Windows Analysis Report
https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/gallery

Overview

General Information

Sample URL:	https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/gallery
Analysis ID:	1467123
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Found iframes

HTML body contains low number of good links

HTML title does not match URL

Classification

Signatures

Found iframes

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: Iframe src: https://td.doubleclick.net/td/ga/rul?tid=G-WFQFFZ86BQ&gacid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=419836533
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: Iframe src: https://td.doubleclick.net/td/ga/rul?tid=G-WFQFFZ86BQ&gacid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=419836533
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: Iframe src: https://td.doubleclick.net/td/ga/rul?tid=G-WFQFFZ86BQ&gacid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=419836533

HTML body contains low number of good links

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery

HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery

HTTP Parser: Title: GERFLOR Finance Seminar does not match URL

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No favicon
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No favicon
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No favicon

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No <meta name="copyright".. found
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No <meta name="copyright".. found
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /-gerflorfinanceseminar/gallery HTTP/1.1Host: fannyvanphoto.pic-time.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery HTTP/1.1Host: fannyvanphoto.pic-time.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/ga/rul?tid=G-WFQFFZ86BQ&gacid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=419836533 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fannyvanphoto.pic-time.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: fannyvanphoto.pic-time.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgalleryAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.2102428525.1720022653; _ga_WFQFFZ86BQ=GS1.1.1720022653.1.0.1720022653.60.0.0; _ga=GA1.1.1368140035.1720022653
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: fannyvanphoto.pic-time.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.2102428525.1720022653; _ga_WFQFFZ86BQ=GS1.1.1720022653.1.0.1720022653.60.0.0; _ga=GA1.1.1368140035.1720022653

Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: os","youTube":"Youtube","vimeo":"Vimeo","noTranslation":{"youtubeVideoTemplate":"https://www.youtube.com/embed/{0}","vimeoVideoTemplate":"https://player.vimeo.com/video/{0}?h={1}&autoplay=0&badge=0&byline=0","animotoVideoTemplate":"https://s3.amazonaws.com/embed.animoto.com/play.html?f={0}&start_res=720p"},"uploadFrom":"De","finish":"Terminer","copyYouTube":"Copiez le lien \"Partager cette vid equals www.youtube.com (Youtube)
Source: chromecache_66.2.dr	String found in binary or memory: paymentRegisterUrl:"/!payform?userName={username}&addressLine1={addressLine1}&addressLine2={addressLine2}&city={city}&zip={zip}&state={state}&country={country}&phone={phone}",payment2RegisterUrl:"/!payform2?userName={username}&addressLine1={addressLine1}&addressLine2={addressLine2}&city={city}&zip={zip}&state={state}&country={country}&phone={phone}",youtubeThumb:"//img.youtube.com/vi/[youtubeId]/0.jpg",youtubeEmbed:"//www.youtube.com/embed/[youtubeId]?autoplay=1",vimeoEmbed:"//player.vimeo.com/video/[vimeoId]?h=[vimeoSecurity]&autoplay=1&badge=0&byline=0", equals www.youtube.com (Youtube)
Source: chromecache_84.2.dr, chromecache_75.2.dr	String found in binary or memory: return b}BC.J="internal.enableAutoEventOnTimer";var jc=ka(["data-gtm-yt-inspected-"]),DC=["www.youtube.com","www.youtube-nocookie.com"],EC,FC=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: fannyvanphoto.pic-time.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net

