Windows Analysis Report
https://yungbucksbbq.com/portbiz/

Overview

General Information

Sample URL:	https://yungbucksbbq.com/portbiz/
Analysis ID:	1580537
Infos:

Detection

HTMLPhisher

Score:	84
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Suricata IDS alerts for network traffic

Yara detected HtmlPhish10

AI detected suspicious Javascript

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML title does not match URL

Invalid 'copyright' link found

Invalid 'forgot password' link found

Invalid T&C link found

Suspicious form URL found

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://yungbucksbbq.com/portbiz/	Avira URL Cloud: detection malicious, Label: phishing
Source: https://yungbucksbbq.com/portbiz/	SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://yungbucksbbq.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/cdn-cgi/challenge-platform/h/b/jsd/r/8f7506295d20727b	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/icons/blugov-left-chevron-dark.svg	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/css/mgv2-application.css	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/css/css.css	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/icons/icon-blugov-info.svg	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/css/blugov.css	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/images/myGov-cobranded-logo-white.svg	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/images/myGov-cobranded-logo-black.svg	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://yungbucksbbq.com/portbiz/	Joe Sandbox AI: Score: 9 Reasons: The brand 'Australian Government' is well-known and typically associated with the domain 'australia.gov.au'., The URL 'yungbucksbbq.com' does not match the legitimate domain associated with the Australian Government., The domain 'yungbucksbbq.com' appears unrelated to the Australian Government and does not contain any recognizable elements of the legitimate domain., The presence of input fields for 'Username or email' and 'Password' on an unrelated domain is a common phishing tactic. DOM: 1.3.pages.csv
Source: https://yungbucksbbq.com/portbiz/#	Joe Sandbox AI: Score: 9 Reasons: The brand 'Australian Government' is well-known and typically associated with the domain 'australia.gov.au'., The URL 'yungbucksbbq.com' does not match the legitimate domain associated with the Australian Government., The URL 'yungbucksbbq.com' appears unrelated to the Australian Government and does not contain any recognizable elements of the legitimate domain., The presence of input fields for 'Username or email' and 'Password' on an unrelated domain is suspicious and indicative of a phishing attempt. DOM: 2.5.pages.csv

Yara detected HtmlPhish10

Source: Yara match	File source: 1.3.pages.csv, type: HTML
Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_79, type: DROPPED

AI detected suspicious Javascript

Source: 0.1.id.script.csv	Joe Sandbox AI: Detected suspicious JavaScript with source url: https://yungbucksbbq.com/portbiz/... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to potentially malicious domains. The use of an iframe to load additional scripts and the obfuscation of the script's purpose raise significant security concerns. While the script may have a legitimate purpose, such as implementing a security challenge, the overall behavior is highly suspicious and poses a high risk of malicious activity.
Source: 0.0.id.script.csv	Joe Sandbox AI: Detected suspicious JavaScript with source url: https://yungbucksbbq.com/portbiz/... This script demonstrates several high-risk behaviors, including dynamic code execution via `eval()` and obfuscated code. It also sets a cookie with a long expiration date, which could be used for potential data exfiltration. The script appears to be testing for the presence of various headless browser and automation tools, suggesting it may have malicious intent. Overall, this script poses a significant security risk and should be treated with caution.
Source: 0.4.id.script.csv	Joe Sandbox AI: Detected suspicious JavaScript with source url: https://yungbucksbbq.com/portbiz/... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to potentially malicious domains. The use of an iframe to load additional scripts and the obfuscation of the script's purpose raise significant security concerns. While the script may have a legitimate purpose, such as implementing a security challenge, the overall behavior is highly suspicious and poses a high risk of malicious activity.

HTML body contains low number of good links

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Base64 decoded: 1735089785.000000

HTML title does not match URL

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Title: Sign in with myGov - myGov does not match URL

Invalid 'copyright' link found

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Invalid link: Copyright

Invalid 'forgot password' link found

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Invalid link: Forgot password

Invalid T&C link found

Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: Invalid link: Help
Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: Invalid link: Terms of use
Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: Invalid link: Privacy and security
Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: Invalid link: Accessibility

Suspicious form URL found

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Form action: log2.php

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: <input type="password" .../> found

Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: No favicon
Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: No favicon

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: No <meta name="author".. found

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: No <meta name="copyright".. found

