Windows Analysis Report
https://clickers.smartresourceguide.com/?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&ott=-ojzkuprwmac3&stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j

Overview

General Information

Sample URL:	https://clickers.smartresourceguide.com/?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&
Analysis ID:	1447535
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Detected non-DNS traffic on DNS port

Detected suspicious crossdomain redirect

Classification

Signatures

Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49745 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:49784 -> 1.1.1.1:53

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: smartresourceguide.com to https://ferradurai.com/?e=1ioh%2bep48drult6ifwr68s9gom3iju0t&s1=
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: ferradurai.com to https://sonziuq.com/?e=1ioh%2bep48drult6ifwr68s9gom3iju0t&s1=&ch-redir=1&ckmxid=cp93gahq0001ui7os1s0&ckmguid=9fc97d00-6f34-4575-8508-5b5f753af5f3
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: sonziuq.com to https://www.d0qwtrk.com/28kl61/5nwwwn/?sub1=10000&sub2=563730799&sub3=
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: www.d0qwtrk.com to https://offer.housebuyernetwork.com/s/bqdtelrehqbov7s6wgfbmocfpyws4g2qwmlq4daa?source=1051&sub_id_1=10000&sub_id_2=57a5e1a860dd499298d62e4351284653&sub_id_3=&transaction_id=563730799&p=45.0

