Windows Analysis Report
http://idtyvfyfmst.weebly.com

Overview

General Information

Sample URL:	http://idtyvfyfmst.weebly.com
Analysis ID:	1501333
Infos:

Detection

HTMLPhisher

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected HtmlPhish10

Detected non-DNS traffic on DNS port

Suricata IDS alerts with low severity for network traffic

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://idtyvfyfmst.weebly.com

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_154, type: DROPPED

Source: https://idtyvfyfmst.weebly.com/

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:61727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:61750 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:61723 -> 1.1.1.1:53

Suricata IDS alerts with low severity for network traffic

Source: Network traffic	Suricata IDS: 2032366 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com M1 2016-02-02 : 74.115.51.9:443 -> 192.168.2.4:49738
Source: Network traffic	Suricata IDS: 2032367 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com M2 2016-02-02 : 74.115.51.9:443 -> 192.168.2.4:49738
Source: Network traffic	Suricata IDS: 2032394 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com 2016-06-22 : 74.115.51.9:443 -> 192.168.2.4:49738

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA
Source: global traffic	HTTP traffic detected: GET /css/sites.css?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/old/fancybox.css?1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/social-icons.css?buildtime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/main_style.css?1724943568 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /fonts/Oxygen/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Pacifico/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Roboto/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/templateArtifacts.js?1724943568 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /fonts/Lora/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/News_Cycle/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18_orig.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/jquery-1.8.3.min.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1724854534& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18-1_orig.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/theme-plugins.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/templateArtifacts.js?1724943568 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1724854534& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=163422-163422If-Range: "66cf29e9-2dc68"
Source: global traffic	HTTP traffic detected: GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1724854534& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=163422-187495If-Range: "66cf29e9-2dc68"
Source: global traffic	HTTP traffic detected: GET /js/site/footerSignup.js?buildTime=1724945711 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/background-images/950758153.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18-1_orig.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/theme-plugins.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/main.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18_orig.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/plugins.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/custom.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main-customer-accounts-site.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/theme/mobile.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/background-images/1365786280.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1724854534& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/footerSignup.js?buildTime=1724945711 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/background-images/950758153.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /fonts/Oxygen/regular.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://idtyvfyfmst.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Oxygen/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Roboto/bold.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://idtyvfyfmst.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Roboto/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /js/wsnbn/snowday262.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/theme/custom.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/mobile.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/plugins.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/background-images/1365786280.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main-customer-accounts-site.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/wsnbn/snowday262.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en; _snow_ses.49cd=; _snow_id.49cd=8687ff70-ce9b-4ad4-a12d-dad9e0d711b4.1724950356.1.1724950356.1724950356.ac348fb1-0f91-4612-94e4-627095f77d2d
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en; _snow_ses.49cd=*; _snow_id.49cd=8687ff70-ce9b-4ad4-a12d-dad9e0d711b4.1724950356.1.1724950356.1724950356.ac348fb1-0f91-4612-94e4-627095f77d2d
Source: global traffic	HTTP traffic detected: GET /com.snowplowanalytics.snowplow/tp2 HTTP/1.1Host: ec.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sp=7c502930-0c88-4fe3-acd9-7935a4a7494e
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: idtyvfyfmst.weebly.com
Source: global traffic	DNS traffic detected: DNS query: cdn2.editmysite.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ec.editmysite.com

Source: unknown

HTTP traffic detected: POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1Host: ec.editmysite.comConnection: keep-aliveContent-Length: 1960sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json; charset=UTF-8Accept: */*Origin: https://idtyvfyfmst.weebly.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_148.2.dr, chromecache_157.2.dr	String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: http://www.google-analytics.com
Source: chromecache_147.2.dr, chromecache_155.2.dr	String found in binary or memory: https://cdn2.editmysite.com/js/
Source: chromecache_154.2.dr	String found in binary or memory: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Source: chromecache_148.2.dr, chromecache_157.2.dr	String found in binary or memory: https://github.com/imakewebthings/jquery-waypoints/blob/master/licenses.txt
Source: chromecache_154.2.dr	String found in binary or memory: https://idtyvfyfmst.weebly.com/
Source: chromecache_154.2.dr	String found in binary or memory: https://idtyvfyfmst.weebly.com/uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18-1_ori
Source: chromecache_154.2.dr	String found in binary or memory: https://idtyvfyfmst.weebly.com/uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18_orig.
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: https://ssl.google-analytics.com
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: https://ssl.google-analytics.com/j/__utm.gif
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect?
Source: chromecache_148.2.dr, chromecache_157.2.dr	String found in binary or memory: https://twitter.com/jacobrossi/status/480596438489890816
Source: chromecache_151.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences?
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: https://www.google.com/analytics/web/inpage/pub/inpage.js?
Source: chromecache_154.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_154.2.dr	String found in binary or memory: https://www.weebly.com/signup?utm_source=internal&utm_medium=footer

