.0.0/15 | US | arin | 2001-11-12
127.0.0.2
xdvzes2v0pefivqk1ys005em5e.com
m0gcqllxv55u0febxtquckbxpe.com
30.32.113.24.in-addr.arpa
PTR ns2.wavecable.com
net172.rebindtest.com
A 172.16.0.1
172.16.0.1
bens5d2xmqjflu2nczsa4oymjg.Yahoo.com
k4z330ixsdw1q4jopuquxvv5jd.com
dukhhkcrp5jkrxgp1bsm33h3ec.com
n1b5pwyxml3hgvvwjgqmmwei5f.com
1.0.0.1.test.senderbase.org
www.qgyt1wksdaqmu3cgjbr43rquac.com
3.2.2.4.in-addr.arpa
PTR c.resolvers.level3.net
caypoiurkjmums2unwt2x1h04h.com
kge1le5rgre2t3gisss0nrxt1a.Youtube.com
4.2.2.4.test.senderbase.org
jfjwltxqjanq4repl1sa2bhwud.com
athu1huvxeiqaxizvstkqdtilh.com
mzq31qavcdgchxyiliscicv0qg.com
www.Google.com
A 142.250.206.196
A 142.250.206.228
A 172.217.161.68
A 142.250.196.100
A 172.217.175.4
A 172.217.175.68
A 142.251.222.36
A 172.217.31.132
A 142.250.198.4
A 142.250.197.132
A 142.250.71.196
A 209.85.235.106
A 209.85.235.99
A 209.85.235.103
A 209.85.235.104
A 209.85.235.105
A 209.85.235.147
A 172.253.58.147
A 172.253.58.99
A 172.253.58.103
A 172.253.58.105
A 172.253.58.104
A 172.253.58.106
A 172.217.25.164
A 142.250.199.100
A 142.251.33.100
A 142.250.191.68
A 142.250.217.68
A 142.250.191.36
A 142.251.42.132
142.250.206.228
net172.rebindtest.com
AAAA ::ffff:172.16.0.1
172.16.0.1
110.0.55.209.test.senderbase.org
uiqdjb3sxvdyxadlt0seqichkh.com
net127.rebindtest.com
A 127.0.0.1
127.0.0.1
y3njz1lu05amhmtvnasoq4nqrb.Google.com
txaebhoxau3cbjekmvte3cqrae.com
22.70.154.156.test.senderbase.org
l2f5ntowjf4jmwqr4fsoifrlsd.com
xjkr3ivsmzrwx3fd3ytsmwqb0e.com
crqypzwt2k111fiwkfqq3r5mhb.com
jlj0fcaui35x244lkvqiluqqxb.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
2.212.118.74.origin.asn.cymru.com
2.2.2.4.test.senderbase.org
10.252.2.199.test.senderbase.org
d41bavisvcsulhtkoet41nkxsf.Google.com
2.45.81.64.in-addr.arpa
PTR dns.lax1.speakeasy.net
w0mer1urosq0bsrhjytgnsnnve.com
6.2.2.4.in-addr.arpa
PTR f.resolvers.level3.net
uczmwdjxexbtp0p3ibq4fnadbd.Yahoo.com
ktnpxdtxdekurlmvvpridrb1zc.com
10.212.97.204.in-addr.arpa
PTR ns3.sprintlink.net
g1zyj10u3u0ybkgzf1t0i0fbwg.Yahoo.com
u3liem4xfbuwuyhmw2smsnorqg.com
170.68.87.68.test.senderbase.org
30.18.1.68.test.senderbase.org
25.16.12.68.test.senderbase.org
tedhlccuwqmzya2ic3qqbdkzra.com
oykhnjjqs1s1g0tl51q4xpyvrd.com
29.32.113.24.test.senderbase.org
c5vsehzuywnkbihhx5q4h2vkpd.Yahoo.com
www.dq0ehd0tgeuaklnd3trkwmnbof.com
www.cnazauutqjrkhmgrjsq00xtrlb.com
net10.rebindtest.com
A 10.0.0.1
10.0.0.1
1.1.1.1.origin.asn.cymru.com
TXT 13335 | 1.1.1.0/24 | AU | apnic | 2011-08-11
127.0.0.2
www.napdruiutipgyhypsjsue1ap4d.com
30.16.9.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.9.0.0/16 | US | arin | 2001-11-12
127.0.0.2
www.b4rqgfqqavm5xielymrclhguhb.com
bgbo0fqqk0er4nc3ipq0x3xf0a.com
2.64.92.66.origin.asn.cymru.com
TXT 17184 | 66.92.64.0/24 | US | arin | 2001-03-28
127.0.0.2
jkl2jbmr4ifcxddbrzsqc4lgag.com
vlrm02lxlw5crkujlbsqpgxf0b.Yahoo.com
www.4f3rrjerllmezvwcrjrc5ebdgf.com
gyvistzrkosp3imvfzq2sxvzpb.Google.com
www.3rhy21xwaupnpk4dwoq4xgqsmf.com
1gyljw5s5u1k4jehcitsfoyode.Google.com
220.1.55.209.test.senderbase.org
womt5qbxx0luc3kpl5t04bkzlg.com
2.2.2.4.origin.asn.cymru.com
TXT 3356 | 4.0.0.0/9 | US | arin | 1992-12-01
127.0.0.2
kfixupivvlv1mhe0eeruxdzuoh.Yahoo.com
h0xagt1wakbqgz2grpqsxn2r5b.Youtube.com
2.79.81.64.in-addr.arpa
PTR dns.sfo1.speakeasy.net
ytdrtrksp5ik15kvnsqkcjwvtd.Google.com
30.16.11.68.in-addr.arpa
PTR ns1.no.cox.net
fij3hhnup1235yoybxsy025z5h.com
4.2.2.4.in-addr.arpa
PTR d.resolvers.level3.net
222.220.67.208.test.senderbase.org
0vftpz3x240xa0oedor23fn0bc.com
30.16.2.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.2.0.0/16 | US | arin | 2001-11-12
127.0.0.2
nfv4yqnqwaciuniknctiqggdyh.com
as11696.asn.cymru.com
TXT 11696 | US | arin | 1998-11-18 | NBS11696, US
5.2.2.4.origin.asn.cymru.com
TXT 3356 | 4.0.0.0/9 | US | arin | 1992-12-01
127.0.0.2
usfstpet0tsun0b3kkq2hwjywg.Youtube.com
170.68.87.68.origin.asn.cymru.com
TXT 7922 | 68.80.0.0/13 | US | arin | 2002-01-28
127.0.0.2
25.70.154.156.test.senderbase.org
ausjhnztw21c33emrwtwhwqjnf.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
ci2ftqxxmemnpb5m2htygznmzg.Google.com
as1239.asn.cymru.com
TXT 1239 | US | arin | 1991-03-25 | SPRINTLINK, US
www.iexf5mgq01qhs2zxqrsyyobaeh.com
zdrd2brxdfirytdlqtq4immyda.com
123.220.67.208.origin.asn.cymru.com
TXT 36692 | 208.67.220.0/24 | US | arin | 2006-06-06
127.0.0.2
5u1xjrnvdm0iyvon41t0jzp5kc.com
30.16.10.68.in-addr.arpa
PTR ns1.hr.cox.net
2.159.81.64.origin.asn.cymru.com
TXT 17184 | 64.81.159.0/24 | US | arin | 2000-04-28
127.0.0.2
2.95.254.216.test.senderbase.org
doya1k0x5qob12ev4bqk51h5xg.com
co52fllvtb1hdkokcqsa4l21xg.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
