Windows Analysis Report
https://easy-rob.com/fileadmin/data/dwn/

Overview

General Information

Sample URL: https://easy-rob.com/fileadmin/data/dwn/
Analysis ID: 1445856
Infos:

Detection

Score: 3
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

Detected non-DNS traffic on DNS port
HTML body contains low number of good links
HTML body contains password input but no form action
HTML title does not match URL
HTTP GET or POST without a user agent
Stores files to the Windows start menu directory

Classification

HTML body contains low number of good links
Source: https://easy-rob.com/downloads/ HTTP Parser: Number of links: 0
HTML body contains password input but no form action
Source: https://easy-rob.com/downloads/ HTTP Parser: <input type="password" .../> found but no <form action="...
HTML title does not match URL
Source: https://easy-rob.com/downloads/ HTTP Parser: Title: Downloads | EASY-ROB does not match URL
Source: https://easy-rob.com/downloads/ HTTP Parser: <input type="password" .../> found
Source: https://easy-rob.com/fileadmin/data/dwn/ HTTP Parser: No favicon
Source: https://easy-rob.com/downloads/ HTTP Parser: No <meta name="author".. found
Source: https://easy-rob.com/downloads/ HTTP Parser: No <meta name="copyright".. found
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:49707 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49711 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49712 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.190.160.20:443 -> 192.168.2.17:61090 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:61091 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.190.160.20:443 -> 192.168.2.17:61092 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.3.187.198:443 -> 192.168.2.17:63109 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:63111 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:63114 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.23.209.143:443 -> 192.168.2.17:63115 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:63116 version: TLS 1.2
Detected non-DNS traffic on DNS port
Source: global traffic TCP traffic: 192.168.2.17:63108 -> 1.1.1.1:53
Source: global traffic TCP traffic: 192.168.2.17:61089 -> 1.1.1.1:53
HTTP GET or POST without a user agent
Source: global traffic HTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown TCP traffic detected without corresponding DNS query: 20.190.160.20
Source: unknown TCP traffic detected without corresponding DNS query: 20.190.160.20
Source: unknown TCP traffic detected without corresponding DNS query: 20.190.160.20
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.5.88
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET /fileadmin/data/dwn/ HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/fileadmin/data/dwn/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlKHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=tY5gw21VnT9D7GP&MD=M1Lz6cTv HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br
Source: global traffic HTTP traffic detected: GET /clientwebservice/ping HTTP/1.1Connection: Keep-AliveUser-Agent: DNS resiliency checker/1.0Host: fe3cr.delivery.mp.microsoft.com
Source: global traffic HTTP traffic detected: GET /sls/ping HTTP/1.1Connection: Keep-AliveUser-Agent: DNS resiliency checker/1.0Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlKHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=tY5gw21VnT9D7GP&MD=M1Lz6cTv HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /client/config?cc=CH&setlang=en-CH HTTP/1.1X-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-UserAgeClass: UnknownX-BM-Market: CHX-BM-DateFormat: dd/MM/yyyyX-Device-OSSKU: 48X-BM-DTZ: -240X-DeviceID: 01000A41090080B6X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDYAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAW3yMr%2BO0blbz6Rzw1qe%2BSMxspj8cuJZP6ehWg7ZwYMh5znFcOCuHYpfZ%2Bw1QCq5W%2BVvcRReM3rmqClOkhZOC/vCzZ2fqDneN1IqyDVSmRHCcezDsmIU/98RMqSMCIKTXziPMEtvSkwibR3LDhCVDffw9cHOEUXW6C6Answugv22UU5ZLEk/dTzMfHOw7mRedC5Wi8FrT%2Bal/uE95DOj9HgHKMsXZ6QqxhP4aCCzt8wOOfev0ivvVJubNXrljX7uMSSLv7H23KzlTOPDdjQJZwIb/fr2XZhU/%2BCUZvI7j4vKucxeVYazwM3k6JEp/4pprM%2Bzgozkn47F7buPeQvdgIUDZgAACG5Kim4WLnDhqAGepsGKsvNVvMoPi/cHcVo153rc4j17l6FFPK0SnAToWJe97w4hE%2B2BXxkM3z9o15QV%2BpXOeIlaqlhJAsXol6dUJT9liCvjovIjxm9zjXB1XWZImiistEK1/u%2BJzxvaHn2%2B44lKTue1rs082WXuELZD6x9hVYgRzUz3vt3Wk0t9pLkyXDNyyXfM1rRvubhUPhFAtf2YX0DWOWQ3NRhbA2KY5WoAire7ETZguhHg%2B2%2Bd3eq4aTW7LbALHKzx5NYkCt/WCUy5ML5CGLPV12h93Q7w3jqthsLowTwXfIRuRD5tVKmtU587aYR18yQ2LssezK2NL1hlCc0pcR%2BFMNAwHhS8n3LtnY2rSxLGmiCa/rycg4Ds749i05at8TSHpJJYoD4M9rFLw1EUXCJTFD%2BnZa2qNrEw19WbQaNNLgJH92piXCoIwxCFyX2AkUjdACz2nChVIS9vYUM2yU52W%2BIOkODNo1hn7urwT%2BcVrq1Lg8rpVP0JgZFXOJ565CDamlBqC42GG/OLkraSM3T6ULfoWYLULP4S1%2B/4YQTf24QY744opP%2B301TTY8nz2AE%3D%26p%3DX-Agent-DeviceId: 01000A41090080B6X-BM-CBT: 1716391181User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045X-Device-isOptin: falseAccept-language: en-GB, en, en-USX-Device-Touch: falseX-Device-ClientSession: A43921ED63664CB68ED0286E078591DCX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIHost: www.bing.comConnection: Keep-AliveCookie: SRCHUID=V=2&GUID=C4EAB6C130004333A34B5668AE4E4D10&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=en; MUID=4590362BB5CF472B95BBEDB3112D4B7B; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=tY5gw21VnT9D7GP&MD=M1Lz6cTv HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /fileadmin/data HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fileadmin/data/ HTTP/1.1Host: easy-rob.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlKHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fileadmin HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fileadmin/ HTTP/1.1Host: easy-rob.