Networking

Suricata IDS alerts for network traffic

Source: Network traffic

Suricata IDS: 2053843 - Severity 1 - ET PHISHING MyGovAU Credential Phish Landing Page 2024-06-24 : 104.21.112.1:443 -> 192.168.2.4:49747

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /portbiz/ HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /portbiz/ HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA
Source: global traffic	HTTP traffic detected: GET /portbiz/css/css.css HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://yungbucksbbq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://yungbucksbbq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://yungbucksbbq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://yungbucksbbq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /portbiz/css/mgv2-application.css HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/css/blugov.css HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/images/myGov-cobranded-logo-black.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/images/myGov-cobranded-logo-white.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /portbiz/icons/blugov-left-chevron-dark.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/css/blugov.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /portbiz/images/myGov-cobranded-logo-black.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/images/myGov-cobranded-logo-white.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/icons/icon-blugov-info.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/css/blugov.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js? HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js? HTTP/1.1Host: yungbucksbbq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/8f7506295d20727b HTTP/1.1Host: yungbucksbbq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: yungbucksbbq.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: stackpath.bootstrapcdn.com

Source: unknown

HTTP traffic detected: POST /portbiz/ HTTP/1.1Host: yungbucksbbq.comConnection: keep-aliveContent-Length: 22sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-TimeStamp-Expire: KFi17VeScpBaMNNnaVIgMfPVFWc: 44363248sec-ch-ua-mobile: ?0X-Requested-TimeStamp-Combination: X-Requested-Type-Combination: GETContent-type: application/x-www-form-urlencodedX-Requested-Type: GETUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-Requested-with: XMLHttpRequestX-Requested-TimeStamp: sec-ch-ua-platform: "Windows"Accept: */*Origin: https://yungbucksbbq.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 25 Dec 2024 01:23:13 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: HITAge: 125556Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnI6lQniSES7VQMEKssjvhdkcA2UhdB9eAL7ETrMBffH6PzP6MFWIHqSFe8qdACGJ8LwyJRUxQH3ymGn0S%2F8AUxMHQ6a1dTy0rSZkVaNM9RBTwqmrpPgLTGZBmxDU1ADhT23"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8f75064c5f11727b-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1861&min_rtt=1852&rtt_var=714&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2840&recv_bytes=1672&delivery_rate=1512169&cwnd=232&unsent_bytes=0&cid=f10382e9308d7d04&ts=1355&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 25 Dec 2024 01:23:16 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: HITAge: 125559Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQKD6%2FE1L43FiYY9RUqYV%2B9GFUtR6Oc92WratzqVo9SDtmwZVUQ59rmR1I4WNw0gjHFnm07wZ06kOp7Btgx%2BTfxdbbycJjUU0Gmm9ipN58HDaySnVEm3nmjn0ltaOb5nZQRT"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8f75065c48cc43b3-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1602&min_rtt=1593&rtt_var=604&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2840&recv_bytes=1664&delivery_rate=1833019&cwnd=198&unsent_bytes=0&cid=85e5327e084b8ac6&ts=452&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 25 Dec 2024 01:23:19 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: HITAge: 144119Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAvOKoDfy1rHRiV%2F1HZdNRcubJkVzbzRRueR%2BApUay%2FU2r1ojCDAYKL00B1AIceZk%2B76QHkHWL8MS6pUgzsl70kcgZgREWodHkwomc8H7ZiYRLOeKLJS%2B5As%2FjZNYJxirN0A"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8f75066eef700f5b-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1632&min_rtt=1626&rtt_var=622&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2841&recv_bytes=1627&delivery_rate=1742243&cwnd=218&unsent_bytes=0&cid=b83b0f0d999049fe&ts=458&x=0"

Source: chromecache_75.1.dr	String found in binary or memory: http://getharvest.com
Source: chromecache_86.1.dr, chromecache_84.1.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_79.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: chromecache_79.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: chromecache_79.1.dr	String found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WRhyyTh89ZNpQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WZhyyTh89ZNpQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCBc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCRc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKKTU1Kvnz.woff2)
Source: chromecache_89.1.dr, chromecache_82.1.dr	String found in binary or memory: https://getbootstrap.com)
Source: chromecache_73.1.dr, chromecache_70.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_75.1.dr	String found in binary or memory: https://github.com/harvesthq/chosen
Source: chromecache_75.1.dr	String found in binary or memory: https://github.com/harvesthq/chosen/blob/master/LICENSE.md
Source: chromecache_89.1.dr, chromecache_73.1.dr, chromecache_70.1.dr, chromecache_82.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_89.1.dr, chromecache_73.1.dr, chromecache_70.1.dr, chromecache_82.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_79.1.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Source: chromecache_79.1.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: classification engine