Source: unknown

HTTP traffic detected: POST /g/collect?v=2&tid=G-WFQFFZ86BQ&cid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://fannyvanphoto.pic-time.comX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://fannyvanphoto.pic-time.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_80.2.dr	String found in binary or memory: Http://bugs.jqueryui.com/ticket/9446
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/category/effects-core/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/data-selector/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/disableSelection/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/draggable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/droppable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/focusable-selector/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/form-reset-mixin/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.ui.keyCode/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.widget/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/labels/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/mouse/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/resizable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/scrollParent/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/selectable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/sortable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/tabbable-selector/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/uniqueId/
Source: chromecache_87.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: chromecache_87.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/13378
Source: chromecache_87.2.dr	String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: chromecache_87.2.dr	String found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: chromecache_87.2.dr	String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: chromecache_87.2.dr	String found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: chromecache_87.2.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_80.2.dr, chromecache_87.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/draggable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/droppable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/effect/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/position/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/resizable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/selectable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/sortable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/widget/
Source: chromecache_80.2.dr	String found in binary or memory: http://jsfiddle.net/JZSMt/3/
Source: chromecache_87.2.dr	String found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: chromecache_87.2.dr	String found in binary or memory: http://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_86.2.dr	String found in binary or memory: http://schema.org
Source: chromecache_87.2.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_81.2.dr	String found in binary or memory: http://typography.com.
Source: chromecache_87.2.dr	String found in binary or memory: http://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_87.2.dr	String found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: chromecache_80.2.dr	String found in binary or memory: http://www.robertpenner.com/easing)
Source: chromecache_75.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_80.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=107380
Source: chromecache_87.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_87.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_87.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: chromecache_80.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=561664
Source: chromecache_87.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: chromecache_87.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_84.2.dr, chromecache_75.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_66.2.dr	String found in binary or memory: https://clientlocal.pic-time.com
Source: chromecache_87.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=378607
Source: chromecache_87.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=449857
Source: chromecache_87.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=470258
Source: chromecache_80.2.dr	String found in binary or memory: https://code.google.com/p/maashaack/source/browse/packages/graphics/trunk/src/graphics/colors/HUE2RG
Source: chromecache_87.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_87.2.dr	String found in binary or memory: https://developer.mozilla.org/en/Security/CSP)
Source: chromecache_80.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_86.2.dr	String found in binary or memory: https://fannyvandecandelaere.com