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlKHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.18 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.18 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/plugins/login-sidebar-widget/css/style_login_widget.css?ver=5.1.18 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/style.css?ver=1583771668 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/plugins/login-sidebar-widget/js/jquery.validate.min.js?ver=5.1.18 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/plugins/login-sidebar-widget/js/additional-methods.js?ver=5.1.18 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/readmore.js HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2018/04/david-jorre-477050-unsplash.png HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/img/easy-rob-logo.svg HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2019/03/bildschirmfoto-2019-03-07-um-12-22-17-1.png HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2019/01/er-collision-update-v7-3-250x250.png HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2018/08/er-wordpress-simulator-beispiel-2-seite4-250x168.jpg HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2018/03/bildschirmfoto-2018-03-26-um-11-43-24-250x250.png HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/img/easy-rob-logo.svg HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2018/08/er-wordpress-simulator-beispiel-2-seite4-250x168.jpg HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2019/01/er-collision-update-v7-3-250x250.png HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/scripts.js HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2019/03/bildschirmfoto-2019-03-07-um-12-22-17-1.png HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2018/03/bildschirmfoto-2018-03-26-um-11-43-24-250x250.png HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/navigation.js?ver=20151215 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /downloads/ HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/featherlight.gallery.min.js?ver=20151215 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2018/04/david-jorre-477050-unsplash.png HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/main.js?ver=20171215 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/equal-height.js?ver=20171215 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-includes/js/wp-embed.min.js?ver=5.1.18 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/featherlight.min.js?ver=20151215 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/downloads/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/equal-height.js?ver=20171215 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/downloads/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2021/01/er-geo-assist.jpg HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/downloads/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2019/03/35fa73a90a.jpg HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/downloads/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2019/03/ba1283cc0d.jpg HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/downloads/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2021/01/autopath.jpg HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/downloads/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/downloads/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-includes/js/wp-embed.min.js?ver=5.1.18 HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://easy-rob.com/downloads/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2019/03/35fa73a90a.jpg HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2019/03/ba1283cc0d.jpg HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2021/01/er-geo-assist.jpg HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/uploads/2021/01/autopath.jpg HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/img/favicon.png HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://easy-rob.com/downloads/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJC2yQEIprbJAQipncoBCLf3ygEIlKHLAQiFoM0BCNy9zQEIksrNAQi5ys0BCLbLzQEI6dLNAQiK080BCMHUzQEIz9bNAQjj1s0BCI7XzQEIp9jNAQi62M0BCPnA1BUYuL/NARj2yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /wp-content/themes/easy-rob/assets/img/favicon.png HTTP/1.1Host: easy-rob.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /fileadmin/ HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /fileadmin/data/ HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /fileadmin/data/dwn/ HTTP/1.1Host: easy-rob.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic HTTP traffic detected: GET /fileadmin/data/dwn/ HTTP/1.1Host: easy-rob.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pll_language=de; PHPSESSID=db28aa88bf8106636b9db63b5083ed8e
Source: global traffic DNS traffic detected: DNS query: easy-rob.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: s.w.org
Source: unknown HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Wed, 22 May 2024 15:19:24 GMTalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Wed, 22 May 2024 15:19:26 GMTalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Wed, 22 May 2024 15:19:51 GMTalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Wed, 22 May 2024 15:19:57 GMTalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Wed, 22 May 2024 15:20:16 GMTalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Wed, 22 May 2024 15:20:17 GMTalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Wed, 22 May 2024 15:20:18 GMTalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Wed, 22 May 2024 15:20:22 GMTalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: chromecache_98.1.dr, chromecache_95.1.dr String found in binary or memory: http://css-tricks.com/equal-height-blocks-in-rows/
Source: chromecache_132.1.dr String found in binary or memory: http://davidwalsh.name/javascript-debounce-function
Source: chromecache_126.1.dr String found in binary or memory: http://developer.ean.com/general_info/Valid_Credit_Card_Types
Source: chromecache_126.1.dr String found in binary or memory: http://docs.jquery.com/Plugins/Validation/Methods/accept
Source: chromecache_101.1.dr String found in binary or memory: http://felixf.de
Source: chromecache_132.1.dr String found in binary or memory: http://jedfoster.github.io/Readmore.js
Source: chromecache_109.1.dr, chromecache_126.1.dr String found in binary or memory: http://jqueryvalidation.org/
Source: chromecache_126.1.dr String found in binary or memory: http://jqueryvalidation.org/creditcard-method/
Source: chromecache_134.1.dr, chromecache_125.1.dr String found in binary or memory: http://noelboss.github.io/featherlight/