Classification label: mal84.phis.win@16/46@26/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2204,i,10793580977582758868,3268384068697070233,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://yungbucksbbq.com/portbiz/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2204,i,10793580977582758868,3268384068697070233,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.217.19.228	www.google.com	United States	15169	GOOGLEUS	false
104.17.24.14	unknown	United States	13335	CLOUDFLARENETUS	false
104.18.10.207	unknown	United States	13335	CLOUDFLARENETUS	false
104.18.11.207	stackpath.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
151.101.2.137	code.jquery.com	United States	54113	FASTLYUS	false
104.21.112.1	yungbucksbbq.com	United States	13335	CLOUDFLARENETUS	true
239.255.255.250	unknown	Reserved	unknown	unknown	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
stackpath.bootstrapcdn.com	104.18.11.207	true
a.nel.cloudflare.com	35.190.80.1	true
code.jquery.com	151.101.2.137	true
cdnjs.cloudflare.com	104.17.25.14	true
yungbucksbbq.com	104.21.112.1	true
maxcdn.bootstrapcdn.com	104.18.11.207	true
www.google.com	172.217.19.228	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://code.jquery.com/jquery-3.2.1.slim.min.js	false		high
https://a.nel.cloudflare.com/report/v4?s=UrpOxnvS90nT4enVqEQEa9fWbxEoMzjHyMP4jnvrTheqVC9Rlo%2FJhuImUrKhqrBVOA1DXbV1BCZaisdhID1zf9pgRg5O4tThEqOGzFHC5E5xtQB8pc%2Ffb1SSGQDx4spLgoYz	false		high
https://a.nel.cloudflare.com/report/v4?s=WALG0QTwIft9Y7wjm%2BpyerU6Bn6BVJUZUGRwOsSWeseAJ4lLHXtu928LTLvuAoBWWW01WODeESIR9OO9IZRIlEW5Zu2DRRywhG4pkFEK9qd%2Fk2iHC4W2cqmw1JSZ1YMwj9nq	false		high
https://yungbucksbbq.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?	true	Avira URL Cloud: phishing	unknown
https://yungbucksbbq.com/portbiz/	true		unknown
https://yungbucksbbq.com/portbiz/icons/icon-blugov-info.svg	true	Avira URL Cloud: phishing	unknown
https://yungbucksbbq.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	true	Avira URL Cloud: phishing	unknown
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	false		high
https://yungbucksbbq.com/portbiz/icons/blugov-left-chevron-dark.svg	true	Avira URL Cloud: phishing	unknown
https://yungbucksbbq.com/portbiz/css/mgv2-application.css	true	Avira URL Cloud: phishing	unknown
https://yungbucksbbq.com/portbiz/css/blugov.css	true	Avira URL Cloud: phishing	unknown
https://yungbucksbbq.com/cdn-cgi/challenge-platform/h/b/jsd/r/8f7506295d20727b	true	Avira URL Cloud: phishing	unknown
https://yungbucksbbq.com/portbiz/images/myGov-cobranded-logo-white.svg	true	Avira URL Cloud: phishing	unknown
https://yungbucksbbq.com/portbiz/css/css.css	true	Avira URL Cloud: phishing	unknown
https://yungbucksbbq.com/portbiz/#	true		unknown
https://a.nel.cloudflare.com/report/v4?s=gSae%2FPvDViVNzZ1Dz67TD%2F4i4o4bjcMfByOZ6JG%2FMx3u22xJ2W34gXBlDyHEOpUHMxsHmDxCDUmyDM1w%2FjPGhaii2uHNIBPLGGoowpgEIBVBTCh8TY%2FCkxZ3s4P0MRNCQcoB	false		high
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	false		high
https://yungbucksbbq.com/favicon.ico	true	Avira URL Cloud: phishing	unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	false		high
https://yungbucksbbq.com/portbiz/images/myGov-cobranded-logo-black.svg	true	Avira URL Cloud: phishing	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 65	HTML document, ASCII text, with no line terminators	6147CA10712E483B5EE714D29C21E439	7BFFD4014EFE0ACE62D03599877153159E2A01B6	E5128B5E331CAD19DF2F67041FFC85BF716D6E6106DEA098C37524593FB268E9
Chrome Cache Entry: 66	SVG Scalable Vector Graphics image	DE646B2F77F5FA27D55A01BBB9CF584E	33316EB871ADF6E08AF7C780EB15872549D08DC3	10B11A7C97B90BCF7AD520AC94C5769D08540CE1EE3B84D487C587BF128E3388
Chrome Cache Entry: 67	Web Open Font Format (Version 2), TrueType, length 11072, version 1.0	E7DF3D0942815909ADD8F9D0C40D00D9	CF5032EEA3399A58870E8A05E629B006A8C7C3C7	BCE2F309470952B7AFFA62FF4D91B454334C68CEFA541429B502904D20696875
Chrome Cache Entry: 68	ASCII text, with very long lines (32012)	5F48FC77CAC90C4778FA24EC9C57F37D	9E89D1515BC4C371B86F4CB1002FD8E377C1829F	9365920887B11B33A3DC4BA28A0F93951F200341263E3B9CEFD384798E4BE398
Chrome Cache Entry: 69	ASCII text, with very long lines (8738), with no line terminators	652C317124EB7D507F8446F2181B9C7D	180DD7D1541047A8889A6ECC750292A8B7B0E33D	22422D10ADF2FEE13F74D60D0811A01A29963323D76CF7924414C872380A6371