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.108.210
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.108.210
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.108.210
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.108.210
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&__ott=-ojzkuprwmac3&__stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j HTTP/1.1Host: clickers.smartresourceguide.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&__ott=-ojzkuprwmac3&__stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j HTTP/1.1Host: clickers.smartresourceguide.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /EasyKnock HTTP/1.1Host: smartresourceguide.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?E=1ioH%2beP48dRuLT6IFWr68S9GOm3iJU0T&s1= HTTP/1.1Host: ferradurai.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?E=1ioH%2beP48dRuLT6IFWr68S9GOm3iJU0T&s1=&ch-redir=1&ckmxid=cp93gahq0001ui7os1s0 HTTP/1.1Host: ferradurai.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?E=1ioH%2beP48dRuLT6IFWr68S9GOm3iJU0T&s1=&ch-redir=1&ckmxid=cp93gahq0001ui7os1s0&ckmguid=9fc97d00-6f34-4575-8508-5b5f753af5f3 HTTP/1.1Host: sonziuq.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /28KL61/5NWWWN/?sub1=10000&sub2=563730799&sub3= HTTP/1.1Host: www.d0qwtrk.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/bQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA?source=1051&sub_id_1=10000&sub_id_2=57a5e1a860dd499298d62e4351284653&sub_id_3=&transaction_id=563730799&p=45.0 HTTP/1.1Host: offer.housebuyernetwork.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7.113.0/bundle.tracing.replay.min.js HTTP/1.1Host: browser.sentry-cdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://offer.housebuyernetwork.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyer-network-logo-75-op-pad-1709820635520.png HTTP/1.1Host: static.leadshook.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/pixel/ndp.js HTTP/1.1Host: ads.nextdoor.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17166643663970.8543335283028002 HTTP/1.1Host: api.trustedform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyer-network-hero-1709820479367.jpg HTTP/1.1Host: static.leadshook.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17166643663970.8543335283028002 HTTP/1.1Host: cdn.trustedform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel?pid=f5c0ed47-4065-463c-9ffd-c892cbcbb4b3&vrs=8.3&ev=PAGE_VIEW&pl=https%3A%2F%2Foffer.housebuyernetwork.com%2Fs%2FbQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA%3Fsource%3D1051%26sub_id_1%3D10000%26sub_id_2%3D57a5e1a860dd499298d62e4351284653%26sub_id_3%3D%26transaction_id%3D563730799%26p%3D45.0&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=de98b290-485d-47ef-be34-4b92210c900a&pageid=eccf3837-426c-43ef-a67f-d462a0c59bb6&sessionid=6df83656-8e9e-4007-9c54-4a550320ab69&cd=%7B%7D HTTP/1.1Host: flask.nextdoor.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyer-network-logo-75-op-pad-1709820635520.png HTTP/1.1Host: static.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/bQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA HTTP/1.1Host: offer.housebuyernetwork.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dt_68990.lead=j%3A%7B%22id%22%3A503374439%7D; ndp_session_id=6df83656-8e9e-4007-9c54-4a550320ab69; _gcl_au=1.1.1278107080.1716664369; _tt_enable_cookie=1; _ttp=STVc9nJqCTzYYusOERuSAb5eEGY
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyer-network-hero-1709820479367.jpg HTTP/1.1Host: static.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyers-1707763198483.png HTTP/1.1Host: quiz-live.s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trustedform-1.9.15.js HTTP/1.1Host: cdn.trustedform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyers-1707763198483.png HTTP/1.1Host: quiz-live.s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_66.2.dr	String found in binary or memory: Math.round(p);u["gtm.videoCurrentTime"]=Math.round(q);u["gtm.videoElapsedTime"]=Math.round(f);u["gtm.videoPercent"]=r;u["gtm.videoVisible"]=t;return u},bk:function(){e=Db()},pd:function(){d()}}};var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)
Source: chromecache_66.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=oA(a,c,e);P(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return P(122),!0;if(d&&f){for(var m=Nb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},rA=function(){var a=[],b=function(c){return tb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_66.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Wg:d,Ug:e,Vg:f,Lh:g,Mh:h,xe:m,Ab:b},p=G.YT,q=function(){OC(n)};if(p)return p.ready&&p.ready(q),b;var r=G.onYouTubeIframeAPIReady;G.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),v=t.length,u=0;u<v;u++){var w=t[u].getAttribute("src");if(RC(w,"iframe_api")\|\|RC(w,"player_api"))return b}for(var y=H.getElementsByTagName("iframe"),x=y.length,B=0;B<x;B++)if(!IC&&PC(y[B],n.xe))return yc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_75.2.dr, chromecache_79.2.dr	String found in binary or memory: return b}EC.K="internal.enableAutoEventOnTimer";var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)
Source: chromecache_66.2.dr	String found in binary or memory: var TB=function(a,b,c,d,e){var f=Mz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Mz("fsl","nv.ids",[]):Mz("fsl","ids",[]);if(!g.length)return!0;var h=Rz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);P(121);if("https://www.facebook.com/tr/"===m)return P(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!yy(h,zy(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: clickers.smartresourceguide.com
Source: global traffic	DNS traffic detected: DNS query: smartresourceguide.com
Source: global traffic	DNS traffic detected: DNS query: ferradurai.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: sonziuq.com
Source: global traffic	DNS traffic detected: DNS query: www.d0qwtrk.com
Source: global traffic	DNS traffic detected: DNS query: offer.housebuyernetwork.com
Source: global traffic	DNS traffic detected: DNS query: ads.nextdoor.com
Source: global traffic	DNS traffic detected: DNS query: analytics.tiktok.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: static.leadshook.io
Source: global traffic	DNS traffic detected: DNS query: browser.sentry-cdn.com
Source: global traffic	DNS traffic detected: DNS query: api.trustedform.com
Source: global traffic	DNS traffic detected: DNS query: flask.nextdoor.com
Source: global traffic	DNS traffic detected: DNS query: cdn.trustedform.com
Source: global traffic	DNS traffic detected: DNS query: sentry.leadshook.io
Source: global traffic	DNS traffic detected: DNS query: quiz-live.s3.amazonaws.com

Source: unknown

HTTP traffic detected: POST /s/bQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA HTTP/1.1Host: offer.housebuyernetwork.comConnection: keep-aliveContent-Length: 257Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-Type: application/jsonsec-ch-ua-mobile: ?0x-lead-id: 503374439User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://offer.housebuyernetwork.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dt_68990.lead=j%3A%7B%22id%22%3A503374439%7D; ndp_session_id=6df83656-8e9e-4007-9c54-4a550320ab69