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 61734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61749
Source: unknown	Network traffic detected: HTTP traffic on port 61743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61742
Source: unknown	Network traffic detected: HTTP traffic on port 61737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61754
Source: unknown	Network traffic detected: HTTP traffic on port 61748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61759
Source: unknown	Network traffic detected: HTTP traffic on port 61754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61751
Source: unknown	Network traffic detected: HTTP traffic on port 61759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61765
Source: unknown	Network traffic detected: HTTP traffic on port 61751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61764
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61774
Source: unknown	Network traffic detected: HTTP traffic on port 61738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61729
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61727
Source: unknown	Network traffic detected: HTTP traffic on port 61726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 61741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61736
Source: unknown	Network traffic detected: HTTP traffic on port 61746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61737
Source: unknown	Network traffic detected: HTTP traffic on port 61729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61739
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:61727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:61750 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@22/79@16/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1672,i,2498292291490774219,4592983950563196552,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://idtyvfyfmst.weebly.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1672,i,2498292291490774219,4592983950563196552,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
151.101.193.46	unknown	United States	54113	FASTLYUS	false
74.115.51.8	idtyvfyfmst.weebly.com	United States	27647	WEEBLYUS	false
74.115.51.9	unknown	United States	27647	WEEBLYUS	false
52.40.136.209	unknown	United States	16509	AMAZON-02US	false
151.101.1.46	weebly.map.fastly.net	United States	54113	FASTLYUS	false
142.250.185.132	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
52.38.248.139	sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.4
192.168.2.6