Chrome Cache Entry: 70	ASCII text, with very long lines (50758)	67176C242E1BDC20603C878DEE836DF3	27A71B00383D61EF3C489326B3564D698FC1227C	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
Chrome Cache Entry: 71	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 72	ASCII text, with no line terminators	855D128BC8BA8897C10651DB8E4AB599	5CCCB01FB1551C99176DB4864D85390783AAC5EC	44A85AC0536722333A8DA0D6DC2F5B36ECC20782925D33CBAC41DC2B0E65478E
Chrome Cache Entry: 73	ASCII text, with very long lines (50758)	67176C242E1BDC20603C878DEE836DF3	27A71B00383D61EF3C489326B3564D698FC1227C	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
Chrome Cache Entry: 74	ASCII text, with very long lines (32012)	5F48FC77CAC90C4778FA24EC9C57F37D	9E89D1515BC4C371B86F4CB1002FD8E377C1829F	9365920887B11B33A3DC4BA28A0F93951F200341263E3B9CEFD384798E4BE398
Chrome Cache Entry: 75	ASCII text, with very long lines (59825)	AF6FF6A661F6F6822193E200619B8962	E516C4FB92F7CEF1B66ED49D7BF4C04CB198B97A	6B029A47A7BB72E8B70CF436B83D904B8A366FD360D12B4D8917C9F59E4B7D46
Chrome Cache Entry: 76	ASCII text	1B34D88F3C28C3AC700285D84201D2E4	786787248A889FE49A02B8B1BCDBE3133B0ED075	0EE0FCBA7F6A9B1A0885211BBB8FEF101A825E56D6B2A9C2A71A37BFAEC1862A
Chrome Cache Entry: 77	Web Open Font Format (Version 2), TrueType, length 11028, version 1.0	1F6D3CF6D38F25D83D95F5A800B8CAC3	279F300CA2CBBDF9F5036EF2F438607FBF377DAA	796DE064B8D80EBA7CCACB8BA67D77FDBCDF4B385C844645D452C24537B3108F
Chrome Cache Entry: 78	HTML document, ASCII text	A34AC19F4AFAE63ADC5D2F7BC970C07F	A82190FC530C265AA40A045C21770D967F4767B8	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
Chrome Cache Entry: 79	HTML document, ASCII text, with very long lines (2783)	CCB82F3989272A74A6EB98A2205A2A90	CC4F9194FDC259B32E0713F6A64E036480671974	B26CFA915D5C28D243B407CB2CB921E1FB7A54F525820E1C851EED7B57A31A8E
Chrome Cache Entry: 80	Web Open Font Format (Version 2), TrueType, length 11040, version 1.0	5E22A46C04D947A36EA0CAD07AFCC9E1	6091D981C2A4EE975C7F6B56186EE698040BB804	0F53E8B0A717CA4CE313EEC62B90D41DB62C2F4946259A65C93BF8E84C5B0C44
Chrome Cache Entry: 81	ASCII text, with very long lines (8738), with no line terminators	652C317124EB7D507F8446F2181B9C7D	180DD7D1541047A8889A6ECC750292A8B7B0E33D	22422D10ADF2FEE13F74D60D0811A01A29963323D76CF7924414C872380A6371
Chrome Cache Entry: 82	ASCII text, with very long lines (48664)	14D449EB8876FA55E1EF3C2CC52B0C17	A9545831803B1359CFEED47E3B4D6BAE68E40E99	E7ED36CEEE5450B4243BBC35188AFABDFB4280C7C57597001DE0ED167299B01B
Chrome Cache Entry: 83	ASCII text, with very long lines (65536), with no line terminators	017BE08165C903D14304596847C2661B	90D38F57BE7614813E1E49A6090064DC023985B3	4217794B756A7DE5F436CE268788F5F5EC0D457FBBA048D13AA6ADDF30135B14
Chrome Cache Entry: 84	ASCII text, with very long lines (19015)	70D3FDA195602FE8B75E0097EED74DDE	C3B977AA4B8DFB69D651E07015031D385DED964B	A52F7AA54D7BCAAFA056EE0A050262DFC5694AE28DEE8B4CAC3429AF37FF0D66
Chrome Cache Entry: 85	SVG Scalable Vector Graphics image	B53F20300BABCA4EBB422E59B888BE1F	699C5898C6DD9D2B8B949DB2E13C8F0B0D29E26B	954AA858B3BFFB8511BC41BC88B07D2B24597C37FAF522550E26C9AA3B0D220D
Chrome Cache Entry: 86	ASCII text, with very long lines (19015)	70D3FDA195602FE8B75E0097EED74DDE	C3B977AA4B8DFB69D651E07015031D385DED964B	A52F7AA54D7BCAAFA056EE0A050262DFC5694AE28DEE8B4CAC3429AF37FF0D66
Chrome Cache Entry: 87	HTML document, ASCII text	A34AC19F4AFAE63ADC5D2F7BC970C07F	A82190FC530C265AA40A045C21770D967F4767B8	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
Chrome Cache Entry: 88	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 89	ASCII text, with very long lines (48664)	14D449EB8876FA55E1EF3C2CC52B0C17	A9545831803B1359CFEED47E3B4D6BAE68E40E99	E7ED36CEEE5450B4243BBC35188AFABDFB4280C7C57597001DE0ED167299B01B
Chrome Cache Entry: 90	SVG Scalable Vector Graphics image	DE646B2F77F5FA27D55A01BBB9CF584E	33316EB871ADF6E08AF7C780EB15872549D08DC3	10B11A7C97B90BCF7AD520AC94C5769D08540CE1EE3B84D487C587BF128E3388
Chrome Cache Entry: 91	SVG Scalable Vector Graphics image	B53F20300BABCA4EBB422E59B888BE1F	699C5898C6DD9D2B8B949DB2E13C8F0B0D29E26B	954AA858B3BFFB8511BC41BC88B07D2B24597C37FAF522550E26C9AA3B0D220D