Source: chromecache_126.1.dr String found in binary or memory: http://stackoverflow.com/questions/3446170/escape-string-for-use-in-javascript-regex
Source: chromecache_126.1.dr String found in binary or memory: http://www.aa-asterisk.org.uk/index.php/Regular_Expressions_for_Validating_and_Formatting_GB_Telepho
Source: chromecache_126.1.dr String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_101.1.dr String found in binary or memory: http://www.easy-rob.com
Source: chromecache_101.1.dr String found in binary or memory: http://www.gnu.org/licenses/gpl-2.0.html
Source: chromecache_134.1.dr, chromecache_125.1.dr String found in binary or memory: http://www.noelboss.com)
Source: chromecache_106.1.dr String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/CustomEvent/CustomEvent
Source: chromecache_135.1.dr String found in binary or memory: https://git.io/vWdr2
Source: unknown Network traffic detected: HTTP traffic on port 63180 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63131
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63130
Source: unknown Network traffic detected: HTTP traffic on port 63165 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63122 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63142 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63145 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63168 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63129
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63122
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63121
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63124
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63123
Source: unknown Network traffic detected: HTTP traffic on port 63116 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63126
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63125
Source: unknown Network traffic detected: HTTP traffic on port 63139 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63171 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63128
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63127
Source: unknown Network traffic detected: HTTP traffic on port 63156 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63140
Source: unknown Network traffic detected: HTTP traffic on port 63177 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63142
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63141
Source: unknown Network traffic detected: HTTP traffic on port 63125 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown Network traffic detected: HTTP traffic on port 63160 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63119 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61090 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63133
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63132
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63135
Source: unknown Network traffic detected: HTTP traffic on port 63111 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63134
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63137
Source: unknown Network traffic detected: HTTP traffic on port 63153 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63136
Source: unknown Network traffic detected: HTTP traffic on port 63136 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63139
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63138
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 61090
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 61091
Source: unknown Network traffic detected: HTTP traffic on port 63130 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 61092
Source: unknown Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63151
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63150
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63153
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63152
Source: unknown Network traffic detected: HTTP traffic on port 63163 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63147 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63124 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63121 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61091 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63144
Source: unknown Network traffic detected: HTTP traffic on port 63150 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63143
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63146
Source: unknown Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63145
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63148
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63147
Source: unknown Network traffic detected: HTTP traffic on port 63133 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown Network traffic detected: HTTP traffic on port 63118 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63149
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63160
Source: unknown Network traffic detected: HTTP traffic on port 63110 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63162
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63161
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63164
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63163
Source: unknown Network traffic detected: HTTP traffic on port 63141 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63127 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63144 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63169 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63113 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63155
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown Network traffic detected: HTTP traffic on port 63138 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63156
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown Network traffic detected: HTTP traffic on port 63172 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown Network traffic detected: HTTP traffic on port 63132 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63155 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63171