Contacted Domains

Name	IP	Active
idtyvfyfmst.weebly.com	74.115.51.8	true
sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com	52.38.248.139	true
weebly.map.fastly.net	151.101.1.46	true
www.google.com	142.250.185.132	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
ec.editmysite.com	unknown	unknown
cdn2.editmysite.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://idtyvfyfmst.weebly.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/fonts/News_Cycle/font.css?2	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/fonts/Lora/font.css?2	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/js/site/main.js?buildTime=1724854534	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/css/old/fancybox.css?1724854534	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/fonts/Pacifico/font.css?2	false	Avira URL Cloud: safe	unknown
https://idtyvfyfmst.weebly.com/files/theme/plugins.js?1516665135	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1724854534	false	Avira URL Cloud: safe	unknown
http://idtyvfyfmst.weebly.com/	true	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/js/jquery-1.8.3.min.js	false	Avira URL Cloud: safe	unknown
https://idtyvfyfmst.weebly.com/uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18_orig.jpeg	false	Avira URL Cloud: safe	unknown
https://idtyvfyfmst.weebly.com/uploads/1/5/0/6/150649166/background-images/950758153.jpeg	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1724854534&	false	Avira URL Cloud: safe	unknown
https://idtyvfyfmst.weebly.com/uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18-1_orig.jpeg	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/fonts/Roboto/bold.woff2	false	Avira URL Cloud: safe	unknown
https://idtyvfyfmst.weebly.com/	false		unknown
https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2	false	URL Reputation: safe	unknown
https://idtyvfyfmst.weebly.com/files/main_style.css?1724943568	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1724945711	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/fonts/Roboto/font.css?2	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/css/social-icons.css?buildtime=1724854534	false	Avira URL Cloud: safe	unknown
https://idtyvfyfmst.weebly.com/files/theme/mobile.js?1516665135	false	Avira URL Cloud: safe	unknown
https://idtyvfyfmst.weebly.com/uploads/1/5/0/6/150649166/background-images/1365786280.jpeg	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/js/wsnbn/snowday262.js	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/fonts/Oxygen/font.css?2	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/css/sites.css?buildTime=1724854534	false	Avira URL Cloud: safe	unknown
https://idtyvfyfmst.weebly.com/files/templateArtifacts.js?1724943568	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/js/site/theme-plugins.js?buildTime=1724854534	false	Avira URL Cloud: safe	unknown
https://idtyvfyfmst.weebly.com/files/theme/custom.js?1516665135	false	Avira URL Cloud: safe	unknown
https://cdn2.editmysite.com/fonts/Oxygen/regular.woff2	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 133	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x188, components 1	AC8E9744CB6DA9A76CF007CDB9218489	E480AE36E037A13C6619C2F566459BA5C0C05C86	76ECA458B37375B966A7F288262254C4DD6CC9527AC0D365CEB6BE1655D92634