1emqivmr5j2gisvgd5skl1gprc.com
v5igpqtuvqnl3nvhiutua45vwf.com
heemyqas2mimd4nxgct0vcrese.com
3juqowwsucmco3vo5ttsdlzn2c.com
www.vziulxkvn4feeaqt3aqwhasxmg.com
tpmmktdqjjj5lujxb2q2god45h.Google.com
30.16.6.68.origin.asn.cymru.com
TXT 22773 | 68.6.0.0/15 | US | arin | 2001-11-12
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
127.0.0.2
www.Yahoo.com
CNAME me-ycpi-cf-www.g06.yahoodns.net
A 180.222.106.12
A 180.222.109.252
A 180.222.106.11
A 180.222.109.251
A 180.222.119.247
A 180.222.119.248
A 74.6.160.106
A 69.147.80.15
A 69.147.80.12
A 74.6.160.107
A 69.147.88.8
A 69.147.88.7
A 209.73.190.12
A 209.73.190.11
180.222.119.248
30.16.11.68.test.senderbase.org
2.224.92.66.test.senderbase.org
154.64.87.68.origin.asn.cymru.com
TXT 7922 | 68.80.0.0/13 | US | arin | 2002-01-28
127.0.0.2
rsbwtp4rhclm4hzf3vsm4mczia.Yahoo.com
ud4z2kss1v5ghdqbvrs0ogfjie.Youtube.com
pypvapnx1ql0cxm0hgtstpyhuh.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
wasahngxefbkpq1wftrsylruxh.com
5z2z1brw5w2zxadmnzs03af0ph.com
cbsh3upwdledr32w3pqyojbwwb.Google.com
duzidthxgjbgkos5goso1ffmpb.Youtube.com
0frju1zskkrejdbz4oq2ewzyvh.com
yb3ranrxmooeus2ue5rydjpgtd.com
rehhdq3qt0tumfqsikrewlhggf.com
o3hxow1sm0dlkb0qg2sgnxusve.com
25.16.4.68.test.senderbase.org
25.16.13.68.origin.asn.cymru.com
TXT 22773 | 68.13.0.0/17 | US | arin | 2001-11-12
127.0.0.2
25.16.13.68.test.senderbase.org
2.79.81.64.origin.asn.cymru.com
TXT 17184 | 64.81.79.0/24 | US | arin | 2000-04-28
127.0.0.2
2.212.118.74.in-addr.arpa
PTR vpn.vipre.com
dideb0ewbubdju32tzqe4rnxxg.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
25.18.1.68.test.senderbase.org
dbb113qwped2l1sx4gtszg31gd.Youtube.com
net4.rebindtest.com
AAAA ::ffff:4.4.4.4
4.4.4.4
wwakaqnse51ljjkvb3qud0xr0h.com
hznlmnfwy35trntvjssegq2dre.Yahoo.com
zjvohh4vh2fpdomdl1qq4b0i4f.com
170.68.87.68.in-addr.arpa
PTR vsg04-d1stonemtn-ga-atlanta.vsg.comcast.net
1.212.118.74.in-addr.arpa
22.71.154.156.test.senderbase.org
www.yews3zxtj2ddrhhevtqovzjwrf.com
www.n0t3ifgxgdtqoksq3ascvijv3g.com
dncs4vltkhgv0bqweorcxacy0b.com
1.2.2.4.test.senderbase.org
2.212.118.74.test.senderbase.org
www.ciwdeybtdslirk50ycqit4iupc.com
1.1.1.1.in-addr.arpa
PTR one.one.one.one
as397213.asn.cymru.com
TXT 397213 | US | arin | 2018-12-04 | SECURITYSERVICES, US
200.232.194.204.test.senderbase.org
ebwv3zws4bmvyqchwcqy2dexzg.com
200.234.194.204.origin.asn.cymru.com
TXT 36692 | 204.194.234.0/24 | US | arin | 2009-02-20
127.0.0.2
1gquyuasadgfqzo3ndrcxeixcd.Google.com
kv33ntmrha1ra4whqbsupdwdwe.Youtube.com
fucfr01tvzh1i1211cs2m1zcma.Live.com 204.79.197.212
qshberjqbhcyac2nc4ro11iklg.com
ksyxhgduyo4febutkltqqpdj2g.com
222.220.67.208.origin.asn.cymru.com
TXT 36692 | 208.67.220.0/24 | US | arin | 2006-06-06
127.0.0.2
30.18.1.68.in-addr.arpa
vkyl1qeu3r5iy4vi4iqojcjycf.com
www.po0fxghul54k0ojfcfsqgapo2c.com
2.87.93.66.in-addr.arpa
PTR dns.sea1.speakeasy.net
f5nkwbyx0nirh4iksbtygrj05f.Google.com
cikl5mzuph1dy4heprraztma5h.com
1.194.153.198.in-addr.arpa
lrs2e1aumuoqdlljc1sqz44bof.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
www.k2vmzohx5fynrdfgl3qktnszbe.com
2.95.254.216.in-addr.arpa
PTR dns.nyc1.speakeasy.net
as2914.asn.cymru.com
TXT 2914 | US | arin | 1998-12-07 | NTT-LTD-2914, US
30.16.11.68.origin.asn.cymru.com
TXT 22773 | 68.11.0.0/17 | US | arin | 2001-11-12
127.0.0.2
25.16.12.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.12.0.0/16 | US | arin | 2001-11-12
127.0.0.2
55bqbzksyr32rl5fitsgzzeg0a.com
2.64.92.66.in-addr.arpa
PTR bos.speakeasy.net
30.32.113.24.origin.asn.cymru.com
TXT 11404 | 24.113.0.0/16 | US | arin | 2004-01-07
127.0.0.2
25.16.9.68.test.senderbase.org
www.smwseaevoaqk4q1kayso0g0zqa.com
1.0.0.1.in-addr.arpa
PTR one.one.one.one
fa3zrzpvgl2qf0ofmcr0bdyckb.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
sjqirogtxghkz21zamsi0zuiha.Google.com
25.16.100.68.origin.asn.cymru.com
TXT 22773 | 68.100.0.0/16 | US | arin | 2002-02-04
TXT 22773 | 68.96.0.0/12 | US | arin | 2002-02-04
127.0.0.2
knowkdkv3ihsmudzywt44pqdsg.com
220.222.67.208.test.senderbase.org
222.222.67.208.in-addr.arpa
PTR dns.umbrella.com
PTR dns.sse.cisco.com
PTR dns.opendns.com
PTR resolver1.opendns.com
rvwkoyiudyhxup5b00tsat5qte.com
bt234l2vmnwrdt1gddq00su2wg.com
2.127.81.64.in-addr.arpa
PTR dns.dfw1.speakeasy.net
2.64.92.66.test.senderbase.org
fkeiwcav42jobwiliiruz4hdxf.com
29.32.113.24.in-addr.arpa
PTR ns1.wavecable.com
ufdzt5wtls2crtrxzbs0d5p4ke.com
bg33utouolpfzzuhj2sufeinnc.com
22.70.154.156.in-addr.arpa
s3xpvahwjmhdbx4fs3qaaihngh.com
30.16.100.68.test.senderbase.org
25.18.1.68.origin.asn.cymru.com
TXT 22773 | 68.1.16.0/21 | US | arin | 2001-11-12
