Click to jump to signature section
| Source: 0.3.id.script.csv | Joe Sandbox AI: Detected suspicious JavaScript with source url: file:///C:/Users/user/Desktop/colleague[1].htm... This script exhibits high-risk behaviors, including redirecting the user to a suspicious domain and potentially tracking user clicks. The combination of dynamic code execution, data exfiltration, and redirects to an untrusted domain indicates a high likelihood of malicious intent. |
| Source: colleague[1].htm | HTTP Parser: Low number of body elements: 0 |
| Source: colleague[1].htm | HTTP Parser: location.href |
| Source: colleague[1].htm | HTTP Parser: .location |
| Source: colleague[1].htm | HTTP Parser: .location |
| Source: colleague[1].htm | HTTP Parser: Base64 decoded: 1735835083.9839:8c79a13f12f3ec065b4c237962a795f802198319e81797db5ad3075f1b900b3e:6776bdcbf0359 |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: Title: Old High School Yearbooks Online does not match URL |
| Source: https://www.classmates.com/register/state/new-jersey/4 | HTTP Parser: Title: Find a Friend or High School Alumni from New Jersey does not match URL |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-PXR5NRC |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-PXR5NRC |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/16651648431?random=1736418442698&cv=11&fst=1736418442698&fmt=3&bg=ffffff&guid=ON&async=1>m=45be5170v9196500264z8810406618za200zb810406618&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.classmates.com%2F%3Ftitle%3DOld%2520High%2520School%2520Yearbooks%2520Online%26s%3D80955%26utm_campaign%3DBrand%253A%2520Vertical%2520(tCPA)%2520%2526%2520sNetwork%26msclkid%3Dd8bc3b750285164f748e5c0aa6f091db%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_term%3Dclassmates%26utm_content%3DBrand%253A%2520Vertical%253A%2520Misspells&ref=http%3A%2F%2Fifdnzact.com%2F&hn=www.googleadservices.com&frm=0&tiba=Old%20High%20School%20Yearbooks%20Online&npa=0&pscdl=noapi&auid=1420636124.1736418441&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config |
| Source: https://www.classmates.com/register/state/new-jersey/4 | HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-PXR5NRC |
| Source: https://www.classmates.com/register/state/new-jersey/4 | HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/16651648431?random=1736418452178&cv=11&fst=1736418452178&fmt=3&bg=ffffff&guid=ON&async=1>m=45be5170v9196500264z8810406618za200zb810406618&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.classmates.com%2Fregister%2Fstate%2Fnew-jersey%2F4&ref=https%3A%2F%2Fwww.classmates.com%2F%3Ftitle%3DOld%2520High%2520School%2520Yearbooks%2520Online%26s%3D80955%26utm_campaign%3DBrand%253A%2520Vertical%2520(tCPA)%2520%2526%2520sNetwork%26msclkid%3Dd8bc3b750285164f748e5c0aa6f091db%26utm_source%3Dbing%26utm_medium%3Dcpc%26utm_term%3Dclassmates%26utm_content%3DBrand%253A%2520Vertical%253A%2520Misspells&hn=www.googleadservices.com&frm=0&tiba=Find%20a%20Friend%20or%20High%20School%20Alumni%20from%20New%20Jersey&npa=0&pscdl=noapi&auid=1420636124.1736418441&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: <input type="password" .../> found |