Chrome Cache Entry: 134	ASCII text, with very long lines (32147)	016FFAE66513FCAE583BCC64A0B66869	CD2CCF7CC47BD6ADBC1FB46F8A88D610824F7037	55F966D09AFC4A653A1F26B57E57412D5C42191D5692157D94110B23CA74C9D2
Chrome Cache Entry: 135	ASCII text, with no line terminators	9759AA211A2830AB4709465F07D7E6DC	593B181D2C09246C1FBB9EFE9D27A339CFCA0717	55EA07D447A4F67BF3C7C5288F5FC54DB26E7EF7768063A19EFE4CA4BB548A04
Chrome Cache Entry: 136	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x188, components 1	AC8E9744CB6DA9A76CF007CDB9218489	E480AE36E037A13C6619C2F566459BA5C0C05C86	76ECA458B37375B966A7F288262254C4DD6CC9527AC0D365CEB6BE1655D92634
Chrome Cache Entry: 137	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	4D27526198AC873CCEC96935198E0FB9	B98D8B73AD6A0F7477C3397561B4AAB37BF262AA	40A2146151863BCF46C786D596E81A308D1B0D26D74635BE441E92656F29B1B4
Chrome Cache Entry: 138	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1100x689, components 3	A4CA4B270C85D431D4C9FCAE9B36EE00	92D80EA45ADABB9BE2BB9B3C2733EFE3DA5D94AC	CC34B58F93CE62CF27A8910FC96D1A1B010A147F596EB058073EE248BEB04438
Chrome Cache Entry: 139	ASCII text	34863E9B0DEA461B974BD0A0F05A4197	E152445BDF379331F5800F01DD2832BC2A7B24E0	382771D6EE786A644AE1E41DF8DE0C815C572FD5A83FFBCD0B4B9D77A8DE347D
Chrome Cache Entry: 140	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x188, components 1	AC8E9744CB6DA9A76CF007CDB9218489	E480AE36E037A13C6619C2F566459BA5C0C05C86	76ECA458B37375B966A7F288262254C4DD6CC9527AC0D365CEB6BE1655D92634
Chrome Cache Entry: 141	ASCII text, with very long lines (32029)	5295FC679EEA80780246F38A98DF4119	AB671B1376AE82788886E2E18C4FDB7B7AC6FCC7	C1CD4E7693F8C40D13259E8AC271CD0B6870875CA6C69B78D50AEDE9EEB63B67
Chrome Cache Entry: 142	Web Open Font Format (Version 2), TrueType, length 15860, version 1.0	E9F5AAF547F165386CD313B995DDDD8E	ACDEF5603C2387B0E5BFFD744B679A24A8BC1968	F5AEBDFEA35D1E7656EF4ACC5DB1F243209755AE3300943EF8FC6280F363C860
Chrome Cache Entry: 143	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	4D27526198AC873CCEC96935198E0FB9	B98D8B73AD6A0F7477C3397561B4AAB37BF262AA	40A2146151863BCF46C786D596E81A308D1B0D26D74635BE441E92656F29B1B4
Chrome Cache Entry: 144	ASCII text, with very long lines (2512)	99BBE560926E583B8E99036251DEB783	8D81B73AE06F664F9D9E53DD5829A799BF434491	648E766BF519673F9A90CC336CBECEDE80DCBE3419B43D36ECBB25D88F5584A3
Chrome Cache Entry: 145	ASCII text, with very long lines (3910)	1DCEBBB5A1EB8B028310CEEB72A339B3	E254B7A35AC189FD1CE9CF8BD78593BEBFE27D7D	865CB87DE9FC4D6530EDCE21F0103107ABAE6ABE45CABDFF2AD9AF067B3D8E0A
Chrome Cache Entry: 146	ASCII text, with very long lines (65024)	F0B78CD42142EA43D52682266F170ADF	F830FC2592E8E08D425D8137E9AEFCDAE884CD89	BEDFAFC1C7CDC9BE81CF5B836F6BD001FC4C25DEC659DC22EE78B4DAFB98E31C
Chrome Cache Entry: 147	ASCII text, with very long lines (3600), with no line terminators	40B81B2D52BA9D2E2C64C31FF6A24CD7	6B5689250661646ECBB841F2475F1556A113373C	E06BACA13F25DF9C7D684FC1B1FDFBBBB95070A1D5A9CD648632DA7BCCC90B96
Chrome Cache Entry: 148	ASCII text	4CF5477130F7311A5F0AF1ECAF425EE4	14AA67219073D67C2C04DB1D2E2ACD706CFB6BDA	B83C1BDB86AE601A4A54799C364306DD922E98D5FDDC177D404611BF1A2706F3
Chrome Cache Entry: 149	ASCII text	05F181094C6A399A6A095B872FDD62A2	DCD242A26E18EAA525C20AE2BC6E32D2393664F6	926C730CD097087583D7B2EAF8CFA55FABCB061F576CFBF154BE708DFE672C77