127.0.0.2
oljqnbuuwytw433bw5tuwplvud.Google.com
222.222.67.208.origin.asn.cymru.com
TXT 36692 | 208.67.222.0/24 | US | arin | 2006-06-06
127.0.0.2
gtrr0stwkwni1fv5rdrmxmlyce.com
25.16.100.68.in-addr.arpa
PTR ns2.dc.cox.net
svrn44ptag1tlvaw42qujo4mfh.Youtube.com
220.220.67.208.test.senderbase.org
2mr2k5asf4jcuscuzrq0n5n3gd.Youtube.com
2lwntxbvyk5qxmsvkst0wiz5nf.Google.com
c5lp4ddt0u3wjluma4t052seff.com
njq2viruwx4h5syjtorgj4h15c.Yahoo.com
vurzrcivogzjr1dyxqqanjzutf.Google.com
xvzcbq5s1a0uf54ksargrz55nc.com
250.35.250.129.test.senderbase.org
25.16.2.68.in-addr.arpa
PTR ns2.ph.cox.net
220.222.67.208.origin.asn.cymru.com
TXT 36692 | 208.67.222.0/24 | US | arin | 2006-06-06
127.0.0.2
024xhenq2nvkpqvzn0t4txmvte.com
vea2kalt5qawvbetkvrcgpwtad.Yahoo.com
25.16.111.68.test.senderbase.org
bw3gij1rd0ll1rx4tst2dfdhvc.com
naysfajwutyf4euopctwmz2uqe.com
zzjhotbx0gmrbttapotc5ut03b.com
wglhn4qxaszflva4flruzoirwh.com
qnfe2enuwtky3d13rwtkweti3c.Youtube.com
vnhhecsqf1lnj5jubvqmmn035c.Yahoo.com
10.214.117.204.test.senderbase.org
prusjvnxv3xc2vt4s0sq4zwjlg.com
tqc2asvr4gag5fhfv3qc4iskhb.com
ddxbjies0m1jktjcvvsqeffxua.com
8.8.8.8.test.senderbase.org
4l2nv2au21icsu5q5xs450xllh.Yahoo.com
coxrn2auhawe43oq1iqubcdfne.Google.com
30.16.111.68.in-addr.arpa
PTR ns1.lv.cox.net
30.16.13.68.test.senderbase.org
25.71.154.156.test.senderbase.org
he04l2fsolxqbtyzbqqqojehvg.com
quekctdt4azflnlvzkru1bqukd.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
ezpe4ssvhrhehaqpvcsqx2iagh.com
g34454zqeux11ima1fqmiv2yvh.com
as3356.asn.cymru.com
TXT 3356 | US | arin | 2000-03-10 | LEVEL3, US
30.16.9.68.test.senderbase.org
mtscmy1txon1n0sly0ronstx4b.Google.com
kovlekuxi3vj2sqflnqy2yh3wf.Google.com
00b4isyufr2b4xsmqdqowsi0le.com
net192.rebindtest.com
AAAA ::ffff:192.168.0.1
192.168.0.1
220.220.67.208.in-addr.arpa
PTR dns.opendns.com
PTR dns.sse.cisco.com
PTR dns.umbrella.com
PTR resolver2.opendns.com
2.111.81.64.test.senderbase.org
uwzxdf1vaeulds40gvtst0xjxc.com
www.Live.com
CNAME outlook-fd-0010.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
8.8.8.8.in-addr.arpa
PTR dns.google
154.69.87.68.in-addr.arpa
PTR bvrt-dns-trial.beaverton.or.bverton.comcast.net
vldqziuvv1khmqmfxrr2ve5kse.com
jgwdq3iqlakti4dda1saxb5k0h.Google.com
pcemkf4voeeebdwqhotix345ze.Yahoo.com
1.70.154.156.origin.asn.cymru.com
TXT 397213 397218 397231 397235 | 156.154.70.0/24 | US | arin | 2003-12-18
127.0.0.2
o42xu0zx1j0ui0qm0frixwc12e.com
net192.rebindtest.com
A 192.168.0.1
192.168.0.1
dwzdq3ostta42ludigqqxtu2na.com
2.2.2.4.in-addr.arpa
PTR b.resolvers.level3.net
2.45.81.64.test.senderbase.org
4.4.8.8.test.senderbase.org
25.16.4.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.4.0.0/15 | US | arin | 2001-11-12
127.0.0.2
123.222.67.208.in-addr.arpa
PTR familyshield.opendns.com
PTR familyshield.sse.cisco.com
PTR resolver1-fs.opendns.com
25.70.154.156.in-addr.arpa
ameazjzwgxdnmfdnvwt4wuwloc.Youtube.com
10.252.2.199.in-addr.arpa
PTR ns2.sprintlink.net
pgriu11uvey3si3wu2qelw1ctc.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
cwehoqww0fzwfti54osoh3ij1e.Google.com
u3x1op0wumfb4j0xqaqmihjbfc.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
30.16.100.68.in-addr.arpa
PTR ns1.dc.cox.net
f4koqwascalcvxrmrkt2xouqbf.com
kmugvfovgdnpfjsp52rqngo50d.com
rij0vlyweng3niyaeftqr4k2te.com
owv0wz1sa2pfe0icdssgw0ctrg.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
eq4a1tdutcylcr44raqcx220vb.com
www.wisr0t0wm3kdv0voznsg5cpx0b.com
25.16.9.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.9.0.0/16 | US | arin | 2001-11-12
127.0.0.2
chdnhn5qygievdd0epqapbttja.com
10.252.2.199.origin.asn.cymru.com
TXT 1239 | 199.2.252.0/24 | US | arin | 1993-09-08
127.0.0.2
hnkka4au1u40pu4m44rspk0e5c.com
0kh1cccrf3uhzlupl2rklwfpoh.com
cgsos4wuvv3nfsvr3oqcckuk4e.com
xjsrbgwwb2oszqw2oequgusfyc.Youtube.com
5iyj5lrr3pmfkx30nztglkuv0a.Yahoo.com
2.79.81.64.test.senderbase.org
i5xxupdtpeahxjaan1qyqaozyb.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
lqx4k5fufbl1wwgvnhq2kjcrjb.com
www.zazj40vr2zvufjpngjqamiikhd.com
qxwgvpqtr3llinpfijrgskbcra.com
fcwivmnrwrtck0ifymskk2ewhh.com
as397215.asn.cymru.com
TXT 397215 | US | arin | 2018-12-04 | SECURITYSERVICES, US
30.16.100.68.origin.asn.cymru.com
TXT 22773 | 68.100.0.0/16 | US | arin | 2002-02-04
TXT 22773 | 68.96.0.0/12 | US | arin | 2002-02-04
127.0.0.2
isc.org
A 151.101.66.217
A 151.101.2.217
A 151.101.130.217
A 151.101.194.217
151.101.2.217
y3xr4eyxchb3y3vhpgti5zfvpc.Yahoo.com
uf4auert4bb1ghtuxequc02clg.com
154.64.87.68.test.senderbase.org
2.41.231.216.origin.asn.cymru.com
TXT 3257 | 216.231.32.0/19 | US | arin | 1999-06-18
TXT 17184 | 216.231.41.0/24 | US | arin | 1999-06-18