| Source: https://www.classmates.com/register/state/new-jersey/4 | HTTP Parser: <input type="password" .../> found |
| Source: colleague[1].htm | HTTP Parser: No favicon |
| Source: file:///C:/Users/user/Desktop/colleague[1].htm | HTTP Parser: No favicon |
| Source: http://ifdnzact.com/?dn=colleague.eu&pid=9PO755G95 | HTTP Parser: No favicon |
| Source: http://ifdnzact.com/Colleague.cfm?domain=colleague.eu&fp=ATo36WSjg2CsKYbRNF9GCfsyBLPbUjntlA4Y7fPSI%2Boy9UAg5mY3HWf2L02rQUrjlMr%2BA8%2FyhYSteFHpffxddlh%2FxGaM56IUlO6EcU9Q7oJqVq6uHIBpXeuiNnxGdNY2N4%2BfkhlWOfweQdxz0YrV8i0M1uBSH%2Bo%2BbWEML1J9%2BIWyNw6kSEakQXtrnvsL8PcFsoHwvz6z2lA2XWvzRXnD5Xe616Cj3QNOyj7Qgv%2FhAi%2F3SJydQHHiZiA7F2%2Fr1U2IIHIm67uVFL1uG5AZzki7wtBDfPTyUDryH%2BNesJU6didK2mpMOFGZKU0KFg35JRFJ&yep=Wtma6HoxInxASOhSl6bd%2Bo1o5blnYzx%2B76BqtE2V3oAmsCs0sLgL9mq9uq9ZB816IgjSVz781P7eebV1CnUKuyrsVD3MPDdj2PHqus4Nbmyi6Ub6WDdNtZA0z6077y48UMwz6SE4%2BYzbOZ3x%2BS%2BC4NPuMlfP7qVMxeZ%2B5XxlseyilJ2Nr%2FX5YV2P3nkLbPwb%2BQFEvKB5GnE8kzsMpCt753pdk2qalYjyri2IncJ5S%2FuRmUo2QZsT4oDM01JWJR9nAUMFHAmKofTtuZhcPayMoBDVGoudg9519tZ%2FnlHDRmpp88O6wEZOjVnSFilVHLDvg1EhY6Q3uy4WW81se8d%2F6919JzxGq8%2Bh6Qgq%2FyrSkfL0yUMQyu5Jtik6DBrfQ2bQtjTW%2FDxToWoNW76jujOUOEKNSQc3BxPhHNYFU75acJOh4XER3QaJgJbRn%2Fxe2A0BnGu4CyZwzok%2BgfMNN%2B%2BlluuX14l3QrHZb1pfY98CgEeYlfl%2BpdFuEuaP8aafHtyZXJnAUUnuWACkKD54Z%2BiZqJ%2FzVQZL1gmqdBOGtw4jKPQkTknQ8kjSJhoEG05jeHgH... | HTTP Parser: No favicon |
| Source: http://ifdnzact.com/Colleague.cfm?domain=colleague.eu&fp=ATo36WSjg2CsKYbRNF9GCfsyBLPbUjntlA4Y7fPSI%2Boy9UAg5mY3HWf2L02rQUrjlMr%2BA8%2FyhYSteFHpffxddlh%2FxGaM56IUlO6EcU9Q7oJqVq6uHIBpXeuiNnxGdNY2N4%2BfkhlWOfweQdxz0YrV8i0M1uBSH%2Bo%2BbWEML1J9%2BIWyNw6kSEakQXtrnvsL8PcFsoHwvz6z2lA2XWvzRXnD5Xe616Cj3QNOyj7Qgv%2FhAi%2F3SJydQHHiZiA7F2%2Fr1U2IIHIm67uVFL1uG5AZzki7wtBDfPTyUDryH%2BNesJU6didK2mpMOFGZKU0KFg35JRFJ&yep=Wtma6HoxInxASOhSl6bd%2Bo1o5blnYzx%2B76BqtE2V3oAmsCs0sLgL9mq9uq9ZB816IgjSVz781P7eebV1CnUKuyrsVD3MPDdj2PHqus4Nbmyi6Ub6WDdNtZA0z6077y48UMwz6SE4%2BYzbOZ3x%2BS%2BC4NPuMlfP7qVMxeZ%2B5XxlseyilJ2Nr%2FX5YV2P3nkLbPwb%2BQFEvKB5GnE8kzsMpCt753pdk2qalYjyri2IncJ5S%2FuRmUo2QZsT4oDM01JWJR9nAUMFHAmKofTtuZhcPayMoBDVGoudg9519tZ%2FnlHDRmpp88O6wEZOjVnSFilVHLDvg1EhY6Q3uy4WW81se8d%2F6919JzxGq8%2Bh6Qgq%2FyrSkfL0yUMQyu5Jtik6DBrfQ2bQtjTW%2FDxToWoNW76jujOUOEKNSQc3BxPhHNYFU75acJOh4XER3QaJgJbRn%2Fxe2A0BnGu4CyZwzok%2BgfMNN%2B%2BlluuX14l3QrHZb1pfY98CgEeYlfl%2BpdFuEuaP8aafHtyZXJnAUUnuWACkKD54Z%2BiZqJ%2FzVQZL1gmqdBOGtw4jKPQkTknQ8kjSJhoEG05jeHgH... | HTTP Parser: No favicon |
