Source: https://certified-domain.cloudsurveillance.net/js/external/vimeo.min.js |
Avira URL Cloud: Label: phishing |
Source: https://certified-domain.cloudsurveillance.net/js/external/popper.min.js |
Avira URL Cloud: Label: phishing |
Source: https://certified-domain.cloudsurveillance.net/c361b6b574eaf9adb2fe8b6265ab571605542f7f |
Avira URL Cloud: Label: phishing |
Source: https://certified-domain.cloudsurveillance.net |
Avira URL Cloud: Label: phishing |
Source: https://certified-domain.cloudsurveillance.net/js/external/bootstrap.min.js |
Avira URL Cloud: Label: phishing |
Source: https://certified-domain.cloudsurveillance.net |
LLM: Score: 8 brands: Reasons: The URL 'https://certified-domain.cloudsurveillance.net' is suspicious due to the use of a subdomain and a non-standard top-level domain (TLD) which is often used in phishing attacks. The webpage prominently features a login form asking for email and password without any branding or additional context, which is a common tactic in phishing sites. The lack of a CAPTCHA further raises suspicion as legitimate sites often use CAPTCHA to prevent automated attacks. The domain 'cloudsurveillance.net' does not correspond to any well-known brand, and the use of 'certified-domain' as a subdomain is a social engineering technique to mislead users into thinking the site is legitimate. Therefore, based on these observations, the site is likely a phishing site. DOM: 0.0.pages.csv |
Source: https://player.vimeo.com |
LLM: Score: 7 brands: Vimeo Reasons: The URL 'https://player.vimeo.com' appears to be a legitimate subdomain of Vimeo, a well-known video hosting platform. However, the login form displayed in the image does not match the typical design and branding of Vimeo's login pages. The form is generic and lacks any branding or logos that would typically be present on a legitimate Vimeo login page. This discrepancy, combined with the presence of a prominent login form, suggests the use of social engineering techniques to mislead users into entering their credentials. Therefore, despite the legitimate-looking URL, the site is likely a phishing site. DOM: 3.4.pages.csv |
Source: Yara match |
File source: 0.6.pages.csv, type: HTML |
Source: Yara match |
File source: 0.0.pages.csv, type: HTML |
Source: Yara match |
File source: 0.8.pages.csv, type: HTML |
Source: Yara match |
File source: dropped/chromecache_119, type: DROPPED |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: Iframe src: https://player.vimeo.com/video/316118722 |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: Iframe src: https://player.vimeo.com/video/316118722 |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: Iframe src: https://player.vimeo.com/video/316118722 |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: Number of links: 0 |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: <input type="password" .../> found but no <form action="... |
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nftn9/0x4AAAAAAAbaszMygKLnGbeo/auto/normal |