127.0.0.2
0pqh2qxrsvvzcr5qaxteycqvke.isc.org
25.71.154.156.origin.asn.cymru.com
TXT 397215 397218 397219 397220 397224 397225 397231 | 156.154.71.0/24 | US | arin | 2003-12-18
127.0.0.2
qrkc24ptbyzcm25jyjrcacoszb.com
www.n04pvi3w10oknbamnvrcs2e5sd.com
25.16.12.68.in-addr.arpa
PTR ip68-12-16-25.ok.ok.cox.net
as3257.asn.cymru.com
TXT 3257 | US | ripencc | 1994-09-30 | GTT-BACKBONE GTT, US
x5sxhovwczk0lc2iyrqq2ec4he.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
tep3teqqktfdfxbylasuvnmstd.com
10.214.117.204.origin.asn.cymru.com
TXT 1239 | 204.117.214.0/24 | US | arin | 1994-08-12
127.0.0.2
3vgpbpus50w2ibve1vsgtpiqye.com
25.16.13.68.in-addr.arpa
PTR ns2.om.cox.net
30.16.10.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.10.0.0/16 | US | arin | 2001-11-12
127.0.0.2
123.222.67.208.origin.asn.cymru.com
TXT 36692 | 208.67.222.0/24 | US | arin | 2006-06-06
127.0.0.2
30.16.111.68.origin.asn.cymru.com
TXT 22773 | 68.96.0.0/12 | US | arin | 2002-02-04
127.0.0.2
200.232.194.204.in-addr.arpa
PTR pdns.umbrella.com
PTR pdns.opendns.com
www.1yooal4rwpjhvehawvt4vc1hsh.com
nulfd4jwz1xjq1flfntcbhl53c.com
edizsv2sj4ahmx50ciswnvyhja.com
b4fkktysfueqy2nq1atebvnioh.com
zcjkjplvswutchpslksajgnocc.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
9.9.9.9.test.senderbase.org
yb3ywgosd4uigqc244sirodzsf.com
5qwc3jlujdcv0q45q3rik5td5b.com
bdrfpryrsn533loggusg0odqid.Youtube.com
2x0d4xnxzd4qlggxhktex2atke.com
n5czl5lwtookojwmuxqgqsp24a.com
kzluo4gslwnvnm255lrelc1bze.com
net127.rebindtest.com
AAAA ::ffff:127.0.0.1
127.0.0.1
as15169.asn.cymru.com
TXT 15169 | US | arin | 2000-03-30 | GOOGLE, US
zgizxgyr4bnhufyn3fs0ejn4xh.Yahoo.com
roc3ohet1k3nqhebmcrkx5rcpf.Yahoo.com
dqwmkr5rpohbdixg22se400iog.com
gi35idhtqykw03xhmyt2qyrw3d.com
qlxsfxfq0lhyudu4asrkqlys3g.com
mavbalnr3omqvktzfbrcipd1ud.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
200.232.194.204.origin.asn.cymru.com
TXT 36692 | 204.194.232.0/24 | US | arin | 2009-02-20
127.0.0.2
vj44lfaxcqmbosfi0lti0y4sya.com
r1mkgxrso0bc43e1i2ryhx2o4g.Google.com
e4hryrwv0f43oj1hpbrmjsp43c.Yahoo.com
tzmef3ywrv2gjdygjbt2gp5e2e.Youtube.com
1.192.153.198.in-addr.arpa
0fmenalwoozlhcf0dks2vtbkfa.com
lb44xgjvnycvd0s33dqidrk1lb.com
as10397.asn.cymru.com
TXT 10397 | US | arin | 1997-07-11 | MOMENTUM, US
2.159.81.64.in-addr.arpa
PTR dns.chi1.speakeasy.net
2.224.92.66.in-addr.arpa
PTR phl.speakeasy.net
220.1.55.209.in-addr.arpa
1.71.154.156.origin.asn.cymru.com
TXT 397215 397218 397219 397220 397224 397225 397231 | 156.154.71.0/24 | US | arin | 2003-12-18
127.0.0.2
2.127.81.64.origin.asn.cymru.com
TXT 17184 | 64.81.127.0/24 | US | arin | 2000-04-28
127.0.0.2
25.16.2.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.2.0.0/16 | US | arin | 2001-11-12
127.0.0.2
250.35.250.129.origin.asn.cymru.com
TXT 2914 | 129.250.0.0/16 | US | arin | 1988-04-05
127.0.0.2
dyrtw5yxwxa0fwgqugruohi3jg.Google.com
www.tniiqmdve5k5hdhmttr4uspvfb.com
2.101.124.164.in-addr.arpa
PTR ns.lgtelecom.com
PTR ns.dacom.co.kr
PTR ns.lgdacom.net
1.192.153.198.origin.asn.cymru.com
TXT 397215 397218 397219 397220 397224 397225 397231 | 198.153.192.0/24 | US | arin | 1993-08-11
127.0.0.2
10.212.97.204.test.senderbase.org
1.1.1.1.test.senderbase.org
3.2.2.4.test.senderbase.org
as22773.asn.cymru.com
TXT 22773 | US | arin | 2001-11-20 | ASN-CXA-ALL-CCI-22773-RDC, US
1fnspaju2dxx0csdmssuu1fbkd.Youtube.com
0xqo5glrtkhiquoxwyqyrbrjoa.Yahoo.com
phkp0pot5x0ny0u5lotqtjv3pd.com
154.64.87.68.in-addr.arpa
PTR cdn-ec-chi-015-03.chicago201.il.chicago.comcast.net
www.wj0tjhvswhj3mcxfbgra2gsgyh.com
1.194.153.198.test.senderbase.org
30.16.12.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.12.0.0/16 | US | arin | 2001-11-12
127.0.0.2
gq4vs2jvvu3lwms04rr03tpevf.Youtube.com
eb0bynstzrihlvm1aqrk3iuyzd.com
m33l3imqeds3qf531vtu5rqate.com
3gnhcjmv4muf3jvzaftaggsg1f.Google.com
www.yjbmz2juxg3oqjedcftiumyrle.com
25.16.10.68.test.senderbase.org
as3786.asn.cymru.com
TXT 3786 | KR | apnic | 2002-08-01 | LGDACOM LG DACOM Corporation, KR
jt5yc2yrcyhjuzl51lqsi3ic5b.Yahoo.com
30.16.6.68.in-addr.arpa
PTR ns1.sd.cox.net
nmulocnuihbgwqbsxlse1nzbcb.com
25.16.10.68.in-addr.arpa
PTR ns2.hr.cox.net
200.234.194.204.in-addr.arpa
PTR pdns.umbrella.com
PTR pdns.opendns.com
41y1utvtb5zxlin0gmroficjoc.com
1n4rs1fvwdewy5dpk3skcrux5b.Yahoo.com
glblwa4xyzlvol30v3sayyzhyc.Google.com
1.2.2.4.in-addr.arpa
PTR a.resolvers.level3.net
5rex1h0ub4vtqrpwodqmdcabed.Yahoo.com
2.159.92.66.in-addr.arpa
PTR dns.wdc1.speakeasy.net
2.111.81.64.in-addr.arpa
PTR den.speakeasy.net
30.16.4.68.test.senderbase.org
2.127.81.64.test.senderbase.org
123.220.67.208.in-addr.arpa
PTR resolver2-fs.opendns.com