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfYAhTM_I.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfYQhTM_I.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlpogwHKFkZgtmSR3NB0oRJfajhRK_Y.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlpogwHKFkZgtmSR3NB0oRJfajheK_Zt3Q.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlpogwHKFkZgtmSR3NB0oRJfajhfK_Zt3Q.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GA9NQ5LE.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GAtNQ5LE.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GDNNQ.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJXsCxGA9NQ5LE.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJXsCxGAtNQ5LE.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJXsCxGDNNQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0w8mIEDQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0ycmIEDQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0ysmIEDQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0-ExdGM.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0yExdGM.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OOtLQ0Z.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCCwR26eg.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCIwR26eg.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCLwR26eg.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiBW_3QRQ.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiIW_3QRQ.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiLW_3QRQ.woff2)
Source: chromecache_80.2.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_80.2.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/e539bac79e666bba95bba86d690b4e609dca2286/src/selector/escapeSe
Source: chromecache_87.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_87.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: chromecache_87.2.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_87.2.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_75.2.dr	String found in binary or memory: https://google.com
Source: chromecache_75.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://help.pic-time.com/en/articles/7905508-how-do-i-set-up-art-gallery-pricing/
Source: chromecache_87.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://intercom.help/photo-gallery/en/articles/9092218-how-can-i-activate-the-ai-photo-search
Source: chromecache_66.2.dr	String found in binary or memory: https://my.tempsite.temp
Source: chromecache_66.2.dr	String found in binary or memory: https://my.tempsite.temp/
Source: chromecache_75.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_84.2.dr, chromecache_75.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_86.2.dr	String found in binary or memory: https://pictime5neu1public-m.azureedge.net/pictures/39/486/39486841/homepage/homepage.jpg?rs=1336405
Source: chromecache_86.2.dr	String found in binary or memory: https://pictimecloudaf-e.azureedge.net/pictures/scripts/compiled/frontend_base.js?Ts=7/3/2024
Source: chromecache_86.2.dr	String found in binary or memory: https://pictimecloudaf-e.azureedge.net/pictures/scripts/compiled/pack_login.js?Ts=7/3/2024
Source: chromecache_86.2.dr	String found in binary or memory: https://pictimecloudaf-e.azureedge.net/pictures/scripts/compiled/pack_projectbase.js?Ts=7/3/2024
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://player.vimeo.com/video/
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://s3.amazonaws.com/embed.animoto.com/play.html?f=
Source: chromecache_66.2.dr	String found in binary or memory: https://static.pic-time.com
Source: chromecache_66.2.dr	String found in binary or memory: https://static.portraits.com
Source: chromecache_84.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_84.2.dr, chromecache_75.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_72.2.dr	String found in binary or memory: https://use.typekit.net/swz4kaf.js
Source: chromecache_75.2.dr	String found in binary or memory: https://www.clarity.ms
Source: chromecache_75.2.dr	String found in binary or memory: https://www.clarity.ms/tag/
Source: chromecache_75.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_75.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_66.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=$
Source: chromecache_75.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_75.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_75.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_86.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-WFQFFZ86BQ
Source: chromecache_86.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_84.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_78.2.dr	String found in binary or memory: https://www.pic-time.com
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.youtube.com/embed/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/44@12/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1968 --field-trial-handle=1888,i,7521391653640884176,2490811317560230940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/gallery"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1968 --field-trial-handle=1888,i,7521391653640884176,2490811317560230940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
216.58.206.34	td.doubleclick.net	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.196	www.google.com	United States	15169	GOOGLEUS	false
142.250.184.206	analytics.google.com	United States	15169	GOOGLEUS	false
142.251.173.156	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
52.191.249.70	fannyvanphoto.pic-time.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
fannyvanphoto.pic-time.com	52.191.249.70	true
www.google.com	142.250.185.196	true
analytics.google.com	142.250.184.206	true
td.doubleclick.net	216.58.206.34	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