Source: chromecache_69.2.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_68.2.dr	String found in binary or memory: https://github.com/getsentry/sentry-javascript
Source: chromecache_75.2.dr	String found in binary or memory: https://google.com
Source: chromecache_75.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_69.2.dr	String found in binary or memory: https://lodash.com/
Source: chromecache_69.2.dr	String found in binary or memory: https://lodash.com/license
Source: chromecache_69.2.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chromecache_69.2.dr	String found in binary or memory: https://openjsf.org/
Source: chromecache_66.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_75.2.dr	String found in binary or memory: https://static.ads-twitter.com/uwt.js
Source: chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_66.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_75.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_66.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49745 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/39@48/21

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2740 --field-trial-handle=2708,i,3800012782922441957,2484468132831615815,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://clickers.smartresourceguide.com/?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&__ott=-ojzkuprwmac3&__stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2740 --field-trial-handle=2708,i,3800012782922441957,2484468132831615815,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
44.195.255.76	447b0cd8.ongageroute.net	United States	14618	AMAZON-AESUS	false
3.5.27.156	s3-w.us-east-1.amazonaws.com	United States	14618	AMAZON-AESUS	false
52.217.203.121	unknown	United States	16509	AMAZON-02US	false
192.124.249.138	smartresourceguide.com	United States	30148	SUCURI-SECUS	false
54.200.211.8	flask.us.nextdoor.com	United States	16509	AMAZON-02US	false
142.250.185.164	www.google.com	United States	15169	GOOGLEUS	false
52.35.252.245	ads.us.nextdoor.com	United States	16509	AMAZON-02US	false
151.101.194.217	browser.sentry-cdn.com	United States	54113	FASTLYUS	false
18.233.135.95	unknown	United States	14618	AMAZON-AESUS	false
3.232.98.97	team-tools-1121285548.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
3.162.38.8	cdn.trustedform.com	United States	16509	AMAZON-02US	false
18.244.18.79	unknown	United States	16509	AMAZON-02US	false
3.213.181.94	network.leadshook.io	United States	14618	AMAZON-AESUS	false
3.218.204.205	unknown	United States	14618	AMAZON-AESUS	false
35.244.245.136	www.d0qwtrk.com	United States	15169	GOOGLEUS	false
34.209.92.5	sonziuq.com	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
108.156.60.79	static.leadshook.io	United States	16509	AMAZON-02US	false
44.205.67.127	api.trustedform.com	United States	14618	AMAZON-AESUS	false
3.80.229.104	ferradurai.com	United States	14618	AMAZON-AESUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
447b0cd8.ongageroute.net	44.195.255.76	true
flask.us.nextdoor.com	54.200.211.8	true
browser.sentry-cdn.com	151.101.194.217	true
team-tools-1121285548.us-east-1.elb.amazonaws.com	3.232.98.97	true
smartresourceguide.com	192.124.249.138	true
www.d0qwtrk.com	35.244.245.136	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
static.leadshook.io	108.156.60.79	true
s3-w.us-east-1.amazonaws.com	3.5.27.156	true
network.leadshook.io	3.213.181.94	true
ads.us.nextdoor.com	52.35.252.245	true
www.google.com	142.250.185.164	true
api.trustedform.com	44.205.67.127	true
ferradurai.com	3.80.229.104	true
cdn.trustedform.com	3.162.38.8	true
sonziuq.com	34.209.92.5	true
flask.nextdoor.com	unknown	unknown
ads.nextdoor.com	unknown	unknown
cdn.jsdelivr.net	unknown	unknown
offer.housebuyernetwork.com	unknown	unknown
sentry.leadshook.io	unknown	unknown
quiz-live.s3.amazonaws.com	unknown	unknown