| Source: http://ifdnzact.com/Classmates.cfm?domain=colleague.eu&fp=ATo36WSjg2CsKYbRNF9GCfsyBLPbUjntlA4Y7fPSI%2BrDHUkW8bqJx4h6dy1cnrocOaULG2WrkfNj8J5zd0H6F6lbjqXjYIKk1ayX5Qk8KwKyFfL8VK%2BlwYkBhEstFETyhHg8CBEy0YsHTulaGIeVgfWDhZNAXBuATCvqjtgi%2FvUwt%2BnEUjUKMOwrUCfgS6n5FthCUUHgRe9GWFI9ECdhpXU7lSbgxVbPT%2FJ3%2BYm7%2Fmky7%2BwfWzOGhnSsE16dqwBZfG53G6881w2CC1vGTXvs1jEjvfdlxbMqNvrL%2FrhpnNf3%2Bmbm3z8KLUrxk4dXZaD5&yep=Wtma6HoxInxASOhSl6bd%2Bo1o5blnYzx%2B76BqtE2V3oAmsCs0sLgL9mq9uq9ZB816IgjSVz781P7eebV1CnUKu2Sg0MSt7hGikbu0kKY9ddJqQLBX9EAl%2F0Qq3RphhSx8vm0N6W4g40JqkV56rAHLgPfvWV3aZLsn7MzUUNeTtEXw1U4bqyXS5YeL2l%2BkUxVFbIH5EeTHyN5vKPwLedAn7R%2B6f7k1ZV8Qn2D068ISr7NylgALPwXNqrs%2FKOnkgh6oTCBCeslzYvDBzHcs9q4KG7xihRYWCOIqvGHldzMfmJzLXDEYyitHFZX41N%2F45B4rcRiUWF4KuZMYDBA4VcNij%2FX3WXUEFr68BD4ecxoVglA9acrGI5%2By2lkZxjduQlEyiS30zGP32BN%2FrJLqp%2BT1EWz7uE%2Fgo9tgH%2BJIrbdHmSU7TOwKqZ5JDBQJhNYkdJeMQ11AgaXBD%2FI3nINn4hedJctZGnQcetMAFz%2BOVxG0v8EEd1lgRXjWJiEKRLh%2F8caivgMqlevmZlhV16VC16w%2FsvssruzLJ72kDxG%2BfofsRHmxv5nMijDDRN2B73aA8qeA6uacrN2kk... | HTTP Parser: No favicon |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: No favicon |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: No <meta name="author".. found |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: No <meta name="author".. found |
| Source: https://www.classmates.com/register/state/new-jersey/4 | HTTP Parser: No <meta name="author".. found |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: No <meta name="copyright".. found |
| Source: https://www.classmates.com/?title=Old%20High%20School%20Yearbooks%20Online&s=80955&utm_campaign=Brand%3A%20Vertical%20(tCPA)%20%26%20sNetwork&msclkid=d8bc3b750285164f748e5c0aa6f091db&utm_source=bing&utm_medium=cpc&utm_term=classmates&utm_content=Brand%3A%20Vertical%3A%20Misspells | HTTP Parser: No <meta name="copyright".. found |
| Source: https://www.classmates.com/register/state/new-jersey/4 | HTTP Parser: No <meta name="copyright".. found |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | HTTP traffic: Redirect from: r.search.yahoo.com to https://www.bing.com/aclick?ld=e8ixasrqsizcypm8cdd7jwtzvucuxql3uofspr_bdy8abuhcp59y_xmpgn4tx07xyovuhuwtcuzkoef_ifl6q57ctl1y7ssmggl7n2wosr9yfw2ywsbv_kzc_j0c-okknqg1szjvqbset8ovmnxqszswypot7qeuxlpimq8mf4hvxdmyvq&u=ahr0chmlm2elmmylmmz3d3cuy2xhc3ntyxrlcy5jb20lmmylm2z0axrszsuzze9szcuyntiwsglnacuyntiwu2nob29sjti1mjbzzwfyym9va3mlmjuyme9ubgluzsuynnmlm2q4mdk1nsuynnv0bv9jyw1wywlnbiuzzejyyw5kjti1m0elmjuymfzlcnrpy2fsjti1mjaodenqqsklmjuymcuynti2jti1mjbztmv0d29yayuynm1zy2xrawqlm2rkogjjm2i3ntayoduxnjrmnzq4ztvjmgfhnmywotfkyiuynnv0bv9zb3vyy2ulm2riaw5njti2dxrtx21lzgl1bsuzzgnwyyuynnv0bv90zxjtjtnky2xhc3ntyxrlcyuynnv0bv9jb250zw50jtnkqnjhbmqlmjuzqsuyntiwvmvydgljywwlmjuzqsuyntiwtwlzc3blbgxz&rlid=d8bc3b750285164f748e5c0aa6f091db |