stats.g.doubleclick.net	142.251.173.156	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://td.doubleclick.net/td/ga/rul?tid=G-WFQFFZ86BQ&gacid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=419836533	false		unknown
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WFQFFZ86BQ&cid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0	false	Avira URL Cloud: safe	unknown
https://fannyvanphoto.pic-time.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	false		unknown
https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/gallery	false		unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 64	ASCII text, with very long lines (1877), with CRLF, LF line terminators	1BAF713A37C98BC5B937A3B6F4985066	0AA45F9126C5FBAB6AEBB75E283F987CB4A39199	7022F629795F5663A2D2AC961AF08607A8214EB3510E86038F6E1A9F01CEA7B2
Chrome Cache Entry: 65	JSON data	8C4117ECADA769554C5A2B75F8F33E31	1A0798A26B6B7C5A4FF5C2B2262759687087452A	C0D9E4043F8DECA7CBCE7FCB4A87E47E5C6547A0E12D8C0D95398F078F45E21A
Chrome Cache Entry: 66	ASCII text, with very long lines (551), with CRLF, LF line terminators	073EEE0A04C085AE1C2A54BD7BEB5AE9	E952B5849B998DD44DC6FEBAEFCD05C276E860BF	0FD4B4030ED7F63E4A9AAA25A78674B791D0A59C79F9880D0D45D5E5A7C09172
Chrome Cache Entry: 67	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	4A373BAFC5400FC34D09EB45B885D5A6	EA831ADD10D21C50CB62035CBC32F68C9BEEBA2F	340F207CCD09B1205507ED74EA5CF96BDE3B88E185560C34334BB13B72C9A5F2
Chrome Cache Entry: 68	JSON data	8C4117ECADA769554C5A2B75F8F33E31	1A0798A26B6B7C5A4FF5C2B2262759687087452A	C0D9E4043F8DECA7CBCE7FCB4A87E47E5C6547A0E12D8C0D95398F078F45E21A
Chrome Cache Entry: 69	SVG Scalable Vector Graphics image	631CB749F4114AE8F3345D7C12ED8E5D	0178CFFA82CAA8301157BF314B68F807FBB97C0A	83C38BEEF2E52B0DDEFFC6284A0E5D33678C290D56DD524BB19B285A2C995D1C
Chrome Cache Entry: 70	ASCII text, with CRLF, LF line terminators	C3320577886E8B97384F55216DB23FCF	6BE41BC7C0EF9E5E410654126FE632247C5737A3	963F879358B8B476FCDE3C2F39284CE81156DF2327B7D0F8DD58F5200791BD74
Chrome Cache Entry: 71	ASCII text	B701861896A4CD2716442D29E9DBE69D	471BA4F4D36C453DD28A7020CD06BE7F75F2079B	4F39D6209A6244DD36BFCE35B5D680B70F1134FCEAFE0AC53824CF5AF25A0378
Chrome Cache Entry: 72	ASCII text, with very long lines (1472), with CRLF, LF line terminators	1AE5092FB681D4C76F75467A2D3EF346	E1737D73BA3CC1FF092759FC2D5B5760F2B5F40B	B7D39401AE41182689201B44CCC19AAC9F324658B464163403ED97A5941EEF5D
Chrome Cache Entry: 73	JSON data	214952A5FF5287C768DFBE80538176AB	D0441362ADB32B6BF3C4B75331FEFA057FEB6E0A	50AC6E19B41F2D1CBE99FFF03F265EE7FE9AF15DC0BA523632CDFA65BEAD5F65
Chrome Cache Entry: 74	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	4A373BAFC5400FC34D09EB45B885D5A6	EA831ADD10D21C50CB62035CBC32F68C9BEEBA2F	340F207CCD09B1205507ED74EA5CF96BDE3B88E185560C34334BB13B72C9A5F2
Chrome Cache Entry: 75	ASCII text, with very long lines (23881)	E75CCD37BF5AC1248214BDB3CD419D64	C8631BE363C39511A3ABA958E3398952968F4E84	EBB6493F4490065615835E4A159732F1E3A49F45C168499FFF42CDD7D5F778BC
Chrome Cache Entry: 76	ASCII text, with very long lines (346), with CRLF, LF line terminators	E9923DB9CA8E685CCDA5C446ED3C1E69	1C4546801CFFEA590AC78415142E8A51A3E2CF68	E90D6880F9AA12F1ECD7024C9C6DF1D6BE1DB098FE39483A44995B3D0FC1444B
Chrome Cache Entry: 77	ASCII text	8E1BAFDBF7B938D92C7F93360B761678	DC90FDCBD8C6FE8AB553EB78FAD634D891183A27	7B3720CB1C9BA24A5A72175E9EA11CDA5BB2EE812A8707C8F5B2DB4DA403421B
Chrome Cache Entry: 78	JSON data	214952A5FF5287C768DFBE80538176AB	D0441362ADB32B6BF3C4B75331FEFA057FEB6E0A	50AC6E19B41F2D1CBE99FFF03F265EE7FE9AF15DC0BA523632CDFA65BEAD5F65
Chrome Cache Entry: 79	ASCII text, with very long lines (621), with CRLF, LF line terminators	3FFED010C572FDB14C23BFC1CF8FED08	43E61AC17DC161FD5ABADB70F324799B6064C472	7C75F5C3EDF8B2686E556519CEA0CBD10D24E7ADD75CF23048BE9341630BB5C4
Chrome Cache Entry: 80	ASCII text, with very long lines (324)	7618C4BC12B1614B750F4F27617B8707	26A00AFE23048909C7B0C98BDA6DF61C9235830C	981702D3D509B1E7239D70D2FDD54F7B3A7AE1DDC56973303CD5CB1C40DE6989
Chrome Cache Entry: 81	ASCII text, with very long lines (64729)	41143AE6AC954CD23DFA8A9CD81B2E12	6D06733AC653DFA27B941CA6D12680D003577DA9	6C37284F01CBB48370038504C88317D305B20EA90BB9F4320BB49FA065FB066E
Chrome Cache Entry: 82	SVG Scalable Vector Graphics image	631CB749F4114AE8F3345D7C12ED8E5D	0178CFFA82CAA8301157BF314B68F807FBB97C0A	83C38BEEF2E52B0DDEFFC6284A0E5D33678C290D56DD524BB19B285A2C995D1C
Chrome Cache Entry: 83	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 84	ASCII text, with very long lines (7973)	D84CB5EA137D03231141509C71EE3B93	BB367B7554BBCD19B8DFC10DC637E22CF9003BE6	4C9BB04037AF6DC589EA5DAADDD71590D62BEEF189865341A70EFC1657801D7B
Chrome Cache Entry: 85	ASCII text	9880756908DDFC4E086321CF737E3377	257A48CD6306C3B3AFEB5876B467B9D4B6E54C79	693B13680DFA2C3FA4A627AE1174D3925F8DD394B22144AA0123D8BD2DF813DB
Chrome Cache Entry: 86	HTML document, ASCII text, with very long lines (9287), with CRLF line terminators	51A9B62330FB292BB8CC70E100B1D14E	6E59E55619224436B3FF9357370FAE632842C333	EC70EE1F8B26EE32093302EE6504B3CDD408CE08DC6629618CD4DEAAEDCDBF7B
Chrome Cache Entry: 87	ASCII text	91B2F639B60598E64C3FE350ACEAAACD	B44C579CF3B5D7F05945B4FC79D2C034183E5F90	F840A77B628BD61D5C2EE14369F47BD70F7DF23929D8A92DFF02A0938E992A92