Source: unknown Network traffic detected: HTTP traffic on port 63178 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63170
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63173
Source: unknown Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63172
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63175
Source: unknown Network traffic detected: HTTP traffic on port 63149 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63184 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63161 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63126 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63165
Source: unknown Network traffic detected: HTTP traffic on port 63112 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63168
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63167
Source: unknown Network traffic detected: HTTP traffic on port 63175 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63169
Source: unknown Network traffic detected: HTTP traffic on port 63135 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63152 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63180
Source: unknown Network traffic detected: HTTP traffic on port 63181 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63182
Source: unknown Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63181
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63184
Source: unknown Network traffic detected: HTTP traffic on port 63146 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63164 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63129 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63143 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63167 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63177
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63176
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63179
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63178
Source: unknown Network traffic detected: HTTP traffic on port 63115 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63170 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63182 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63128 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63140 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63109 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63109
Source: unknown Network traffic detected: HTTP traffic on port 63137 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63114 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63187
Source: unknown Network traffic detected: HTTP traffic on port 63173 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63131 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63179 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63120
Source: unknown Network traffic detected: HTTP traffic on port 63162 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63187 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63148 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63123 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63120 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63119
Source: unknown Network traffic detected: HTTP traffic on port 61092 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63118
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63111
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63110
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63113
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63112
Source: unknown Network traffic detected: HTTP traffic on port 63176 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63115
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63114
Source: unknown Network traffic detected: HTTP traffic on port 63117 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63117
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63116
Source: unknown Network traffic detected: HTTP traffic on port 63134 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63151 -> 443
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:49707 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49711 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49712 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.190.160.20:443 -> 192.168.2.17:61090 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:61091 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.190.160.20:443 -> 192.168.2.17:61092 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.3.187.198:443 -> 192.168.2.17:63109 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:63111 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:63114 version: TLS 1.2
Source: unknown HTTPS traffic detected: 2.23.209.143:443 -> 192.168.2.17:63115 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:63116 version: TLS 1.2
Source: classification engine Classification label: clean3.win@14/81@8/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://easy-rob.com/fileadmin/data/dwn/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1948,i,16417313546953028079,13420924789578503771,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1948,i,16417313546953028079,13420924789578503771,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Google Drive.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window Recorder Window detected: More than 3 window changes detected
Stores files to the Windows start menu directory
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1445856 URL: https://easy-rob.com/filead... Startdate: 22/05/2024 Architecture: WINDOWS Score: 3 5 chrome.exe 9 2->5         started        dnsIp3 11 192.168.2.17, 138, 443, 49691 unknown unknown 5->11 13 192.168.2.18 unknown unknown 5->13 15 239.255.255.250 unknown Reserved 5->15 8 chrome.exe 5->8         started        process4 dnsIp5 17 www.google.com 142.250.185.196, 443, 49704, 63113 GOOGLEUS United States 8->17 19 easy-rob.com 149.126.6.57, 443, 49698, 49702 CYONCH Switzerland 8->19 21 s.w.org 8->21
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
239.255.255.250
 unknown Reserved
unknown unknown false
142.250.185.196
 www.google.com United States
15169 GOOGLEUS false
149.126.6.57
 easy-rob.com Switzerland
47302 CYONCH false

