Source: http://autoiothiatowers.web.app/0.05389702077273273 |
Avira URL Cloud: detection malicious, Label: phishing |
Source: http://autoiothiatowers.web.app/0.05389702077273273 |
SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering |
Source: Yara match |
File source: dropped/chromecache_73, type: DROPPED |
Source: Yara match |
File source: dropped/chromecache_65, type: DROPPED |
Source: https://autoiothiatowers.web.app/0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk |
HTTP Parser: // refs // emailelement // passwordelement new vue({ data: () => ({ vueappisloaded: false, //logo changing data due to email domain emaildomainlogo: '', emaildomainname: '', //main application data enablepasswordvisibilitytoggle: false, showpassword: false, retryattemptcount: 0, isloading: false, submitbuttontext: 'continue', errormessage: '', successmessage: '', email: '', password: '', }), created() { this.turnurltorandom(); //set axios response time axios.interceptors.request.use((config) => { config.headers['request-starttime'] = new date() return config }) axios.interceptors.response.use((respons... |
Source: https://autoiothiatowers.web.app/0.05389702077273273 |
HTTP Parser: document.write(unescape('%3c!doctype%20html%3e%0a%3chtml%3e%0a%0a%3chead%3e%0a%20%20%20%20%3cmeta%20http-equiv%3d%22content-type%22%20content%3d%22text%2fhtml%3b%20charset%3dwindows-1252%22%3e%0a%20%20%20%20%3cmeta%20name%3d%22robots%22%20content%3d%22noindex%2c%20nofollow%22%3e%0a%20%20%20%20%3cmeta%20name%3d%22googlebot%22%20content%3d%22noindex%2c%20nofollow%22%3e%0a%20%20%20%20%3ctitle%3ewebmail%20portal%20login%3c%2ftitle%3e%0a%0a%20%20%20%20%3cstyle%3ehtml%2cbody%2cdiv%2cspan%2capplet%2cobject%2ciframe%2ch1%2ch2%2ch3%2ch4%2ch5%2ch6%2cp%2cblockquote%2cpre%2ca%2cabbr%2cacronym%2caddress%2cbig%2ccite%2ccode%2cdel%2cdfn%2cem%2cimg%2cins%2ckbd%2cq%2cs%2csamp%2csmall%2cstrike%2cstrong%2csub%2csup%2ctt%2cvar%2cb%2cu%2ci%2ccenter%2cdl%2cdt%2cdd%2col%2cul%2cli%2cfieldset%2cform%2clabel%2clegend%2ctable%2ccaption%2ctbody%2ctfoot%2cthead%2ctr%2cth%2ctd%2carticle%2caside%2ccanvas%2cdetails%2cembed%2cfigure%2cfigcaption%2cfooter%2cheader%2chgroup%2cmenu%2cnav%2coutput%2cruby%2csection%2csummary%2ctime%2cmark%2caudio... |
Source: https://autoiothiatowers.web.app/0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk |
HTTP Parser: Iframe src: https:// |
Source: https://autoiothiatowers.web.app/0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk |
HTTP Parser: Number of links: 0 |
Source: https://autoiothiatowers.web.app/0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk |
HTTP Parser: <input type="password" .../> found but no <form action="... |
Source: https://autoiothiatowers.web.app/0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk |
HTTP Parser: Total embedded image size: 76190 |
Source: https://autoiothiatowers.web.app/0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk |
HTTP Parser: Title: Webmail Portal Login does not match URL |
Source: https://autoiothiatowers.web.app/0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk |
HTTP Parser: <input type="password" .../> found |
Source: https://autoiothiatowers.web.app/0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk |
HTTP Parser: No <meta name="author".. found |
Source: https://autoiothiatowers.web.app/0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk |
HTTP Parser: No <meta name="copyright".. found |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49751 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49763 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 199.232.214.172 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 199.232.214.172 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 199.232.214.172 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 199.232.214.172 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
HTTP traffic detected: GET /0.05389702077273273 HTTP/1.1Host: autoiothiatowers.web.appConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://autoiothiatowers.web.appsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://autoiothiatowers.web.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://autoiothiatowers.web.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://autoiothiatowers.web.appsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://autoiothiatowers.web.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ajax/libs/materialize/1.0.0/js/materialize.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://autoiothiatowers.web.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://autoiothiatowers.web.appsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://autoiothiatowers.web.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ajax/libs/axios/0.21.1/axios.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://autoiothiatowers.web.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /0.05389702077273273?err=1lUMb75dIbWbL6drpoSkzztdHdsl1dpbgq0z0jcL6UMSvouZF7rgpkye9bxMyc7molfu3os7f5gNs4l8l06yDXlOfJo1lheeHTJpygdr2Juj8DwuPGjzQ028uuqFcWnq63igd6i4qmei8rywok5uFDq9lC0stIdovfnpIj7dFpOrNlWwMKts6dJQy8fypVphnReiX9qdQf5Z7kem31xZFEC38DLrssJmy6DoEuul&dispatch=76f4hchcj3hfe61j6cb5837kfhf000&id=gbgkaj2b31i48h97i73j1iejigkbc24b6f438hh3791jk HTTP/1.1Host: autoiothiatowers.web.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://autoiothiatowers.web.app/0.05389702077273273Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ajax/libs/materialize/1.0.0/js/materialize.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ajax/libs/axios/0.21.1/axios.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /0.05389702077273273 HTTP/1.1Host: autoiothiatowers.web.appConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