analytics.tiktok.com	unknown	unknown
clickers.smartresourceguide.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://offer.housebuyernetwork.com/s/bQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA?source=1051&sub_id_1=10000&sub_id_2=57a5e1a860dd499298d62e4351284653&sub_id_3=&transaction_id=563730799&p=45.0	false		unknown
https://browser.sentry-cdn.com/7.113.0/bundle.tracing.replay.min.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://static.leadshook.io/upload/pl/house-buyer-network-logo-75-op-pad-1709820635520.png	false	Avira URL Cloud: safe	unknown
https://api.trustedform.com/certs/5235a708b9f558a39975d7026faf9f01b8b396c2/fingerprints	false	Avira URL Cloud: safe	unknown
https://api.trustedform.com/certs/5235a708b9f558a39975d7026faf9f01b8b396c2/events	false	Avira URL Cloud: safe	unknown
https://clickers.smartresourceguide.com/?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&__ott=-ojzkuprwmac3&__stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j	false		unknown
https://ads.nextdoor.com/public/pixel/ndp.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://api.trustedform.com/certs/5235a708b9f558a39975d7026faf9f01b8b396c2/snapshot	false	Avira URL Cloud: safe	unknown
https://smartresourceguide.com/EasyKnock	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://offer.housebuyernetwork.com/s/bQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://flask.nextdoor.com/pixel?pid=f5c0ed47-4065-463c-9ffd-c892cbcbb4b3&vrs=8.3&ev=PAGE_VIEW&pl=https%3A%2F%2Foffer.housebuyernetwork.com%2Fs%2FbQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA%3Fsource%3D1051%26sub_id_1%3D10000%26sub_id_2%3D57a5e1a860dd499298d62e4351284653%26sub_id_3%3D%26transaction_id%3D563730799%26p%3D45.0&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=de98b290-485d-47ef-be34-4b92210c900a&pageid=eccf3837-426c-43ef-a67f-d462a0c59bb6&sessionid=6df83656-8e9e-4007-9c54-4a550320ab69&cd=%7B%7D	false	Avira URL Cloud: safe	unknown
https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17166643663970.8543335283028002	false	Avira URL Cloud: safe	unknown
https://ferradurai.com/?E=1ioH%2beP48dRuLT6IFWr68S9GOm3iJU0T&s1=	false	Avira URL Cloud: safe	unknown
https://quiz-live.s3.amazonaws.com/upload/pl/house-buyers-1707763198483.png	false	Avira URL Cloud: safe	unknown
https://www.d0qwtrk.com/28KL61/5NWWWN/?sub1=10000&sub2=563730799&sub3=	false	Avira URL Cloud: safe	unknown
https://sonziuq.com/?E=1ioH%2beP48dRuLT6IFWr68S9GOm3iJU0T&s1=&ch-redir=1&ckmxid=cp93gahq0001ui7os1s0&ckmguid=9fc97d00-6f34-4575-8508-5b5f753af5f3	false	Avira URL Cloud: safe	unknown
https://cdn.trustedform.com/trustedform-1.9.15.js	false	Avira URL Cloud: safe	unknown
https://static.leadshook.io/upload/pl/house-buyer-network-hero-1709820479367.jpg	false	Avira URL Cloud: safe	unknown
https://api.trustedform.com/certs	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17166643663970.8543335283028002	false	Avira URL Cloud: safe	unknown
https://ferradurai.com/?E=1ioH%2beP48dRuLT6IFWr68S9GOm3iJU0T&s1=&ch-redir=1&ckmxid=cp93gahq0001ui7os1s0	false	Avira URL Cloud: safe	unknown
https://sentry.leadshook.io/api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 64	ASCII text, with very long lines (65536), with no line terminators	D5F4304DEA6121D44398DA810B5A4106	2A14209564408932EC4B03CC93B1DC739E811BBF	5C16612B76ACBAD337A38019FA67CB4733227A5ACF681D92471D5BBE0BAE121A
Chrome Cache Entry: 65	ASCII text, with very long lines (65536), with no line terminators	7F5C51691BB26A0CD04D23BA28D6CE93	3439345E9A9486C3CB524D39741D9EFCD97C0D5B	D891E16DBAF81B89F017B6516AFDEFFE602F8DF1D5E269429E7B6EAF63726A03
Chrome Cache Entry: 66	ASCII text, with very long lines (5945)	29D647FCF3B59C094C8E425D86525A15	FE00C18851DB150E5FEE4987FC11BA0F07072AED	312E9C99FA444F4689861A6EDEA47EDA16B576857A70F30D98D462C0DFD62455