Found iframes

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: Iframe src: https://td.doubleclick.net/td/ga/rul?tid=G-WFQFFZ86BQ&gacid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=419836533
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: Iframe src: https://td.doubleclick.net/td/ga/rul?tid=G-WFQFFZ86BQ&gacid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=419836533
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: Iframe src: https://td.doubleclick.net/td/ga/rul?tid=G-WFQFFZ86BQ&gacid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=419836533

HTML body contains low number of good links

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery

HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery

HTTP Parser: Title: GERFLOR Finance Seminar does not match URL

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No favicon
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No favicon
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No favicon

Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No <meta name="copyright".. found
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No <meta name="copyright".. found
Source: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /-gerflorfinanceseminar/gallery HTTP/1.1Host: fannyvanphoto.pic-time.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgallery HTTP/1.1Host: fannyvanphoto.pic-time.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/ga/rul?tid=G-WFQFFZ86BQ&gacid=1368140035.1720022653&gtm=45je4710v9117459707z8812675860za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=419836533 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fannyvanphoto.pic-time.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: fannyvanphoto.pic-time.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/login?&redirect_back=%2f-gerflorfinanceseminar%2fgalleryAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.2102428525.1720022653; _ga_WFQFFZ86BQ=GS1.1.1720022653.1.0.1720022653.60.0.0; _ga=GA1.1.1368140035.1720022653
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: fannyvanphoto.pic-time.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.2102428525.1720022653; _ga_WFQFFZ86BQ=GS1.1.1720022653.1.0.1720022653.60.0.0; _ga=GA1.1.1368140035.1720022653

Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: os","youTube":"Youtube","vimeo":"Vimeo","noTranslation":{"youtubeVideoTemplate":"https://www.youtube.com/embed/{0}","vimeoVideoTemplate":"https://player.vimeo.com/video/{0}?h={1}&autoplay=0&badge=0&byline=0","animotoVideoTemplate":"https://s3.amazonaws.com/embed.animoto.com/play.html?f={0}&start_res=720p"},"uploadFrom":"De","finish":"Terminer","copyYouTube":"Copiez le lien \"Partager cette vid equals www.youtube.com (Youtube)
Source: chromecache_66.2.dr	String found in binary or memory: paymentRegisterUrl:"/!payform?userName={username}&addressLine1={addressLine1}&addressLine2={addressLine2}&city={city}&zip={zip}&state={state}&country={country}&phone={phone}",payment2RegisterUrl:"/!payform2?userName={username}&addressLine1={addressLine1}&addressLine2={addressLine2}&city={city}&zip={zip}&state={state}&country={country}&phone={phone}",youtubeThumb:"//img.youtube.com/vi/[youtubeId]/0.jpg",youtubeEmbed:"//www.youtube.com/embed/[youtubeId]?autoplay=1",vimeoEmbed:"//player.vimeo.com/video/[vimeoId]?h=[vimeoSecurity]&autoplay=1&badge=0&byline=0", equals www.youtube.com (Youtube)
Source: chromecache_84.2.dr, chromecache_75.2.dr	String found in binary or memory: return b}BC.J="internal.enableAutoEventOnTimer";var jc=ka(["data-gtm-yt-inspected-"]),DC=["www.youtube.com","www.youtube-nocookie.com"],EC,FC=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: fannyvanphoto.pic-time.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net