DNS traffic detected: DNS query: autoiothiatowers.web.app |
Source: global traffic |
DNS traffic detected: DNS query: code.jquery.com |
Source: global traffic |
DNS traffic detected: DNS query: cdnjs.cloudflare.com |
Source: global traffic |
DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com |
Source: global traffic |
DNS traffic detected: DNS query: cdn.jsdelivr.net |
Source: global traffic |
DNS traffic detected: DNS query: www.google.com |
Source: chromecache_81.2.dr, chromecache_64.2.dr |
String found in binary or memory: http://materializecss.com) |
Source: chromecache_71.2.dr, chromecache_78.2.dr |
String found in binary or memory: http://opensource.org/licenses/MIT). |
Source: chromecache_67.2.dr, chromecache_75.2.dr |
String found in binary or memory: http://underscorejs.org/LICENSE |
Source: chromecache_80.2.dr, chromecache_74.2.dr |
String found in binary or memory: https://getbootstrap.com) |
Source: chromecache_80.2.dr, chromecache_74.2.dr |
String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE) |
Source: chromecache_80.2.dr, chromecache_74.2.dr |
String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors) |
Source: chromecache_67.2.dr, chromecache_75.2.dr |
String found in binary or memory: https://lodash.com/ |
Source: chromecache_67.2.dr, chromecache_75.2.dr |
String found in binary or memory: https://lodash.com/license |
Source: chromecache_67.2.dr, chromecache_75.2.dr |
String found in binary or memory: https://npms.io/search?q=ponyfill. |
Source: chromecache_67.2.dr, chromecache_75.2.dr |
String found in binary or memory: https://openjsf.org/ |
Source: chromecache_81.2.dr, chromecache_64.2.dr |
String found in binary or memory: https://raw.githubusercontent.com/Dogfalo/materialize/master/LICENSE) |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49744 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49743 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49742 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49741 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49763 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49672 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49740 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49762 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49761 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49760 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49741 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49748 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49743 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49760 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49762 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49745 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49751 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49737 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49759 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49759 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49755 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49756 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49755 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49675 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49775 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49751 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49750 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49672 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49740 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49742 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49761 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49749 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49763 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49744 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49775 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49750 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49749 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49748 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49737 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49745 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49756 -> 443 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49751 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49763 version: TLS 1.2 |
Source: classification engine |
Classification label: mal60.phis.win@17/30@22/11 |
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1892,i,17908469950601066209,13384380030667321609,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
|
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://autoiothiatowers.web.app/0.05389702077273273" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1892,i,17908469950601066209,13384380030667321609,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: Window Recorder |
Window detected: More than 3 window changes detected |