Chrome Cache Entry: 67	ASCII text	EF60F704A24E2A1612057973BEA69BB0	394BBB91C03E93128A9173E71A0C18F699CFEBAE	71E820A7C6450AA5349BC4FC28C89758BAED7D3EC3B9EFBEE72CEB1F5DCED366
Chrome Cache Entry: 68	ASCII text, with very long lines (65411)	1ACB5B810AD0B9D9F9EE23C1A2844967	03F58CBB227EC8E072F05F95F31A03B106AC387C	4FC1B77C7E354BA09EA701445E7E309B58409DC36EDB20E6F33AC451A2F39E30
Chrome Cache Entry: 69	ASCII text, with very long lines (4143)	9BECC40FB1D85D21D0CA38E2F7069511	AE854B04025DB8B7F48FDD6DEDF41E77EAE44394	A9705DFC47C0763380D851AB1801BE6F76019F6B67E40E9B873F8B4A0603F7A9
Chrome Cache Entry: 70	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2048x1151, components 3	29B7296A444481DDE0B4C614253B92E5	D8E5815912B391FAA4D779ACCADA1CBBF3C1761B	4B2554B9BD5343A746B47EAF6853EBD85B1A8EA83083BC4BB1B4856A0AE601AE
Chrome Cache Entry: 71	Web Open Font Format (Version 2), TrueType, length 15860, version 1.0	E9F5AAF547F165386CD313B995DDDD8E	ACDEF5603C2387B0E5BFFD744B679A24A8BC1968	F5AEBDFEA35D1E7656EF4ACC5DB1F243209755AE3300943EF8FC6280F363C860
Chrome Cache Entry: 72	PNG image data, 3150 x 803, 8-bit colormap, non-interlaced	E447A763BCF48EE3009A17A4C17E5B36	1AE69CF144E9429D2AC8F80B1B143C1CAE33A921	5DE98DAD469C39DFC6734D2727A6442B5E0805CD55DDF387D282ACD656D45E87
Chrome Cache Entry: 73	Web Open Font Format (Version 2), TrueType, length 7816, version 1.0	25B0E113CA7CCE3770D542736DB26368	CB726212D5D525021752A1D8470A0FB593E0C49E	9338E65FC077355C7A87AE0D64CC101E23B9BF8AD78AE65F0F319C857311B526
Chrome Cache Entry: 74	ASCII text, with very long lines (52695)	1A8416AA675EA47C8AFEE6DC82D891FD	3479C005831DCC4271286A28127350CC7E53CB8F	CE3A5FC52C3C9A83936B6BA3C6A3D0CB4FFCD847A998ABF0D5806243DE7E2D5A
Chrome Cache Entry: 75	ASCII text, with very long lines (19942)	0835116E1A3969A4C52695B5572D64C5	1C292912F2E02895DF38A62622290CE0EAA16377	5F3EF06BB51D08D39C24E4974144F8B5BFD8C4A202DA08639EA2E3BDC8174D92
Chrome Cache Entry: 76	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2048x1151, components 3	29B7296A444481DDE0B4C614253B92E5	D8E5815912B391FAA4D779ACCADA1CBBF3C1761B	4B2554B9BD5343A746B47EAF6853EBD85B1A8EA83083BC4BB1B4856A0AE601AE
Chrome Cache Entry: 77	PNG image data, 55 x 55, 8-bit colormap, non-interlaced	D9021DDF8205D1CB00A3E2C086C6EBA1	90E8E5B324A701DE9ED3F353118C52DAB8D1B1A2	71A330773DE45241F2609450912C8F100ECA301A03D33BA4BFD8330D5323B757
Chrome Cache Entry: 78	Web Open Font Format (Version 2), TrueType, length 7884, version 1.0	9212F6F9860F9FC6C69B02FEDF6DB8C3	AC6D71B4D5FDD2B3DABC9A06FF6C001E4251DA0B	7D93459D86585BFCDBB7E0376056226ADB25821EE54B96236FE2123E9560929F
Chrome Cache Entry: 79	ASCII text, with very long lines (1822)	B5A8D8C1F45EE568F9666580B6B01BB8	ACFAD8E605C72DFD52A3741D127AEF3A7EFF9DA4	BE90968CD482E46367339E07187969A9BF2FED70C0946198AA746B63378911A2
Chrome Cache Entry: 80	ASCII text, with very long lines (16554)	0F54ED54362C72F248B148A0F774D6C1	448D6A9685BC0F53D0734E9D7DED0BC3D53CD387	C41763922DE088A739D13373593D2BC7569BB525E40FC762EF7D7518AF231D6C
Chrome Cache Entry: 81	PNG image data, 3150 x 803, 8-bit colormap, non-interlaced	E447A763BCF48EE3009A17A4C17E5B36	1AE69CF144E9429D2AC8F80B1B143C1CAE33A921	5DE98DAD469C39DFC6734D2727A6442B5E0805CD55DDF387D282ACD656D45E87
Chrome Cache Entry: 82	Web Open Font Format (Version 2), TrueType, length 15744, version 1.0	15D9F621C3BD1599F0169DCF0BD5E63E	7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52	F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615
Chrome Cache Entry: 83	ASCII text, with very long lines (7510), with no line terminators	49F008C5BEF0242FF30D4D875C10FC12	D3D32B519EA22B7B00404333C16D1DF5A9C3113D	E358AC9219C2BFDE08EBD2B62EFE991CC0E27671EC64BDC5B6B15A5C195107DE
Chrome Cache Entry: 84	PNG image data, 55 x 55, 8-bit colormap, non-interlaced	D9021DDF8205D1CB00A3E2C086C6EBA1	90E8E5B324A701DE9ED3F353118C52DAB8D1B1A2	71A330773DE45241F2609450912C8F100ECA301A03D33BA4BFD8330D5323B757

Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49745 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:49784 -> 1.1.1.1:53

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: smartresourceguide.com to https://ferradurai.com/?e=1ioh%2bep48drult6ifwr68s9gom3iju0t&s1=
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: ferradurai.com to https://sonziuq.com/?e=1ioh%2bep48drult6ifwr68s9gom3iju0t&s1=&ch-redir=1&ckmxid=cp93gahq0001ui7os1s0&ckmguid=9fc97d00-6f34-4575-8508-5b5f753af5f3
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: sonziuq.com to https://www.d0qwtrk.com/28kl61/5nwwwn/?sub1=10000&sub2=563730799&sub3=
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: www.d0qwtrk.com to https://offer.housebuyernetwork.com/s/bqdtelrehqbov7s6wgfbmocfpyws4g2qwmlq4daa?source=1051&sub_id_1=10000&sub_id_2=57a5e1a860dd499298d62e4351284653&sub_id_3=&transaction_id=563730799&p=45.0

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.108.210
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.108.210
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.108.210
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.108.210
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&__ott=-ojzkuprwmac3&__stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j HTTP/1.1Host: clickers.smartresourceguide.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&__ott=-ojzkuprwmac3&__stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j HTTP/1.1Host: clickers.smartresourceguide.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /EasyKnock HTTP/1.1Host: smartresourceguide.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?E=1ioH%2beP48dRuLT6IFWr68S9GOm3iJU0T&s1= HTTP/1.1Host: ferradurai.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?E=1ioH%2beP48dRuLT6IFWr68S9GOm3iJU0T&s1=&ch-redir=1&ckmxid=cp93gahq0001ui7os1s0 HTTP/1.1Host: ferradurai.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?E=1ioH%2beP48dRuLT6IFWr68S9GOm3iJU0T&s1=&ch-redir=1&ckmxid=cp93gahq0001ui7os1s0&ckmguid=9fc97d00-6f34-4575-8508-5b5f753af5f3 HTTP/1.1Host: sonziuq.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /28KL61/5NWWWN/?sub1=10000&sub2=563730799&sub3= HTTP/1.1Host: www.d0qwtrk.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/bQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA?source=1051&sub_id_1=10000&sub_id_2=57a5e1a860dd499298d62e4351284653&sub_id_3=&transaction_id=563730799&p=45.0 HTTP/1.1Host: offer.housebuyernetwork.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7.113.0/bundle.tracing.replay.min.js HTTP/1.1Host: browser.sentry-cdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://offer.housebuyernetwork.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyer-network-logo-75-op-pad-1709820635520.png HTTP/1.1Host: static.leadshook.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/pixel/ndp.js HTTP/1.1Host: ads.nextdoor.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17166643663970.8543335283028002 HTTP/1.1Host: api.trustedform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyer-network-hero-1709820479367.jpg HTTP/1.1Host: static.leadshook.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17166643663970.8543335283028002 HTTP/1.1Host: cdn.trustedform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel?pid=f5c0ed47-4065-463c-9ffd-c892cbcbb4b3&vrs=8.3&ev=PAGE_VIEW&pl=https%3A%2F%2Foffer.housebuyernetwork.com%2Fs%2FbQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA%3Fsource%3D1051%26sub_id_1%3D10000%26sub_id_2%3D57a5e1a860dd499298d62e4351284653%26sub_id_3%3D%26transaction_id%3D563730799%26p%3D45.0&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=de98b290-485d-47ef-be34-4b92210c900a&pageid=eccf3837-426c-43ef-a67f-d462a0c59bb6&sessionid=6df83656-8e9e-4007-9c54-4a550320ab69&cd=%7B%7D HTTP/1.1Host: flask.nextdoor.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyer-network-logo-75-op-pad-1709820635520.png HTTP/1.1Host: static.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/bQdteLREhQBov7S6wgFBMOCfpywS4g2QwMLq4DAA HTTP/1.1Host: offer.housebuyernetwork.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dt_68990.lead=j%3A%7B%22id%22%3A503374439%7D; ndp_session_id=6df83656-8e9e-4007-9c54-4a550320ab69; _gcl_au=1.1.1278107080.1716664369; _tt_enable_cookie=1; _ttp=STVc9nJqCTzYYusOERuSAb5eEGY