Chrome Cache Entry: 150	ASCII text, with very long lines (12622), with no line terminators	E5269CDEE742866FD3840352BE0D0238	69A87E60837EF2AACC63DBF8AD0C11288D86D809	31E2ACD46027F7DD6C2910580DFBC039DD50280A0596AFC845928F657857AFAA
Chrome Cache Entry: 151	ASCII text, with very long lines (1305)	E9372F0EBBCF71F851E3D321EF2A8E5A	2C7D19D1AF7D97085C977D1B69DCB8B84483D87C	1259EA99BD76596239BFD3102C679EB0A5052578DC526B0452F4D42F8BCDD45F
Chrome Cache Entry: 152	ASCII text	B0C65F1AB616EC4033504E6404856092	46831CB69A173F9F0729B2448BE977C146516A71	E73201BB09A6A17470F054C6941B24C51A2512FA2F6AB394CA32D42F5488198A
Chrome Cache Entry: 153	ASCII text	3015C5033C752FD4140E3C6977E11802	62712DE66B03C1B56767CEF7D9310C781ADE7E07	9D0206874A8E943595530CC766E86F99CF776C1EB5726619A79BD1D9919122AB
Chrome Cache Entry: 154	HTML document, ASCII text, with very long lines (915), with CRLF, LF line terminators	B33070184E8E4620344D6D04D9D045EA	035CE93CFFA35AC7B5CBE4635A42C276470549F7	4BC1A81ED1CA86CC49BDAD599422E3D31329E61C3ED1A1C93FA77EBDEE14F322
Chrome Cache Entry: 155	ASCII text, with very long lines (3600), with no line terminators	40B81B2D52BA9D2E2C64C31FF6A24CD7	6B5689250661646ECBB841F2475F1556A113373C	E06BACA13F25DF9C7D684FC1B1FDFBBBB95070A1D5A9CD648632DA7BCCC90B96
Chrome Cache Entry: 156	ASCII text	428A6A35FF81F3F17D516E447CBFA606	73B876668C417277423EDD1B2E1F70275F73DAD3	69822A307CB14D50CB0B33DACD3CA2B281AA05EE910AF0A2A969A60AB055F1AA
Chrome Cache Entry: 157	ASCII text	4CF5477130F7311A5F0AF1ECAF425EE4	14AA67219073D67C2C04DB1D2E2ACD706CFB6BDA	B83C1BDB86AE601A4A54799C364306DD922E98D5FDDC177D404611BF1A2706F3
Chrome Cache Entry: 158	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1100x710, components 3	B03493B184B797C96C3E65DFC851823C	70C86F535AE0939CF591B28858B3E4539FB5A9AE	7F97F49DA49266CA43FFE3660BAB3A9F9FA24371DA47212F2B270ADB6E402742
Chrome Cache Entry: 159	Web Open Font Format (Version 2), TrueType, length 16348, version 1.0	8DC707B4818131FAB44D482B1DB5D458	8A0FF82B12FA25391CE17A6AE069D7FE5002F12D	9E64F128D5352D04EA5C87031E4CF1AD204B72A0AFB003ECE52EEB997D28A570
Chrome Cache Entry: 160	ASCII text, with very long lines (32147)	016FFAE66513FCAE583BCC64A0B66869	CD2CCF7CC47BD6ADBC1FB46F8A88D610824F7037	55F966D09AFC4A653A1F26B57E57412D5C42191D5692157D94110B23CA74C9D2
Chrome Cache Entry: 161	ASCII text, with very long lines (1305)	E9372F0EBBCF71F851E3D321EF2A8E5A	2C7D19D1AF7D97085C977D1B69DCB8B84483D87C	1259EA99BD76596239BFD3102C679EB0A5052578DC526B0452F4D42F8BCDD45F
Chrome Cache Entry: 162	ASCII text, with very long lines (1043)	67B75A9DE692F509B72154B2C9FDAB29	482B0F4DF9DE754817FB5F511C84034D5A1A0A86	9BB586012056C7F1C35455D46E030717B38247281D9FCB3379297AF76EE57489
Chrome Cache Entry: 163	exported SGML document, ASCII text, with very long lines (1630)	AE81AB7069097A055829FB9919258138	7DC529F16FB595BBBFC5937ADFE1D0A5CF563F8A	5A630B41E7C3D34392BCB150A5731B6261BC6314D71D5DB8407A646AF15BF8AF
Chrome Cache Entry: 164	PNG image data, 199 x 97, 8-bit colormap, non-interlaced	6E0F7AD31BF187E0D88FC5787573BA71	14E8B85CC32A01C8901E4AC0160582D29A45E9E6	580EF6409E067A4EC4A427400C7D6216184869E2DA53343DF20753CC1F8A46CD