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://yungbucksbbq.com/portbiz/	Avira URL Cloud: detection malicious, Label: phishing
Source: https://yungbucksbbq.com/portbiz/	SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://yungbucksbbq.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/cdn-cgi/challenge-platform/h/b/jsd/r/8f7506295d20727b	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/icons/blugov-left-chevron-dark.svg	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/css/mgv2-application.css	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/css/css.css	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/icons/icon-blugov-info.svg	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/css/blugov.css	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/images/myGov-cobranded-logo-white.svg	Avira URL Cloud: Label: phishing
Source: https://yungbucksbbq.com/portbiz/images/myGov-cobranded-logo-black.svg	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://yungbucksbbq.com/portbiz/	Joe Sandbox AI: Score: 9 Reasons: The brand 'Australian Government' is well-known and typically associated with the domain 'australia.gov.au'., The URL 'yungbucksbbq.com' does not match the legitimate domain associated with the Australian Government., The domain 'yungbucksbbq.com' appears unrelated to the Australian Government and does not contain any recognizable elements of the legitimate domain., The presence of input fields for 'Username or email' and 'Password' on an unrelated domain is a common phishing tactic. DOM: 1.3.pages.csv
Source: https://yungbucksbbq.com/portbiz/#	Joe Sandbox AI: Score: 9 Reasons: The brand 'Australian Government' is well-known and typically associated with the domain 'australia.gov.au'., The URL 'yungbucksbbq.com' does not match the legitimate domain associated with the Australian Government., The URL 'yungbucksbbq.com' appears unrelated to the Australian Government and does not contain any recognizable elements of the legitimate domain., The presence of input fields for 'Username or email' and 'Password' on an unrelated domain is suspicious and indicative of a phishing attempt. DOM: 2.5.pages.csv