PTR familyshield.opendns.com
PTR familyshield.sse.cisco.com
2.101.124.164.test.senderbase.org
qoi4ofrq4pibiptxujtyi1tmbd.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
net10.rebindtest.com
AAAA ::ffff:10.0.0.1
10.0.0.1
5.2.2.4.in-addr.arpa
PTR e.resolvers.level3.net
222.222.67.208.test.senderbase.org
tprsxe1uf0z2wegcoltg0i0zef.com
220.222.67.208.in-addr.arpa
PTR resolver3.opendns.com
vmz1yigx1chdigyvdersn55gie.com
200.234.194.204.test.senderbase.org
akndwpgsn3tyvidou1toqarjnf.com
tsyoqmqsc0dpjc3nfvtms5nlvg.Youtube.com
b1ebpcmsvknu4r1l0gtg0urdeb.Youtube.com
2.175.27.216.test.senderbase.org
f0mz1gjxpf5jlrageiruamrfua.com
www.grc.com
A 4.79.142.202
4.79.142.202
1.192.153.198.test.senderbase.org
30.32.113.24.test.senderbase.org
30.16.13.68.in-addr.arpa
PTR ns1.om.cox.net
30.16.9.68.in-addr.arpa
PTR ns1.ri.cox.net
25.16.9.68.in-addr.arpa
PTR ns2.ri.cox.net
25.16.6.68.origin.asn.cymru.com
TXT 22773 | 68.6.0.0/15 | US | arin | 2001-11-12
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
127.0.0.2
unu4i0xqxu2xopjop3tyix4lwb.Yahoo.com
sol2tc2qrih14k30hss4qzipsg.Yahoo.com
1.71.154.156.test.senderbase.org
zuxkngvuqcggdfj5xrrkzq0k1c.com
5tkc0cyrsfx4walt43rieimbnc.Yahoo.com
fteim2mrp10j31bnlbq2jkqlbe.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
3ladwgxvuwxt201fa0tu3otpoc.com
25.16.111.68.origin.asn.cymru.com
TXT 22773 | 68.96.0.0/12 | US | arin | 2002-02-04
127.0.0.2
aobisrvvshvcxfskd3rwaqvfig.Youtube.com
ukcj0rlv5mw0dgddwftgljfaqg.com
4h1d5w2wnenrehy04criyyu04e.com
uixfxznqkgs2q0bq0ktggqk35e.com
tsgb1fdutzd5oacfsbqyzmdo5a.com
uxfkilhtotiprhdmwassabm0vh.com
eppmijetkpmvg35le4turqzg3a.com
30.16.4.68.in-addr.arpa
PTR ns1.oc.cox.net
vuvaf0uvikwg242ykfsqukmt2h.Google.com
2.159.92.66.test.senderbase.org
l1azpipv2aygf00mhqrav04f2c.com
www.Youtube.com
A 172.217.161.238
A 142.250.76.142
A 142.250.206.238
A 142.250.207.110
A 142.250.207.14
A 142.250.196.142
A 172.217.25.174
A 142.250.206.206
CNAME youtube-ui.l.google.com
A 142.251.42.174
A 142.250.199.110
A 172.217.161.206
A 142.250.196.110
A 172.217.174.110
A 172.217.161.78
A 216.58.220.142
A 172.217.31.174
A 142.251.222.46
A 142.250.207.46
A 172.217.175.78
A 172.217.161.46
A 142.251.42.206
A 142.251.222.14
A 172.217.175.110
A 142.251.42.142
A 172.217.26.238
A 142.250.198.14
A 172.217.31.142
A 216.58.220.110
A 172.217.175.238
A 172.217.175.46
A 142.250.197.14
A 142.250.197.46
A 142.250.207.78
A 172.217.24.238
A 172.217.27.14
A 142.250.76.14
A 142.250.76.238
A 172.217.25.14
A 172.217.24.110
A 142.250.66.142
A 142.250.71.142
A 142.250.196.238
A 142.250.66.110
A 142.250.71.174
A 172.217.27.46
A 172.217.31.14
A 142.250.71.206
A 142.250.71.238
A 108.177.9.91
A 74.125.127.91
A 173.194.70.91
A 74.125.127.190
A 108.177.9.136
A 108.177.104.136
A 173.194.70.93
A 74.125.127.93
A 173.194.70.136
A 108.177.104.91
A 173.194.201.91
A 108.177.9.93
A 173.194.70.190
A 108.177.104.93
A 74.125.127.136
A 108.177.104.190
A 64.233.168.91
A 173.194.67.91
A 173.194.67.136
A 64.233.160.190
A 64.233.168.93
A 173.194.67.93
A 64.233.160.91
A 209.85.235.91
A 64.233.169.93
A 64.233.160.93
A 209.85.235.93
A 64.233.168.136
A 64.233.169.91
A 173.194.67.190
A 64.233.168.190
A 64.233.160.136
A 142.251.215.238
A 142.250.217.110
A 172.217.14.206
A 142.251.33.78
A 172.217.14.238
A 142.250.217.78
A 142.251.33.110
A 142.251.211.238
A 142.250.69.206
A 142.251.46.174
A 142.251.214.142
A 142.250.72.206
A 142.251.46.238
A 142.250.189.174
A 142.251.46.206
A 142.250.189.238
A 142.250.191.78
A 142.251.32.46
A 172.217.164.110
A 172.217.12.110
A 142.250.191.46
A 142.250.189.206
142.250.207.110
4seuowgvunn5v1vmnvqq15zuog.com
1.2.2.4.origin.asn.cymru.com
TXT 3356 | 4.0.0.0/9 | US | arin | 1992-12-01
127.0.0.2
net4.rebindtest.com
A 4.4.4.4
4.4.4.4
uksz2nvtjy0llumtecqiypfdug.com
2cr2wfsrqzfdsygm12qsyfsgvf.com
xmotufgql4jqc1hinztik4imeb.com
hhgzimfv5e5fqpujverooji03a.com
tzjdtbbua55jehml4ns0wshqsc.Google.com
25.16.100.68.test.senderbase.org
9.9.9.9.in-addr.arpa
PTR dns9.quad9.net
2.41.231.216.test.senderbase.org
1.212.118.74.origin.asn.cymru.com
squghqhs4dkp1c5vg1s40jtrkd.com
2.45.81.64.origin.asn.cymru.com
TXT 17184 | 64.81.45.0/24 | US | arin | 2000-04-28
127.0.0.2
pcbgukzvqvcugc2lhgs4mtxkvd.com
2.95.254.216.origin.asn.cymru.com
TXT 17184 | 216.254.95.0/24 | US | arin | 1999-11-17
TXT 3257 | 216.254.0.0/17 | US | arin | 1999-11-17
127.0.0.2
i1nrwejskdestv4pddryd5oewf.com
25.16.6.68.in-addr.arpa
PTR ns2.sd.cox.net
22.71.154.156.in-addr.arpa
b1lpxcbstkb4d2h1omqanlqfog.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
dw1m54htxi320ak5vyssrsr55c.Youtube.com
25.16.11.68.in-addr.arpa
PTR ns2.no.cox.net
1.0.0.1.origin.asn.cymru.com