Chrome Cache Entry: 165	ASCII text, with very long lines (2512)	99BBE560926E583B8E99036251DEB783	8D81B73AE06F664F9D9E53DD5829A799BF434491	648E766BF519673F9A90CC336CBECEDE80DCBE3419B43D36ECBB25D88F5584A3
Chrome Cache Entry: 166	ASCII text, with very long lines (13080)	D3087986E01B6B4E2060E5990CCA2CAE	91C694DE4E9972778D9D3F96D69521BD85E048C6	A399D2A06C60318E148F6C58DA3E090B188238767E06F8F2D8893C9A03261102
Chrome Cache Entry: 167	ASCII text, with very long lines (65536), with no line terminators	025F5BACD3035E5CF943BD87A2FCF845	BC2526C2F2263CE2C3672D99C63E901C0ABF7445	5ECAB7CE27F2BC2FCDD78CB016D7E8908AF282B3914A1993B26CB7CBC84039B3
Chrome Cache Entry: 168	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1100x689, components 3	A4CA4B270C85D431D4C9FCAE9B36EE00	92D80EA45ADABB9BE2BB9B3C2733EFE3DA5D94AC	CC34B58F93CE62CF27A8910FC96D1A1B010A147F596EB058073EE248BEB04438
Chrome Cache Entry: 169	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x188, components 1	AC8E9744CB6DA9A76CF007CDB9218489	E480AE36E037A13C6619C2F566459BA5C0C05C86	76ECA458B37375B966A7F288262254C4DD6CC9527AC0D365CEB6BE1655D92634
Chrome Cache Entry: 170	ASCII text, with very long lines (64863)	2029F97918EAE5B514B60984E4906997	7615ABE1E8DF950F0CD56F251F15C41616B7D8D6	43B2BA7CB4DA00054F3478C3D9288C6876CD8AA46CF39326B5BEF27C6F848004
Chrome Cache Entry: 171	ASCII text, with very long lines (12622), with no line terminators	E5269CDEE742866FD3840352BE0D0238	69A87E60837EF2AACC63DBF8AD0C11288D86D809	31E2ACD46027F7DD6C2910580DFBC039DD50280A0596AFC845928F657857AFAA
Chrome Cache Entry: 172	ASCII text	B0C65F1AB616EC4033504E6404856092	46831CB69A173F9F0729B2448BE977C146516A71	E73201BB09A6A17470F054C6941B24C51A2512FA2F6AB394CA32D42F5488198A
Chrome Cache Entry: 173	ASCII text	163A6925F8F91D79E28154A268F51BCC	822A254EBC05653A14B0C7BDFA7F1896F25483A7	FF75812498F3DE5082E87FA3855E064CA2552D7E805C50EB10FA898D4B8EDFBA
Chrome Cache Entry: 174	exported SGML document, ASCII text, with very long lines (1630)	AE81AB7069097A055829FB9919258138	7DC529F16FB595BBBFC5937ADFE1D0A5CF563F8A	5A630B41E7C3D34392BCB150A5731B6261BC6314D71D5DB8407A646AF15BF8AF
Chrome Cache Entry: 175	ASCII text	975DABECA35D34F88438E998C2253463	5021FEB52CB8368BBEA67BD415ED6E0E8911FEE9	2633E107E31AB6F570D822EB8A5DD35A61774468AE059119A017EE2A350708BA
Chrome Cache Entry: 176	ASCII text	975DABECA35D34F88438E998C2253463	5021FEB52CB8368BBEA67BD415ED6E0E8911FEE9	2633E107E31AB6F570D822EB8A5DD35A61774468AE059119A017EE2A350708BA
Chrome Cache Entry: 177	PNG image data, 199 x 97, 8-bit colormap, non-interlaced	6E0F7AD31BF187E0D88FC5787573BA71	14E8B85CC32A01C8901E4AC0160582D29A45E9E6	580EF6409E067A4EC4A427400C7D6216184869E2DA53343DF20753CC1F8A46CD
Chrome Cache Entry: 178	ASCII text, with very long lines (32029)	5295FC679EEA80780246F38A98DF4119	AB671B1376AE82788886E2E18C4FDB7B7AC6FCC7	C1CD4E7693F8C40D13259E8AC271CD0B6870875CA6C69B78D50AEDE9EEB63B67
Chrome Cache Entry: 179	ASCII text, with very long lines (65024)	F0B78CD42142EA43D52682266F170ADF	F830FC2592E8E08D425D8137E9AEFCDAE884CD89	BEDFAFC1C7CDC9BE81CF5B836F6BD001FC4C25DEC659DC22EE78B4DAFB98E31C
Chrome Cache Entry: 180	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1100x710, components 3	B03493B184B797C96C3E65DFC851823C	70C86F535AE0939CF591B28858B3E4539FB5A9AE	7F97F49DA49266CA43FFE3660BAB3A9F9FA24371DA47212F2B270ADB6E402742