Yara detected HtmlPhish10

Source: Yara match	File source: 1.3.pages.csv, type: HTML
Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_79, type: DROPPED

AI detected suspicious Javascript

Source: 0.1.id.script.csv	Joe Sandbox AI: Detected suspicious JavaScript with source url: https://yungbucksbbq.com/portbiz/... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to potentially malicious domains. The use of an iframe to load additional scripts and the obfuscation of the script's purpose raise significant security concerns. While the script may have a legitimate purpose, such as implementing a security challenge, the overall behavior is highly suspicious and poses a high risk of malicious activity.
Source: 0.0.id.script.csv	Joe Sandbox AI: Detected suspicious JavaScript with source url: https://yungbucksbbq.com/portbiz/... This script demonstrates several high-risk behaviors, including dynamic code execution via `eval()` and obfuscated code. It also sets a cookie with a long expiration date, which could be used for potential data exfiltration. The script appears to be testing for the presence of various headless browser and automation tools, suggesting it may have malicious intent. Overall, this script poses a significant security risk and should be treated with caution.
Source: 0.4.id.script.csv	Joe Sandbox AI: Detected suspicious JavaScript with source url: https://yungbucksbbq.com/portbiz/... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to potentially malicious domains. The use of an iframe to load additional scripts and the obfuscation of the script's purpose raise significant security concerns. While the script may have a legitimate purpose, such as implementing a security challenge, the overall behavior is highly suspicious and poses a high risk of malicious activity.

HTML body contains low number of good links

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Base64 decoded: 1735089785.000000

HTML title does not match URL

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Title: Sign in with myGov - myGov does not match URL

Invalid 'copyright' link found

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Invalid link: Copyright

Invalid 'forgot password' link found

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Invalid link: Forgot password

Invalid T&C link found

Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: Invalid link: Help
Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: Invalid link: Terms of use
Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: Invalid link: Privacy and security
Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: Invalid link: Accessibility

Suspicious form URL found

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: Form action: log2.php

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: <input type="password" .../> found

Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: No favicon
Source: https://yungbucksbbq.com/portbiz/	HTTP Parser: No favicon

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: No <meta name="author".. found

Source: https://yungbucksbbq.com/portbiz/

HTTP Parser: No <meta name="copyright".. found

Networking

Suricata IDS alerts for network traffic

Source: Network traffic

Suricata IDS: 2053843 - Severity 1 - ET PHISHING MyGovAU Credential Phish Landing Page 2024-06-24 : 104.21.112.1:443 -> 192.168.2.4:49747

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /portbiz/ HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /portbiz/ HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA
Source: global traffic	HTTP traffic detected: GET /portbiz/css/css.css HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://yungbucksbbq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://yungbucksbbq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://yungbucksbbq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://yungbucksbbq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /portbiz/css/mgv2-application.css HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/css/blugov.css HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/images/myGov-cobranded-logo-black.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/images/myGov-cobranded-logo-white.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /portbiz/icons/blugov-left-chevron-dark.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/css/blugov.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /portbiz/images/myGov-cobranded-logo-black.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/images/myGov-cobranded-logo-white.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /portbiz/icons/icon-blugov-info.svg HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/css/blugov.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://yungbucksbbq.com/portbiz/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js? HTTP/1.1Host: yungbucksbbq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js? HTTP/1.1Host: yungbucksbbq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/8f7506295d20727b HTTP/1.1Host: yungbucksbbq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: Rtg3-KdxTX-lS9kESubG2FfTJlM=tsocGLkuvgRkL9bBPewM-w-bWY0; 2Uww88WYh_COBe7pMTO4ioZTPfI=1735089781; Z958OV7wx8k8f46ZwkuzLQtUcy0=1735176181; Y-RnzAfelkfD1YFXnsePoVqq_wo=SAjd_BKZ5-FhtYibBEM7eJG8CRk; Wr9ERqNdD7myZ-CGhjmPxhLxwGA=ovZYm5WztmWNkG4wN79587VMEt0; yIKz5Z2V95SLGJr1RrkzB8w_oAw=24V5fd_SqGfynCsHmAJbl9ySndA; BHrbNRcajq8FC4XNkrvHx1cPp6M=1735089786; nPYTYev3FqKZHCvVaQ5DzSPcR8A=1735176186; AtgwaW3pNgQLbbw1puZhEbQd5Bo=5OQRJSKHWWav-JU40KaY81y8qb4