TXT 13335 | 1.0.0.0/24 | AU | apnic | 2011-08-11
127.0.0.2
www.nlujakhur3a1xiixmiqg1sshmb.com
rhzduq4rrhpdebo1xdsqzhwguc.com
pbtahbotymikjoecdmsszrouyf.com
bnatngnsmzrnzcqsmnqqwhwltd.Google.com
2.175.27.216.origin.asn.cymru.com
TXT 3257 | 216.27.128.0/18 | US | arin | 2001-01-05
TXT 11696 | 216.27.175.0/24 | US | arin | 2001-01-05
127.0.0.2
3.2.2.4.origin.asn.cymru.com
TXT 3356 | 4.0.0.0/9 | US | arin | 1992-12-01
127.0.0.2
w4fhrlav5zfp44pwurqyolaolh.Youtube.com
xuj4fanuknnvgvanloq2q0ejca.com
gad5g1iru3qlmcddnaqef0v5wa.com
hgafhvmvtrekm0wuu3r2ulutee.com
ycdfbhuwbib41k2tq5rgegqhwb.com
birxptxtiu3pgrnr4kq2lnnx2c.Youtube.com
y2zaz53qerl153mi0fs2fghinc.Yahoo.com
www.e4hxuc1s2jgkx3dls3tiwekuzb.com
jnyoehzsvpu0xemdksqcnns3xc.Google.com
220.1.55.209.origin.asn.cymru.com
TXT 10397 | 209.55.0.0/19 | US | arin | 1997-03-10
TXT 10397 | 209.55.0.0/23 | US | arin | 1997-03-10
127.0.0.2
2pv5bqgr0ylxtxmh3jtgjss1bc.Yahoo.com
30.18.1.68.origin.asn.cymru.com
TXT 22773 | 68.1.16.0/21 | US | arin | 2001-11-12
127.0.0.2
110.0.55.209.in-addr.arpa
v3tajp3tuvkvvcv2gcskqi0hvf.com
1.71.154.156.in-addr.arpa
PTR rdns2.ultradns.net
2.41.231.216.in-addr.arpa
PTR ns-legacy.speakeasy.net
5.2.2.4.test.senderbase.org
0sqi0trtnl1m25ve1yroftu25c.com
4.4.8.8.origin.asn.cymru.com
TXT 15169 | 8.8.4.0/24 | US | arin | 2023-12-28
127.0.0.2
4ceyccxsfgomhl5u0pq4bdwpmg.Youtube.com
fsrmei4vdpw23qmgklq0qscemd.Google.com
lgilom1v0mer0xytsqrwq5ho0c.com
www.c5smjgyvhfi1mzwkghsoju00fb.com
25.16.111.68.in-addr.arpa
PTR ns2.lv.cox.net
whwiftptab3zos2bussunpmdza.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
www.fstbrmwwo05n2tzldktgmercdc.com
as7922.asn.cymru.com
TXT 7922 | US | arin | 1997-02-14 | COMCAST-7922, US
as36692.asn.cymru.com
TXT 36692 | US | arin | 2006-03-21 | CISCO-UMBRELLA, US
2.159.92.66.origin.asn.cymru.com
TXT 11696 | 66.92.159.0/24 | US | arin | 2001-03-28
127.0.0.2
btm1v1ntuwpi4sbst4rqzedi3f.com
xbac4yis25yymhjktgrqnyvdxh.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
bp4kxb4xls2gbxju2ut2y4bk3g.com
2.111.81.64.origin.asn.cymru.com
TXT 3257 | 64.81.0.0/16 | US | arin | 2000-04-28
127.0.0.2
tfhhxn0xnq2x3josvhsaw2yywd.com
30.16.111.68.test.senderbase.org
25.71.154.156.in-addr.arpa
ic02pafsf1s5ikdfcjrmlxkd2h.Youtube.com
www.ay5xgkeqhow4mel10eqqf3szeg.com
6.2.2.4.test.senderbase.org
hmwdm3rwx0g22ukgieqkvowbbh.Google.com
qxwgh5qx42w34czz31s0n5ykpf.com
ioatctkqakyb1eg4uxr0synh3f.Youtube.com
flr1oyjuxaipunaxaftmomaive.Youtube.com
30.16.12.68.in-addr.arpa
PTR ip68-12-16-30.ok.ok.cox.net
123.222.67.208.test.senderbase.org
fh43jy5tr4buuf50gjqky00yne.com
8.8.8.8.origin.asn.cymru.com
TXT 15169 | 8.8.8.0/24 | US | arin | 2023-12-28
127.0.0.2
10.214.117.204.in-addr.arpa
PTR ns1.sprintlink.net
www.owxvwqmw0rt3lylfvmq455kzmh.com
30.16.2.68.test.senderbase.org
as17184.asn.cymru.com
TXT 17184 | US | arin | 2000-08-03 | ATL-CBEYOND, US
bljck35q2cfxz1ajiotwpnysea.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
2.175.27.216.in-addr.arpa
PTR dns.atl1.speakeasy.net
1tdu3d2ud11efzeyqkra15p5af.com
154.69.87.68.test.senderbase.org
2.87.93.66.origin.asn.cymru.com
TXT 17184 | 66.93.87.0/24 | US | arin | 2001-03-28
127.0.0.2
1.194.153.198.origin.asn.cymru.com
TXT 397213 397218 397231 397235 | 198.153.194.0/24 | US | arin | 1993-08-11
127.0.0.2
22.70.154.156.origin.asn.cymru.com
TXT 397213 397218 397231 397235 | 156.154.70.0/24 | US | arin | 2003-12-18
127.0.0.2
1.70.154.156.test.senderbase.org
4qmo30fq3hryctxncyqiakqrdb.com
dlxdtphviktdhdztbxrqioz1de.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
2.87.93.66.test.senderbase.org
4.4.8.8.in-addr.arpa
PTR dns.google
30.16.10.68.test.senderbase.org
25.18.1.68.in-addr.arpa
45hncyxxljrz5fbpquto33lb2a.Youtube.com
wztr54hrjy1ejqrolrrowxyhbb.com
btpfifms3xhwodffq0rynda1ob.Google.com
s12ptbnvoq5ekoggictahecs3b.com
db0zcnzuuspdq1nsy0sep1b0ef.Yahoo.com
2ynq1otxuzgncnvvhkqwp5fpnf.Youtube.com
154.69.87.68.origin.asn.cymru.com
TXT 7922 | 68.80.0.0/13 | US | arin | 2002-01-28
127.0.0.2
gj1weg4xzob3ntdcqjqig5jg3a.Yahoo.com
x4x0qzbqbd4addt5p3suhnso4d.Yahoo.com
m1wdujev3mfx34zv5xsck0zqae.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
2.101.124.164.origin.asn.cymru.com
TXT 3786 | 164.124.0.0/16 | KR | apnic | 1993-03-01
127.0.0.2
mchjxsgql1lkkfvcelr2omtmxh.Yahoo.com
iv2pwvbuv1mag0mdkxqa4cbbnf.com
ok1bfk5s5urkbnzalzrqklmoch.com
220.220.67.208.origin.asn.cymru.com
TXT 36692 | 208.67.220.0/24 | US | arin | 2006-06-06
127.0.0.2
dn501p0ujeovrxl5apte035wbh.Google.com
zpvidqauzbdpmbsthkqw4ejgva.Yahoo.com
30.16.2.68.in-addr.arpa
PTR ns1.ph.cox.net
wjx3t2lv55qjdyqjnrt2olnwbb.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