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://idtyvfyfmst.weebly.com

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_154, type: DROPPED

Source: https://idtyvfyfmst.weebly.com/

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:61727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:61750 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:61723 -> 1.1.1.1:53

Suricata IDS alerts with low severity for network traffic

Source: Network traffic	Suricata IDS: 2032366 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com M1 2016-02-02 : 74.115.51.9:443 -> 192.168.2.4:49738
Source: Network traffic	Suricata IDS: 2032367 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com M2 2016-02-02 : 74.115.51.9:443 -> 192.168.2.4:49738
Source: Network traffic	Suricata IDS: 2032394 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com 2016-06-22 : 74.115.51.9:443 -> 192.168.2.4:49738

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA
Source: global traffic	HTTP traffic detected: GET /css/sites.css?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/old/fancybox.css?1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/social-icons.css?buildtime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/main_style.css?1724943568 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /fonts/Oxygen/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Pacifico/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Roboto/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/templateArtifacts.js?1724943568 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /fonts/Lora/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/News_Cycle/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18_orig.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/jquery-1.8.3.min.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1724854534& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18-1_orig.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/theme-plugins.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/templateArtifacts.js?1724943568 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1724854534& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=163422-163422If-Range: "66cf29e9-2dc68"
Source: global traffic	HTTP traffic detected: GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1724854534& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=163422-187495If-Range: "66cf29e9-2dc68"
Source: global traffic	HTTP traffic detected: GET /js/site/footerSignup.js?buildTime=1724945711 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/background-images/950758153.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18-1_orig.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/theme-plugins.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/main.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18_orig.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/plugins.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/custom.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main-customer-accounts-site.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/theme/mobile.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/background-images/1365786280.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1724854534& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/footerSignup.js?buildTime=1724945711 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/background-images/950758153.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /fonts/Oxygen/regular.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://idtyvfyfmst.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Oxygen/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Roboto/bold.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://idtyvfyfmst.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Roboto/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /js/wsnbn/snowday262.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/theme/custom.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/mobile.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/plugins.js?1516665135 HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/6/150649166/background-images/1365786280.jpeg HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main-customer-accounts-site.js?buildTime=1724854534 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/wsnbn/snowday262.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://idtyvfyfmst.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en; _snow_ses.49cd=; _snow_id.49cd=8687ff70-ce9b-4ad4-a12d-dad9e0d711b4.1724950356.1.1724950356.1724950356.ac348fb1-0f91-4612-94e4-627095f77d2d
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=O9bEgT4Hq79kcPZkZqwbdwHhy2fuomzxsKi6XGxF8Sg-1724950349-1.0.1.1-QBfQ_RQwRno.lxwxUPIIaVGe6pJgaRj.zNixijbszXivyr8td.ErXpt_e8e0gEQ61Bs4Rvd..v1ccTsgKbyVjA; language=en; _snow_ses.49cd=*; _snow_id.49cd=8687ff70-ce9b-4ad4-a12d-dad9e0d711b4.1724950356.1.1724950356.1724950356.ac348fb1-0f91-4612-94e4-627095f77d2d
Source: global traffic	HTTP traffic detected: GET /com.snowplowanalytics.snowplow/tp2 HTTP/1.1Host: ec.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sp=7c502930-0c88-4fe3-acd9-7935a4a7494e
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: idtyvfyfmst.weebly.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: idtyvfyfmst.weebly.com
Source: global traffic	DNS traffic detected: DNS query: cdn2.editmysite.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ec.editmysite.com

Source: unknown

Source: chromecache_148.2.dr, chromecache_157.2.dr	String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: http://www.google-analytics.com
Source: chromecache_147.2.dr, chromecache_155.2.dr	String found in binary or memory: https://cdn2.editmysite.com/js/
Source: chromecache_154.2.dr	String found in binary or memory: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Source: chromecache_148.2.dr, chromecache_157.2.dr	String found in binary or memory: https://github.com/imakewebthings/jquery-waypoints/blob/master/licenses.txt
Source: chromecache_154.2.dr	String found in binary or memory: https://idtyvfyfmst.weebly.com/
Source: chromecache_154.2.dr	String found in binary or memory: https://idtyvfyfmst.weebly.com/uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18-1_ori
Source: chromecache_154.2.dr	String found in binary or memory: https://idtyvfyfmst.weebly.com/uploads/1/5/0/6/150649166/whatsapp-image-2024-08-28-at-03-55-18_orig.
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: https://ssl.google-analytics.com
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: https://ssl.google-analytics.com/j/__utm.gif
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect?
Source: chromecache_148.2.dr, chromecache_157.2.dr	String found in binary or memory: https://twitter.com/jacobrossi/status/480596438489890816
Source: chromecache_151.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences?
Source: chromecache_161.2.dr, chromecache_151.2.dr	String found in binary or memory: https://www.google.com/analytics/web/inpage/pub/inpage.js?
Source: chromecache_154.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_154.2.dr	String found in binary or memory: https://www.weebly.com/signup?utm_source=internal&utm_medium=footer

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 61734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61749
Source: unknown	Network traffic detected: HTTP traffic on port 61743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61742
Source: unknown	Network traffic detected: HTTP traffic on port 61737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61754
Source: unknown	Network traffic detected: HTTP traffic on port 61748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61759
Source: unknown	Network traffic detected: HTTP traffic on port 61754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61751
Source: unknown	Network traffic detected: HTTP traffic on port 61759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61765
Source: unknown	Network traffic detected: HTTP traffic on port 61751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61764
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61774
Source: unknown	Network traffic detected: HTTP traffic on port 61738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61729
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61727
Source: unknown	Network traffic detected: HTTP traffic on port 61726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 61741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61736
Source: unknown	Network traffic detected: HTTP traffic on port 61746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61737
Source: unknown	Network traffic detected: HTTP traffic on port 61729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61739
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:61727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:61750 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@22/79@16/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1672,i,2498292291490774219,4592983950563196552,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://idtyvfyfmst.weebly.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1672,i,2498292291490774219,4592983950563196552,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1501333
Product:	CloudBasic
Start time:	18:51:34
Start date:	29.08.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://idtyvfyfmst.weebly.com

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://idtyvfyfmst.weebly.com

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://idtyvfyfmst.weebly.com