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: yungbucksbbq.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: stackpath.bootstrapcdn.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 25 Dec 2024 01:23:13 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: HITAge: 125556Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnI6lQniSES7VQMEKssjvhdkcA2UhdB9eAL7ETrMBffH6PzP6MFWIHqSFe8qdACGJ8LwyJRUxQH3ymGn0S%2F8AUxMHQ6a1dTy0rSZkVaNM9RBTwqmrpPgLTGZBmxDU1ADhT23"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8f75064c5f11727b-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1861&min_rtt=1852&rtt_var=714&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2840&recv_bytes=1672&delivery_rate=1512169&cwnd=232&unsent_bytes=0&cid=f10382e9308d7d04&ts=1355&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 25 Dec 2024 01:23:16 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: HITAge: 125559Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQKD6%2FE1L43FiYY9RUqYV%2B9GFUtR6Oc92WratzqVo9SDtmwZVUQ59rmR1I4WNw0gjHFnm07wZ06kOp7Btgx%2BTfxdbbycJjUU0Gmm9ipN58HDaySnVEm3nmjn0ltaOb5nZQRT"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8f75065c48cc43b3-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1602&min_rtt=1593&rtt_var=604&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2840&recv_bytes=1664&delivery_rate=1833019&cwnd=198&unsent_bytes=0&cid=85e5327e084b8ac6&ts=452&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 25 Dec 2024 01:23:19 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: HITAge: 144119Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAvOKoDfy1rHRiV%2F1HZdNRcubJkVzbzRRueR%2BApUay%2FU2r1ojCDAYKL00B1AIceZk%2B76QHkHWL8MS6pUgzsl70kcgZgREWodHkwomc8H7ZiYRLOeKLJS%2B5As%2FjZNYJxirN0A"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8f75066eef700f5b-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1632&min_rtt=1626&rtt_var=622&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2841&recv_bytes=1627&delivery_rate=1742243&cwnd=218&unsent_bytes=0&cid=b83b0f0d999049fe&ts=458&x=0"

Source: chromecache_75.1.dr	String found in binary or memory: http://getharvest.com
Source: chromecache_86.1.dr, chromecache_84.1.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_79.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: chromecache_79.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: chromecache_79.1.dr	String found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WRhyyTh89ZNpQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WZhyyTh89ZNpQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCBc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCRc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCxc4AMP6lbBP.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2)
Source: chromecache_76.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKKTU1Kvnz.woff2)
Source: chromecache_89.1.dr, chromecache_82.1.dr	String found in binary or memory: https://getbootstrap.com)
Source: chromecache_73.1.dr, chromecache_70.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_75.1.dr	String found in binary or memory: https://github.com/harvesthq/chosen
Source: chromecache_75.1.dr	String found in binary or memory: https://github.com/harvesthq/chosen/blob/master/LICENSE.md
Source: chromecache_89.1.dr, chromecache_73.1.dr, chromecache_70.1.dr, chromecache_82.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_89.1.dr, chromecache_73.1.dr, chromecache_70.1.dr, chromecache_82.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_79.1.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Source: chromecache_79.1.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: classification engine

Classification label: mal84.phis.win@16/46@26/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2204,i,10793580977582758868,3268384068697070233,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://yungbucksbbq.com/portbiz/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2204,i,10793580977582758868,3268384068697070233,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1580537
Product:	CloudBasic
Start time:	02:22:00
Start date:	25.12.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report https://yungbucksbbq.com/portbiz/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://yungbucksbbq.com/portbiz/