HTTP Parser: Base64 decoded: http://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nftn9/0x4AAAAAAAbaszMygKLnGbeo/auto/normal |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: Title: does not match URL |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: <input type="password" .../> found |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: No favicon |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: No favicon |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: No favicon |
Source: https://player.vimeo.com/video/316118722 |
HTTP Parser: No favicon |
Source: https://player.vimeo.com/video/316118722 |
HTTP Parser: No favicon |
Source: https://player.vimeo.com/video/316118722 |
HTTP Parser: No favicon |
Source: https://player.vimeo.com/video/316118722 |
HTTP Parser: No favicon |
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nftn9/0x4AAAAAAAbaszMygKLnGbeo/auto/normal |
HTTP Parser: No favicon |
Source: https://player.vimeo.com/video/316118722?turnstile=0.SJVdzMrLaabawR3LwkQcMFBdws1IqH9TUW6LAxmmUhiAzDAN2NBo4WA3s5fGmqvZMy3P759dFHUU3sMvJYkaxhqWzcQU1Gib00f3OHMPcriqHoy7Q128TT5qX7e5BN-5dk-he7loIfjJBhkjnspfgt5RBH6GN5kATZi_cb3PXWm0KRcguMLh1BbzWkl9ykRWhKXTsRTPyP18Z99ivlUVbGWPbtUC2AnUzXLbEpJmGmsbU4Lkk-yIRHbu5jSgvy0iT0mEEo4WWtXNbONSBvVf1OmeUGqG--c0Z9YTm45wyWKsOJ1rpBy1A80SUZMHfEsDnyNDNmR-ufXnZg1iIQmFWzmUHcb1v8j_N_QMO6dS_Jwpgysx_gUuRoj1xu15ghRmE_eRzutDoD13bmy68at8IvIw0Uzz27xqQyCRNmF9xiJlWBmwR2Lk6J_xiJe81HuO.mVvw1ehDSsmIDXRjI9a-Lw.3028c9a87836b37535db85194ef6b8126bb688016e416d791d2b9baf785e7629&ref=https%253A%252F%252Fcertified-domain.cloudsurveillance.net%252F |
HTTP Parser: No favicon |
Source: https://player.vimeo.com/video/316118722?turnstile=0.SJVdzMrLaabawR3LwkQcMFBdws1IqH9TUW6LAxmmUhiAzDAN2NBo4WA3s5fGmqvZMy3P759dFHUU3sMvJYkaxhqWzcQU1Gib00f3OHMPcriqHoy7Q128TT5qX7e5BN-5dk-he7loIfjJBhkjnspfgt5RBH6GN5kATZi_cb3PXWm0KRcguMLh1BbzWkl9ykRWhKXTsRTPyP18Z99ivlUVbGWPbtUC2AnUzXLbEpJmGmsbU4Lkk-yIRHbu5jSgvy0iT0mEEo4WWtXNbONSBvVf1OmeUGqG--c0Z9YTm45wyWKsOJ1rpBy1A80SUZMHfEsDnyNDNmR-ufXnZg1iIQmFWzmUHcb1v8j_N_QMO6dS_Jwpgysx_gUuRoj1xu15ghRmE_eRzutDoD13bmy68at8IvIw0Uzz27xqQyCRNmF9xiJlWBmwR2Lk6J_xiJe81HuO.mVvw1ehDSsmIDXRjI9a-Lw.3028c9a87836b37535db85194ef6b8126bb688016e416d791d2b9baf785e7629&ref=https%253A%252F%252Fcertified-domain.cloudsurveillance.net%252F |
HTTP Parser: No favicon |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: No <meta name="author".. found |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: No <meta name="author".. found |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: No <meta name="author".. found |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: No <meta name="copyright".. found |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: No <meta name="copyright".. found |
Source: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008c |
HTTP Parser: No <meta name="copyright".. found |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries |
Jump to behavior |
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE |
File opened: C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\MSVCR100.dll |
Jump to behavior |
Source: unknown |
HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:49703 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.126.32.136:443 -> 192.168.2.17:49707 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49716 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49719 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.126.32.136:443 -> 192.168.2.17:49720 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49721 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 2.23.209.144:443 -> 192.168.2.17:49723 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:49778 version: TLS 1.2 |
Source: global traffic |
TCP traffic: 192.168.2.17:49717 -> 1.1.1.1:53 |
Source: global traffic |
HTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br |
Source: Joe Sandbox View |
IP Address: 151.101.64.217 151.101.64.217 |
Source: Joe Sandbox View |
IP Address: 146.75.118.109 146.75.118.109 |
Source: Joe Sandbox View |
IP Address: 151.101.192.217 151.101.192.217 |
Source: Joe Sandbox View |
IP Address: 239.255.255.250 239.255.255.250 |
Source: Joe Sandbox View |
JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4 |
Source: Joe Sandbox View |
JA3 fingerprint: 6271f898ce5be7dd52b0fc260d0662b3 |
Source: Joe Sandbox View |
JA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.165.165.26 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.32.136 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=SbBg58W+xeamAoo&MD=W21fK6dr HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /c361b6b574eaf9adb2fe8b6265ab571605542f7f HTTP/1.1Host: service-noreply.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /9eeaa59b-909b-44da-89eb-fd0d929d008c HTTP/1.1Host: certified-domain.cloudsurveillance.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /ab HTTP/1.1Host: evoke-windowsservices-tas.msedge.netCache-Control: no-store, no-cacheX-PHOTOS-CALLERID: 9NMPJ99VJBWVX-EVOKE-RING: X-WINNEXT-RING: PublicX-WINNEXT-TELEMETRYLEVEL: BasicX-WINNEXT-OSVERSION: 10.0.19045.0X-WINNEXT-APPVERSION: 1.23082.131.0X-WINNEXT-PLATFORM: DesktopX-WINNEXT-CANTAILOR: FalseX-MSEDGE-CLIENTID: {c1afbad7-f7da-40f2-92f9-8846a91d69bd}X-WINNEXT-PUBDEVICEID: dbfen2nYS7HW6ON4OdOknKxxv2CCI5LJBTojzDztjwI=If-None-Match: 2056388360_-1434155563Accept-Encoding: gzip, deflate, br |
Source: global traffic |
HTTP traffic detected: GET /js/external/jquery-3.3.1.min.js HTTP/1.1Host: certified-domain.cloudsurveillance.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008cAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlpsWElxcGhidHNxWTVmRUFrRFlIZFE9PSIsInZhbHVlIjoiS0pkQVJIMmpRT0RBS3FML1JGRytZZ3ZVR0RxaFV6QWpPcTZQWUptVTRqUC9sK2dzVGVwaVp3aS9YYnRRUkNobjF4MW5mVFVkR0ZCemE4NHFYU2k0cFhyeDZ3WklLQWZNQTJ6THNwNVpSV1o5QldKbW1HbDJwTFRReEVZRXZmdDQiLCJtYWMiOiJhNjdlMGEyNzMxMGZiMzU1ZTE5ZDIyNmFjODQ2YWE4YmNlNGU0NGMwMjU5NDYyNmU1ZTBjNmZhZGI5ZTFjNjFhIiwidGFnIjoiIn0%3D; bpid_lp_session=AAP2bipBG5bX1MEkGGNeQZ5AvPb5M2ymIipuSoiA |
Source: global traffic |
HTTP traffic detected: GET /js/external/popper.min.js HTTP/1.1Host: certified-domain.cloudsurveillance.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008cAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlpsWElxcGhidHNxWTVmRUFrRFlIZFE9PSIsInZhbHVlIjoiS0pkQVJIMmpRT0RBS3FML1JGRytZZ3ZVR0RxaFV6QWpPcTZQWUptVTRqUC9sK2dzVGVwaVp3aS9YYnRRUkNobjF4MW5mVFVkR0ZCemE4NHFYU2k0cFhyeDZ3WklLQWZNQTJ6THNwNVpSV1o5QldKbW1HbDJwTFRReEVZRXZmdDQiLCJtYWMiOiJhNjdlMGEyNzMxMGZiMzU1ZTE5ZDIyNmFjODQ2YWE4YmNlNGU0NGMwMjU5NDYyNmU1ZTBjNmZhZGI5ZTFjNjFhIiwidGFnIjoiIn0%3D; bpid_lp_session=AAP2bipBG5bX1MEkGGNeQZ5AvPb5M2ymIipuSoiA |