250.35.250.129.in-addr.arpa
PTR x.ns.gin.ntt.net
251.35.250.129.origin.asn.cymru.com
TXT 2914 | 129.250.0.0/16 | US | arin | 1988-04-05
127.0.0.2
25.16.6.68.test.senderbase.org
25.70.154.156.origin.asn.cymru.com
TXT 397213 397218 397231 397235 | 156.154.70.0/24 | US | arin | 2003-12-18
127.0.0.2
www.oku2zzuqekg0eetv1hre3ti5eb.com
qstjnxeupi53fltczzt0kbpv5e.com
30.16.6.68.test.senderbase.org
cnp0idkrq1zvtua2rnty1u1x1c.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
4.2.2.4.origin.asn.cymru.com
TXT 3356 | 4.0.0.0/9 | US | arin | 1992-12-01
127.0.0.2
cf5r3jfsxb11oarpyor2unldyd.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
qldqinrrho5rl4sulaqyzu30uh.Yahoo.com
msti0qcwnhzy3ayqpitu522qge.com
ujrfsnuq1fklycopgxqehzdfca.com
9.9.9.9.origin.asn.cymru.com
TXT 19281 | 9.9.9.0/24 | CH | arin | 2017-09-13
127.0.0.2
pywi1l1qm2s5dlgpdds2sggb5f.com
www.3gsdllexmwfna0u1r5tkwy0sng.com
k45c13bwviwmltjt25ra0r04pb.com
25.16.11.68.test.senderbase.org
1.70.154.156.in-addr.arpa
PTR rdns1.ultradns.net
g5hn2zhssjwpg5qpjltyplltxd.com
2.224.92.66.origin.asn.cymru.com
TXT 17184 | 66.92.224.0/24 | US | arin | 2001-03-28
127.0.0.2
woxxb1oxwa0rgfp03zryyuu02a.Youtube.com
mwg1lborpaic53kl4hre1gfiqb.com
ifvekmhx1gf4yb0sdnreqraxof.Youtube.com
ir2ndyxt0bj55tei3grc0g4xnc.Live.com
CNAME a-0010.a-msedge.net
A 204.79.197.212
204.79.197.212
25.16.11.68.origin.asn.cymru.com
TXT 22773 | 68.11.0.0/17 | US | arin | 2001-11-12
127.0.0.2
rotwufprkhpindexfhsqxphlsb.com
www.pahwdmlvqkqupywfdtsax1avje.com
bt3ghecv0uku3iyqtprmkgkxnf.com
www.adgoeodrw4g1o5hwzkrugc5g1g.com
www.rodj53xsomwgpx2rfsscfrpn5f.com
m0dn2kkuoh5idlhr3cr4n3b0hd.Yahoo.com
10.212.97.204.origin.asn.cymru.com
TXT 1239 | 204.97.212.0/24 | US | arin | 1994-07-13
127.0.0.2
www.iimu0azunxhmi2pkqjq4aqyhrd.com
o4mwbfctrnxpyxmk0ntq1i3oaa.Google.com
25.16.10.68.origin.asn.cymru.com
TXT 22773 | 68.0.0.0/12 | US | arin | 2001-11-12
TXT 22773 | 68.10.0.0/16 | US | arin | 2001-11-12
127.0.0.2
1.212.118.74.test.senderbase.org
25.16.4.68.in-addr.arpa
PTR ns2.oc.cox.net
25.16.2.68.test.senderbase.org
n033mfyxrnzjnkfpborkqmf1mb.com
2.159.81.64.test.senderbase.org
5caj4crw0fe4w32cantate540d.com
www.q4a5dcoqyviyzu0pqhrybzheyh.com
110.0.55.209.origin.asn.cymru.com
TXT 10397 | 209.55.0.0/19 | US | arin | 1997-03-10
TXT 10397 | 209.55.0.0/23 | US | arin | 1997-03-10
127.0.0.2
as19281.asn.cymru.com
TXT 19281 | CH | arin | 2017-09-13 | QUAD9-AS-1, CH
22.71.154.156.origin.asn.cymru.com
TXT 397215 397218 397219 397220 397224 397225 397231 | 156.154.71.0/24 | US | arin | 2003-12-18
127.0.0.2
as11404.asn.cymru.com
TXT 11404 | US | arin | 2007-03-28 | AS-WAVE-1, US
vswaiyhqylxyciun5ptopebjqd.com
29.32.113.24.origin.asn.cymru.com
TXT 11404 | 24.113.0.0/16 | US | arin | 2004-01-07
127.0.0.2
222.220.67.208.in-addr.arpa
PTR resolver4.opendns.com
30.16.13.68.origin.asn.cymru.com
TXT 22773 | 68.13.0.0/17 | US | arin | 2001-11-12
127.0.0.2
IP Address Status Action
1.0.0.1 Active Moloch
129.250.35.250 Active Moloch
129.250.35.251 Active Moloch
156.154.70.1 Active Moloch
156.154.70.22 Active Moloch
156.154.70.25 Active Moloch
156.154.71.1 Active Moloch
156.154.71.22 Active Moloch
156.154.71.25 Active Moloch
164.124.101.2 Active Moloch
198.153.192.1 Active Moloch
198.153.194.1 Active Moloch
198.41.0.4 Active Moloch
199.2.252.10 Active Moloch
204.117.214.10 Active Moloch
204.194.232.200 Active Moloch
204.194.234.200 Active Moloch
204.97.212.10 Active Moloch
208.67.220.123 Active Moloch
208.67.220.220 Active Moloch
208.67.220.222 Active Moloch
208.67.222.123 Active Moloch
208.67.222.220 Active Moloch
208.67.222.222 Active Moloch
209.55.0.110 Active Moloch
209.55.1.220 Active Moloch
216.231.41.2 Active Moloch
216.254.95.2 Active Moloch
216.27.175.2 Active Moloch
24.113.32.29 Active Moloch
24.113.32.30 Active Moloch
4.2.2.1 Active Moloch
4.2.2.2 Active Moloch
4.2.2.3 Active Moloch
4.2.2.4 Active Moloch
4.2.2.5 Active Moloch
4.2.2.6 Active Moloch
4.79.142.202 Active Moloch
64.81.111.2 Active Moloch
64.81.127.2 Active Moloch
64.81.159.2 Active Moloch
64.81.45.2 Active Moloch
64.81.79.2 Active Moloch
66.92.159.2 Active Moloch
66.92.224.2 Active Moloch
66.92.64.2 Active Moloch
66.93.87.2 Active Moloch
68.1.18.25 Active Moloch
68.1.18.30 Active Moloch
68.10.16.25 Active Moloch
68.10.16.30 Active Moloch
68.100.16.25 Active Moloch
68.100.16.30 Active Moloch
68.11.16.25 Active Moloch
68.11.16.30 Active Moloch
68.111.16.25 Active Moloch
68.111.16.30 Active Moloch
68.12.16.25 Active Moloch
68.12.16.30 Active Moloch
68.13.16.25 Active Moloch
68.13.16.30 Active Moloch
68.2.16.25 Active Moloch
68.2.16.30 Active Moloch
68.4.16.25 Active Moloch