| Source: Joe Sandbox View | IP Address: 104.17.248.203 104.17.248.203 |
| Source: Joe Sandbox View | IP Address: 104.16.80.73 104.16.80.73 |
| Source: Joe Sandbox View | IP Address: 151.101.130.137 151.101.130.137 |
| Source: Joe Sandbox View | IP Address: 151.101.130.137 151.101.130.137 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 18.66.121.135 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 18.66.121.135 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 18.66.121.135 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.22.50.144 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.22.50.144 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 18.66.121.135 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 18.66.121.135 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.22.50.144 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.22.50.144 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: global traffic | HTTP traffic detected: GET /delivery/js/cmp_en.min.js HTTP/1.1Host: cdn.consentmanager.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://ifdnzact.com/?dn=colleague.eu&pid=9PO755G95Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /delivery/cmp.php?&cdid=21fdca2281833&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dcolleague.eu%26pid%3D9PO755G95&&l=en&o=1736418404981 HTTP/1.1Host: a.delivery.consentmanager.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://ifdnzact.com/?dn=colleague.eu&pid=9PO755G95Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /delivery/cmp.php?&cdid=21fdca2281833&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dcolleague.eu%26pid%3D9PO755G95&&l=en&o=1736418404981 HTTP/1.1Host: a.delivery.consentmanager.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cmpcc=1 |
| Source: global traffic | HTTP traffic detected: GET /delivery/cmp.php?__cmpcc=1&id=68884&o=1736418406&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dcolleague.eu%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en HTTP/1.1Host: a.delivery.consentmanager.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://ifdnzact.com/?dn=colleague.eu&pid=9PO755G95Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cmpcc=1 |
| Source: global traffic | HTTP traffic detected: GET /delivery/js/cmp_en.min.js HTTP/1.1Host: cdn.consentmanager.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /delivery/customdata/bV8xLndfNjg4ODQucl9ST1cubF9lbi5kXzI3NzQ2LnhfMTQudi5wLnRfMjc3NDYueHRfMzU.js HTTP/1.1Host: cdn.consentmanager.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://ifdnzact.com/?dn=colleague.eu&pid=9PO755G95Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /delivery/cmp.php?__cmpcc=1&id=68884&o=1736418406&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dcolleague.eu%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en HTTP/1.1Host: a.delivery.consentmanager.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cmpcc=2 |