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyer-network-hero-1709820479367.jpg HTTP/1.1Host: static.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyers-1707763198483.png HTTP/1.1Host: quiz-live.s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /trustedform-1.9.15.js HTTP/1.1Host: cdn.trustedform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://offer.housebuyernetwork.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /upload/pl/house-buyers-1707763198483.png HTTP/1.1Host: quiz-live.s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/6/envelope/?sentry_key=a16b093dbf1efc0121e044c4c8c7afeb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0 HTTP/1.1Host: sentry.leadshook.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_66.2.dr	String found in binary or memory: Math.round(p);u["gtm.videoCurrentTime"]=Math.round(q);u["gtm.videoElapsedTime"]=Math.round(f);u["gtm.videoPercent"]=r;u["gtm.videoVisible"]=t;return u},bk:function(){e=Db()},pd:function(){d()}}};var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)
Source: chromecache_66.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=oA(a,c,e);P(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return P(122),!0;if(d&&f){for(var m=Nb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},rA=function(){var a=[],b=function(c){return tb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_66.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Wg:d,Ug:e,Vg:f,Lh:g,Mh:h,xe:m,Ab:b},p=G.YT,q=function(){OC(n)};if(p)return p.ready&&p.ready(q),b;var r=G.onYouTubeIframeAPIReady;G.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),v=t.length,u=0;u<v;u++){var w=t[u].getAttribute("src");if(RC(w,"iframe_api")\|\|RC(w,"player_api"))return b}for(var y=H.getElementsByTagName("iframe"),x=y.length,B=0;B<x;B++)if(!IC&&PC(y[B],n.xe))return yc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_75.2.dr, chromecache_79.2.dr	String found in binary or memory: return b}EC.K="internal.enableAutoEventOnTimer";var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)
Source: chromecache_66.2.dr	String found in binary or memory: var TB=function(a,b,c,d,e){var f=Mz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Mz("fsl","nv.ids",[]):Mz("fsl","ids",[]);if(!g.length)return!0;var h=Rz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);P(121);if("https://www.facebook.com/tr/"===m)return P(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!yy(h,zy(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: clickers.smartresourceguide.com
Source: global traffic	DNS traffic detected: DNS query: smartresourceguide.com
Source: global traffic	DNS traffic detected: DNS query: ferradurai.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: sonziuq.com
Source: global traffic	DNS traffic detected: DNS query: www.d0qwtrk.com
Source: global traffic	DNS traffic detected: DNS query: offer.housebuyernetwork.com
Source: global traffic	DNS traffic detected: DNS query: ads.nextdoor.com
Source: global traffic	DNS traffic detected: DNS query: analytics.tiktok.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: static.leadshook.io
Source: global traffic	DNS traffic detected: DNS query: browser.sentry-cdn.com
Source: global traffic	DNS traffic detected: DNS query: api.trustedform.com
Source: global traffic	DNS traffic detected: DNS query: flask.nextdoor.com
Source: global traffic	DNS traffic detected: DNS query: cdn.trustedform.com
Source: global traffic	DNS traffic detected: DNS query: sentry.leadshook.io
Source: global traffic	DNS traffic detected: DNS query: quiz-live.s3.amazonaws.com