68.4.16.30 Active Moloch
68.6.16.25 Active Moloch
68.6.16.30 Active Moloch
68.87.64.154 Active Moloch
68.87.68.170 Active Moloch
68.87.69.154 Active Moloch
68.9.16.25 Active Moloch
68.9.16.30 Active Moloch
74.118.212.1 Active Moloch
74.118.212.2 Active Moloch
9.9.9.9 Active Moloch

Suricata Alerts

Flow SID Signature Category
TCP 192.168.56.101:49166 -> 4.79.142.202:443 906200054 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
UDP 156.154.71.25:53 -> 192.168.56.101:49152 2018666 ET MALWARE Possible Zeus P2P Variant DGA NXDOMAIN Responses July 11 2014 A Network Trojan was detected

Suricata TLS

Flow Issuer Subject Fingerprint
TLSv1
192.168.56.101:49166
4.79.142.202:443 		C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 C=US, ST=California, L=Laguna Niguel, O=Gibson Research Corporation, CN=grc.com 73:15:ee:7d:f9:72:37:c4:2c:b8:3c:bd:4e:fd:43:ff:36:9d:c2:42

Time & API Arguments Status Return Repeated

IsDebuggerPresent

 0 0
packer PECompact 2.xx --> BitSum Technologies
Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.instruction_r: 89 08 50 45 43 6f 6d 70 61 63 74 32 00 e9 53 d6
exception.symbol: dnsbench+0xbd74
exception.instruction: mov dword ptr [eax], ecx
exception.module: DNSBench.exe
exception.exception_code: 0xc0000005
exception.offset: 48500
exception.address: 0x40bd74
registers.esp: 1638276
registers.edi: 0
registers.eax: 0
registers.ebp: 1638292
registers.edx: 4242782
registers.ebx: 2130567168
registers.esi: 0
registers.ecx: 0
1 0 0
request GET http://www.grc.com/x/ne.dll?aaaaaaednxaptz5yqth3s3zvqtvtnkk30s52dlvtv42q01221x322qjlrb
request GET https://www.grc.com/x/ne.dll?aaaaaaednxaptz5yqth3s3zvqtvtnkk30s52dlvtv42q01221x322qjlrb
Time & API Arguments Status Return Repeated

NtAllocateVirtualMemory

 process_identifier: 2556
region_size: 12288
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00390000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtProtectVirtualMemory

 process_identifier: 2556
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x73452000
process_handle: 0xffffffff
1 0 0
description DNSBench.exe tried to sleep 438 seconds, actually delayed analysis time by 438 seconds
Cynet Malicious (score: 100)
SentinelOne Static AI - Suspicious PE
Jiangmin TrojanSpy.Zbot.fpyl
Antiy-AVL Trojan[Spy]/Win32.Zbot
Time & API Arguments Status Return Repeated

GetAdaptersAddresses

 flags: 1158
family: 0
1 0 0
section {u'size_of_data': u'0x00020600', u'virtual_address': u'0x00001000', u'entropy': 7.9972869045752075, u'name': u'.text', u'virtual_size': u'0x000a6000'} entropy 7.99728690458 description A section with a high entropy has been found
entropy 0.935018050542 description Overall entropy of this PE file is high
domain as13335.asn.cymru.com
domain 251.35.250.129.test.senderbase.org
domain 123.220.67.208.test.senderbase.org
domain 30.16.12.68.test.senderbase.org
domain 6.2.2.4.origin.asn.cymru.com
domain 30.16.4.68.origin.asn.cymru.com
domain 1.0.0.1.test.senderbase.org
domain 4.2.2.4.test.senderbase.org
domain 110.0.55.209.test.senderbase.org
domain 22.70.154.156.test.senderbase.org
domain 2.212.118.74.origin.asn.cymru.com
domain 2.2.2.4.test.senderbase.org
domain 10.252.2.199.test.senderbase.org
domain 170.68.87.68.test.senderbase.org
domain 30.18.1.68.test.senderbase.org
domain 25.16.12.68.test.senderbase.org
domain 29.32.113.24.test.senderbase.org
domain 1.1.1.1.origin.asn.cymru.com
domain 30.16.9.68.origin.asn.cymru.com
domain 2.64.92.66.origin.asn.cymru.com
domain 220.1.55.209.test.senderbase.org
domain 2.2.2.4.origin.asn.cymru.com
domain 222.220.67.208.test.senderbase.org
domain 30.16.2.68.origin.asn.cymru.com
domain as11696.asn.cymru.com
domain 5.2.2.4.origin.asn.cymru.com
domain 170.68.87.68.origin.asn.cymru.com
domain 25.70.154.156.test.senderbase.org
domain as1239.asn.cymru.com
domain 123.220.67.208.origin.asn.cymru.com
domain 2.159.81.64.origin.asn.cymru.com
domain 2.95.254.216.test.senderbase.org
domain 30.16.6.68.origin.asn.cymru.com
domain 30.16.11.68.test.senderbase.org
domain 2.224.92.66.test.senderbase.org
domain 154.64.87.68.origin.asn.cymru.com
domain 25.16.4.68.test.senderbase.org
domain 25.16.13.68.origin.asn.cymru.com
domain 25.16.13.68.test.senderbase.org
domain 2.79.81.64.origin.asn.cymru.com
domain 25.18.1.68.test.senderbase.org
domain 22.71.154.156.test.senderbase.org
domain 1.2.2.4.test.senderbase.org
domain 2.212.118.74.test.senderbase.org
domain as397213.asn.cymru.com
domain 200.232.194.204.test.senderbase.org
domain 200.234.194.204.origin.asn.cymru.com
domain 222.220.67.208.origin.asn.cymru.com
domain as2914.asn.cymru.com
domain 30.16.11.68.origin.asn.cymru.com