Private

IP
192.168.2.17
192.168.2.18

Contacted Domains

Name IP Active
easy-rob.com 149.126.6.57 true
www.google.com 142.250.185.196 true
s.w.org 192.0.77.48 true

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://easy-rob.com/wp-content/themes/easy-rob/assets/js/navigation.js?ver=20151215 false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/wp-content/themes/easy-rob/style.css?ver=1583771668 false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/wp-content/themes/easy-rob/assets/js/featherlight.gallery.min.js?ver=20151215 false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/wp-content/uploads/2019/01/er-collision-update-v7-3-250x250.png false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/wp-content/themes/easy-rob/assets/js/main.js?ver=20171215 false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/wp-content/themes/easy-rob/assets/js/scripts.js false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/wp-content/themes/easy-rob/assets/img/easy-rob-logo.svg false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/ false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/wp-includes/js/wp-embed.min.js?ver=5.1.18 false
  • Avira URL Cloud: safe
 unknown
https://easy-rob.com/fileadmin/data/dwn/ false
    		unknown
    https://easy-rob.com/wp-content/uploads/2021/01/er-geo-assist.jpg false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/themes/easy-rob/assets/js/readmore.js false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/plugins/login-sidebar-widget/js/jquery.validate.min.js?ver=5.1.18 false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/uploads/2019/03/ba1283cc0d.jpg false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/uploads/2018/08/er-wordpress-simulator-beispiel-2-seite4-250x168.jpg false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/favicon.ico false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/themes/easy-rob/assets/js/equal-height.js?ver=20171215 false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/plugins/login-sidebar-widget/js/additional-methods.js?ver=5.1.18 false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3 false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/uploads/2018/03/bildschirmfoto-2018-03-26-um-11-43-24-250x250.png false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/themes/easy-rob/assets/img/favicon.png false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/uploads/2018/04/david-jorre-477050-unsplash.png false
    • Avira URL Cloud: safe
    		 unknown
    https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/fileadmin false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3 false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/wp-content/uploads/2019/03/35fa73a90a.jpg false
    • Avira URL Cloud: safe
    		 unknown
    https://easy-rob.com/fileadmin/data/ false
      		unknown
      https://easy-rob.com/wp-content/uploads/2019/03/bildschirmfoto-2019-03-07-um-12-22-17-1.png false
      • Avira URL Cloud: safe
      		 unknown
      https://easy-rob.com/fileadmin/ false
        		unknown
        https://easy-rob.com/wp-content/themes/easy-rob/assets/js/featherlight.min.js?ver=20151215 false
        • Avira URL Cloud: safe
        		 unknown
        https://easy-rob.com/fileadmin/data false
        • Avira URL Cloud: safe
        		 unknown
        https://easy-rob.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.18 false
        • Avira URL Cloud: safe
        		 unknown
        https://easy-rob.com/wp-content/themes/easy-rob/assets/js/skip-link-focus-fix.js?ver=20151215 false
        • Avira URL Cloud: safe
        		 unknown
        https://easy-rob.com/downloads/ false
          		unknown
          https://easy-rob.com/wp-content/uploads/2021/01/autopath.jpg false
          • Avira URL Cloud: safe
          		 unknown
          https://easy-rob.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.18 false
          • Avira URL Cloud: safe
          		 unknown
          https://easy-rob.com/wp-content/plugins/login-sidebar-widget/css/style_login_widget.css?ver=5.1.18 false
          • Avira URL Cloud: safe
          		 unknown