Source: unknown

Source: chromecache_69.2.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_67.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_68.2.dr	String found in binary or memory: https://github.com/getsentry/sentry-javascript
Source: chromecache_75.2.dr	String found in binary or memory: https://google.com
Source: chromecache_75.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_69.2.dr	String found in binary or memory: https://lodash.com/
Source: chromecache_69.2.dr	String found in binary or memory: https://lodash.com/license
Source: chromecache_69.2.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chromecache_69.2.dr	String found in binary or memory: https://openjsf.org/
Source: chromecache_66.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_75.2.dr	String found in binary or memory: https://static.ads-twitter.com/uwt.js
Source: chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_66.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_75.2.dr, chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_75.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_79.2.dr, chromecache_66.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_66.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.4:49745 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/39@48/21

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2740 --field-trial-handle=2708,i,3800012782922441957,2484468132831615815,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://clickers.smartresourceguide.com/?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&__ott=-ojzkuprwmac3&__stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2740 --field-trial-handle=2708,i,3800012782922441957,2484468132831615815,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1447535
Product:	CloudBasic
Start time:	21:11:46
Start date:	25.05.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://clickers.smartresourceguide.com/?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&ott=-ojzkuprwmac3&stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://clickers.smartresourceguide.com/?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&__ott=-ojzkuprwmac3&__stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://clickers.smartresourceguide.com/?xtl=pic8u2clpu9f53e5q270ip7kcmoawnp35mgwstyth3b5eis5bcegkdxso2ei7be9cklkqxzsdocmfldbr3ksafvmnixne7sb5f2g6ce0w7dyr8yl43mcru2yhluqlrad8y95shey01t0gclif4cciumgxd&ott=-ojzkuprwmac3&stmp=se1yqx&eih=m0t49b2ncx4anwk71c9pajb07la39c9j