Source: global traffic |
HTTP traffic detected: GET /js/external/bootstrap.min.js HTTP/1.1Host: certified-domain.cloudsurveillance.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008cAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlpsWElxcGhidHNxWTVmRUFrRFlIZFE9PSIsInZhbHVlIjoiS0pkQVJIMmpRT0RBS3FML1JGRytZZ3ZVR0RxaFV6QWpPcTZQWUptVTRqUC9sK2dzVGVwaVp3aS9YYnRRUkNobjF4MW5mVFVkR0ZCemE4NHFYU2k0cFhyeDZ3WklLQWZNQTJ6THNwNVpSV1o5QldKbW1HbDJwTFRReEVZRXZmdDQiLCJtYWMiOiJhNjdlMGEyNzMxMGZiMzU1ZTE5ZDIyNmFjODQ2YWE4YmNlNGU0NGMwMjU5NDYyNmU1ZTBjNmZhZGI5ZTFjNjFhIiwidGFnIjoiIn0%3D; bpid_lp_session=AAP2bipBG5bX1MEkGGNeQZ5AvPb5M2ymIipuSoiA |
Source: global traffic |
HTTP traffic detected: GET /js/external/vimeo.min.js HTTP/1.1Host: certified-domain.cloudsurveillance.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://certified-domain.cloudsurveillance.net/9eeaa59b-909b-44da-89eb-fd0d929d008cAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlpsWElxcGhidHNxWTVmRUFrRFlIZFE9PSIsInZhbHVlIjoiS0pkQVJIMmpRT0RBS3FML1JGRytZZ3ZVR0RxaFV6QWpPcTZQWUptVTRqUC9sK2dzVGVwaVp3aS9YYnRRUkNobjF4MW5mVFVkR0ZCemE4NHFYU2k0cFhyeDZ3WklLQWZNQTJ6THNwNVpSV1o5QldKbW1HbDJwTFRReEVZRXZmdDQiLCJtYWMiOiJhNjdlMGEyNzMxMGZiMzU1ZTE5ZDIyNmFjODQ2YWE4YmNlNGU0NGMwMjU5NDYyNmU1ZTBjNmZhZGI5ZTFjNjFhIiwidGFnIjoiIn0%3D; bpid_lp_session=AAP2bipBG5bX1MEkGGNeQZ5AvPb5M2ymIipuSoiA |
Source: global traffic |
HTTP traffic detected: GET /client/config?cc=CH&setlang=en-CH HTTP/1.1X-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-UserAgeClass: UnknownX-BM-Market: CHX-BM-DateFormat: dd/MM/yyyyX-Device-OSSKU: 48X-BM-DTZ: -240X-DeviceID: 01000A41090080B6X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDYAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAad2EE00hv9%2B3VQIdgEwOqPMsv2tiH5XFm1vo0DuND9DV8CE3tcN%2BRx0YrnYEWh6fMXQAbAQSTBvbLxMCIHIK87MAgFwjuPzELp9r5dSz2/%2BY9K0DMk6NLGaj3LQs%2BqyfvkLNp3%2BCqSyeClXAsNFO%2BPTsETB8LAMT3ar5ImhYwYqWtc5EI%2BkWYy7BadA2W5XJ2EO2gwhA9TKiLkCjYwMvjxcHGNoGmPK/EA6bbfRfddOnoSGk0v43%2BdYQWMd3tTrjRDw97scwXbTZRfzpG2Lki1yW3W1xeVIkE/ELDnc3OtWjRHti0Z2IiFg3DuvW5y/aYwn94n4biQ2ocQeehFmNFQDZgAACKQMqZ0DB8saqAESC62n9WbS9l2iIhCan%2B4kLlErxXGttsAr0EGOZq2FzrPLG4mVPC1GVwlRYiAM6RJhYHE0bsgdLMPrbCBIcwf7EEs9SO36XeFcMwNPhFA6w7sJuJOnBGfNeg4te8ML49TqQnuub3n2LsHQwa6zGTCjqqC9DaxMaw6%2BkRVB9zHgorLPfbNFfjljk616OKEiOTLE%2Br0QJ%2BhhRRyS8qIdGbuMF3jE7vvBYV3BM9%2B0IeApMhPqY3KtM2csTmw8ljJVm3%2Bq%2B1QlWMSdvt3VxmQgP9tfyjGju/IH6WoEYenR4rZO4hs6M6P8jyTwttK/eiMt5KMETBsZibLkXyHO7o2DhfCYeSDTMpaYshctVbZmCi2u45mNgyN7pa/eEndVKrxrJGPTdjOy2%2B0Lga/WKHjDer9S/nBSdb7jusdy2xYBnpUsJgtCmy7NN0HdqSVXypfHOrBQTgNOzaXAnSqBDE0oPvTC/6IIRHqFhISVInJLZ7vdO7kymee7SYUFxmxymb6R7D%2BqczwSvMgQ8Hh4mFCwQYayUII3ovq%2B7WhhSvMRyM9VJMfIceGL6pbd1wE%3D%26p%3DX-Agent-DeviceId: 01000A41090080B6X-BM-CBT: 1720020886User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045X-Device-isOptin: falseAccept-language: en-GB, en, en-USX-Device-Touch: falseX-Device-ClientSession: 1FDCDDA7E56743DEB8C9199704826469X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIHost: www.bing.comConnection: Keep-AliveCookie: SRCHUID=V=2&GUID=C4EAB6C130004333A34B5668AE4E4D10&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=en; MUID=4 |