| Source: global traffic | HTTP traffic detected: GET /delivery/cmp.php?&cdid=21fdca2281833&h=http%3A%2F%2Fifdnzact.com%2FColleague.cfm%3Fdomain%3Dcolleague.eu%26fp%3DATo36WSjg2CsKYbRNF9GCfsyBLPbUjntlA4Y7fPSI%252Boy9UAg5mY3HWf2L02rQUrjlMr%252BA8%252FyhYSteFHpffxddlh%252FxGaM56IUlO6EcU9Q7oJqVq6uHIBpXeuiNnxGdNY2N4%252BfkhlWOfweQdxz0YrV8i0M1uBSH%252Bo%252BbWEML1J9%252BIWyNw6kSEakQXtrnvsL8PcFsoHwvz6z2lA2XWvzRXnD5Xe616Cj3QNOyj7Qgv%252FhAi%252F3SJydQHHiZiA7F2%252Fr1U2IIHIm67uVFL1uG5AZzki7wtBDfPTyUDryH%252BNesJU6didK2mpMOFGZKU0KFg35JRFJ%26yep%3DWtma6HoxInxASOhSl6bd%252Bo1o5blnYzx%252B76BqtE2V3oAmsCs0sLgL9mq9uq9ZB816IgjSVz781P7eebV1CnUKuyrsVD3MPDdj2PHqus4Nbmyi6Ub6WDdNtZA0z6077y48UMwz6SE4%252BYzbOZ3x%252BS%252BC4NPuMlfP7qVMxeZ%252B5XxlseyilJ2Nr%252FX5YV2P3nkLbPwb%252BQFEvKB5GnE8kzsMpCt753pdk2qalYjyri2IncJ5S%252FuRmUo2QZsT4oDM01JWJR9nAUMFHAmKofTtuZhcPayMoBDVGoudg9519tZ%252FnlHDRmpp88O6wEZOjVnSFilVHLDvg1EhY6Q3uy4WW81se8d%252F6919JzxGq8%252Bh6Qgq%252FyrSkfL0yUMQyu5Jtik6DBrfQ2bQtjTW%252FDxToWoNW76jujOUOEKNSQc3BxPhHNYFU75acJOh4XER3QaJgJbRn%252Fxe2A0BnGu4CyZwzok%252BgfMNN%252B%252BlluuX14l3QrHZb1pfY98CgEeYlfl%252BpdFuEuaP8aafHtyZXJnAUUnuWACkKD54Z%252BiZqJ%252FzVQZL1gmqdBOGtw4jKPQkTknQ8kjSJhoEG05jeHgHa6NUXfI0bTrfBKxMbRp%252BAzg87vl24aN3RTDcDvsa7bE9nq%252F4xY%252FIH%252BkEMtqAoyfMEgk%252F9ekAgsDTKMLErXhwW6V2zHwppG1HlpNDD1Pwpu9OejDdWevWox4u53NSajmzvC6heBmAujD1ReebSMgKDxhlppevn6fRkM5XhRebdbBXh%252B0VKjQ%252F8%252B43VdeVDBGXhrzlW0asfzXbWK%252BjJVwPq%252BspHl7Ib7WiGDZEhHFZ2vClveQosAKV6br0vxUiLvOhkbY6kCWHqMRWOxSxnD9QiodwPNH4i%252BYaB5wxZ4XtDuxVjtbIl7%252F3ZY7ot4PAhFbqd6wRAXD6lB8hUiaNEmPHY2HxQL8k9%252BZ3FoYe4PXRA%252F1JAEcHD1EH9MlbfEiqXsNTTfWkUKRVgi411IZirYCGWluUmMzmzljJC6pNwBSzdngx6FZKfVDjnQCyYr%252Fpk08h2Wfd03WL7envL1qtpKFtMsTc7gdlTeK%252BDhk8i16Iun5TK7Ab6oq8J7j%252BnQ7S2WDVOH9vfs9H%252BXbiN%252FA10Un6WZYMssgGl6uZseIQaUKamQ7e%252BFQNz0F8k17qrVwgJjY3iTQsMrHsONj0VhhTQWuEb562Cm3wlbmPigczJE4LR95%252BJ3CraGZtnHP1OzmFQBPsNp7eQ27YNSktHgIFcRzp2nBhnm8GFB%252BPgvhZyjahVkcvspSdkOMf0GfQmnNtpU5aVx0%252FpelSTlxsVOcSe65jnAG43gDkDHpOpDs3wSKReqAzw%252BHZhnBQXk%252FuCLgXfZsEk54ZA1xDr%252FNEpxqO71BBUqvRRgBZVI1zKpfdljtHoDupj6tjv%252BSYkyqZtUEpspd4mrrM0hTPVff1cBOEl9of42OR%252Fnqo1FZeuUxD396bhC08H9%252BJsKLS4OVLCZLCxYx3sBszVH%252FhSNfHA3nXmd%252FCIBS14vlhlIO%252B0BDf0qqI2K%252BErWpLf0KIqK14hk0jDoK5hRf7YZeOqclmAc%252FHCa0KxiNyVfNcPO9%252FeONhJrHMezI%253D%26gtnp%3D0%26gtpp%3D0%26kbetu%3D1%26maxads%3D0%26kld%3D1063%26yprpnd%3DUHM6ofc%252BmzTMdphcWy%252Bzzw%253D%253D%26_opnslfp%3D1%26%26gtnp%3D0%26gtpp%3D0%26kt% |
Edit tour
chrome.exe (PID: 3848 cmdline: 