Source: unknown

Source: chromecache_80.2.dr	String found in binary or memory: Http://bugs.jqueryui.com/ticket/9446
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/category/effects-core/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/data-selector/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/disableSelection/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/draggable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/droppable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/focusable-selector/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/form-reset-mixin/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.ui.keyCode/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.widget/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/labels/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/mouse/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/resizable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/scrollParent/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/selectable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/sortable/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/tabbable-selector/
Source: chromecache_80.2.dr	String found in binary or memory: http://api.jqueryui.com/uniqueId/
Source: chromecache_87.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: chromecache_87.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/13378
Source: chromecache_87.2.dr	String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: chromecache_87.2.dr	String found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: chromecache_87.2.dr	String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: chromecache_87.2.dr	String found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: chromecache_87.2.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_80.2.dr, chromecache_87.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/draggable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/droppable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/effect/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/position/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/resizable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/selectable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/sortable/
Source: chromecache_80.2.dr	String found in binary or memory: http://jqueryui.com/widget/
Source: chromecache_80.2.dr	String found in binary or memory: http://jsfiddle.net/JZSMt/3/
Source: chromecache_87.2.dr	String found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: chromecache_87.2.dr	String found in binary or memory: http://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_86.2.dr	String found in binary or memory: http://schema.org
Source: chromecache_87.2.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_81.2.dr	String found in binary or memory: http://typography.com.
Source: chromecache_87.2.dr	String found in binary or memory: http://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_87.2.dr	String found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: chromecache_80.2.dr	String found in binary or memory: http://www.robertpenner.com/easing)
Source: chromecache_75.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_80.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=107380
Source: chromecache_87.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_87.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_87.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: chromecache_80.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=561664
Source: chromecache_87.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: chromecache_87.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_84.2.dr, chromecache_75.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_66.2.dr	String found in binary or memory: https://clientlocal.pic-time.com
Source: chromecache_87.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=378607
Source: chromecache_87.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=449857
Source: chromecache_87.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=470258
Source: chromecache_80.2.dr	String found in binary or memory: https://code.google.com/p/maashaack/source/browse/packages/graphics/trunk/src/graphics/colors/HUE2RG
Source: chromecache_87.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_87.2.dr	String found in binary or memory: https://developer.mozilla.org/en/Security/CSP)
Source: chromecache_80.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_86.2.dr	String found in binary or memory: https://fannyvandecandelaere.com
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfYAhTM_I.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfYQhTM_I.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlpogwHKFkZgtmSR3NB0oRJfajhRK_Y.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlpogwHKFkZgtmSR3NB0oRJfajheK_Zt3Q.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlpogwHKFkZgtmSR3NB0oRJfajhfK_Zt3Q.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GA9NQ5LE.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GAtNQ5LE.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GDNNQ.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJXsCxGA9NQ5LE.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJXsCxGAtNQ5LE.woff2)
Source: chromecache_71.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJXsCxGDNNQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0w8mIEDQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0ycmIEDQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0ysmIEDQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0-ExdGM.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0yExdGM.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OOtLQ0Z.woff2)
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCCwR26eg.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCIwR26eg.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCLwR26eg.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiBW_3QRQ.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiIW_3QRQ.woff2)
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiLW_3QRQ.woff2)
Source: chromecache_80.2.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_80.2.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/e539bac79e666bba95bba86d690b4e609dca2286/src/selector/escapeSe
Source: chromecache_87.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_87.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: chromecache_87.2.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_87.2.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_75.2.dr	String found in binary or memory: https://google.com
Source: chromecache_75.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://help.pic-time.com/en/articles/7905508-how-do-i-set-up-art-gallery-pricing/
Source: chromecache_87.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://intercom.help/photo-gallery/en/articles/9092218-how-can-i-activate-the-ai-photo-search
Source: chromecache_66.2.dr	String found in binary or memory: https://my.tempsite.temp
Source: chromecache_66.2.dr	String found in binary or memory: https://my.tempsite.temp/
Source: chromecache_75.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_84.2.dr, chromecache_75.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_86.2.dr	String found in binary or memory: https://pictime5neu1public-m.azureedge.net/pictures/39/486/39486841/homepage/homepage.jpg?rs=1336405
Source: chromecache_86.2.dr	String found in binary or memory: https://pictimecloudaf-e.azureedge.net/pictures/scripts/compiled/frontend_base.js?Ts=7/3/2024
Source: chromecache_86.2.dr	String found in binary or memory: https://pictimecloudaf-e.azureedge.net/pictures/scripts/compiled/pack_login.js?Ts=7/3/2024
Source: chromecache_86.2.dr	String found in binary or memory: https://pictimecloudaf-e.azureedge.net/pictures/scripts/compiled/pack_projectbase.js?Ts=7/3/2024
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://player.vimeo.com/video/
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://s3.amazonaws.com/embed.animoto.com/play.html?f=
Source: chromecache_66.2.dr	String found in binary or memory: https://static.pic-time.com
Source: chromecache_66.2.dr	String found in binary or memory: https://static.portraits.com
Source: chromecache_84.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_84.2.dr, chromecache_75.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_72.2.dr	String found in binary or memory: https://use.typekit.net/swz4kaf.js
Source: chromecache_75.2.dr	String found in binary or memory: https://www.clarity.ms
Source: chromecache_75.2.dr	String found in binary or memory: https://www.clarity.ms/tag/
Source: chromecache_75.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_75.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_66.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=$
Source: chromecache_75.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_75.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_75.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_86.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-WFQFFZ86BQ
Source: chromecache_86.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_84.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_78.2.dr	String found in binary or memory: https://www.pic-time.com
Source: chromecache_73.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.youtube.com/embed/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/44@12/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1968 --field-trial-handle=1888,i,7521391653640884176,2490811317560230940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/gallery"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1968 --field-trial-handle=1888,i,7521391653640884176,2490811317560230940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1467123
Product:	CloudBasic
Start time:	18:03:16
Start date:	03.07.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/gallery

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/gallery

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://fannyvanphoto.pic-time.com/-gerflorfinanceseminar/gallery