Windows Analysis Report
https://mail33.godaddysites.com/

Overview

General Information

Sample URL:	https://mail33.godaddysites.com/
Analysis ID:	1521181
Infos:

Detection

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Multi AV Scanner detection for domain / URL

Multi AV Scanner detection for submitted file

Detected non-DNS traffic on DNS port

HTML page contains hidden javascript code

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://mail33.godaddysites.com/

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Multi AV Scanner detection for domain / URL

Source: mail33.godaddysites.com

Virustotal: Detection: 15%

Perma Link

Multi AV Scanner detection for submitted file

Source: https://mail33.godaddysites.com/

Virustotal: Detection: 16%

Perma Link

Phishing

AI detected phishing page

Source: https://mail33.godaddysites.com/	LLM: Score: 9 Reasons: The brand AT&T is a well-known telecommunications company., The legitimate domain for AT&T is att.com., The provided URL (mail33.godaddysites.com) does not match the legitimate domain for AT&T., The URL uses a subdomain (mail33) and a different primary domain (godaddysites.com), which is not associated with AT&T., The use of a different domain (godaddysites.com) is suspicious and commonly used in phishing attempts. DOM: 0.6.pages.csv
Source: https://mail33.godaddysites.com/	LLM: Score: 9 Reasons: The legitimate domain for AT&T is att.com., The provided URL (mail33.godaddysites.com) does not match the legitimate domain., The URL uses a subdomain (mail33) and a different primary domain (godaddysites.com), which is not associated with AT&T., The presence of input fields for User ID and Password on a non-legitimate domain is a common phishing tactic. DOM: 0.0.pages.csv

HTML page contains hidden javascript code

Source: https://mail33.godaddysites.com/

HTTP Parser: Base64 decoded: utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_banner"}

Source: https://mail33.godaddysites.com/

HTTP Parser: No favicon

Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49765 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:49494 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /markup/ad HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /i.gif?e=eyJ2IjoiMS4xMiIsImF2IjoxMzc5NjY0LCJhdCI6MjQ0NywiYnQiOjAsImNtIjozNjk2NjY5OTcsImNoIjo1NDQ0NSwiY2siOnt9LCJjciI6NDA4ODkzMDIyLCJkaSI6Ijc0ODgzYmM5OGJmNzQ5Y2FhM2JlY2ZmMmNjYmI1Y2UzIiwiZGoiOjAsImlpIjoiYjUzYjI4OTAyMjNjNDkxMmJjYWMzZGM1OWYzOWNjNWUiLCJkbSI6MywiZmMiOjU4Mzk1MjEyMywiZmwiOjU3MTk5NDU0MywiaXAiOiI2NC4yMDIuMTYwLjAiLCJrdyI6Int7a2V5d29yZH19IiwibnciOjEwNjYzLCJwYyI6MCwib3AiOjAsIm1wIjowLCJlYyI6MCwiZ20iOjAsImVwIjpudWxsLCJwciI6MjE4NDY1LCJydCI6MSwicnMiOjUwMCwic2EiOiI1MiIsInNiIjoiaS0wYjQ5OTg3NDE5ODVjNWJmNiIsInNwIjozNDk2NzIsInN0IjoxMjc2MjY0LCJ1ayI6InVlMS01ZDI1YzI3ODM0NWQ0NDAyYWNhYWI1ZmQ1MDVmODJiNCIsInpuIjozMDc0OTUsInRzIjoxNzI3NDk0NTE5MjIyLCJwbiI6IndhbSIsImdjIjp0cnVlLCJnQyI6dHJ1ZSwiZ3MiOiJub25lIiwiZGMiOjEsInR6IjoiVVRDIiwiYmEiOjEsImZxIjowfQ&s=la8IUwTCiUNymS4uFhk-3YBSSh4&publisher_website_key=wam.md5.4e57dd4ee20ba0f2b57932dbb6a63187 HTTP/1.1Host: ms.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /markup/ad HTTP/1.1Host: mail33.godaddysites.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /i.gif?e=eyJ2IjoiMS4xMiIsImF2IjoxMzc5NjY0LCJhdCI6MjQ0NywiYnQiOjAsImNtIjozNjk2NjY5OTcsImNoIjo1NDQ0NSwiY2siOnt9LCJjciI6NDA4ODkzMDIyLCJkaSI6Ijc0ODgzYmM5OGJmNzQ5Y2FhM2JlY2ZmMmNjYmI1Y2UzIiwiZGoiOjAsImlpIjoiYjUzYjI4OTAyMjNjNDkxMmJjYWMzZGM1OWYzOWNjNWUiLCJkbSI6MywiZmMiOjU4Mzk1MjEyMywiZmwiOjU3MTk5NDU0MywiaXAiOiI2NC4yMDIuMTYwLjAiLCJrdyI6Int7a2V5d29yZH19IiwibnciOjEwNjYzLCJwYyI6MCwib3AiOjAsIm1wIjowLCJlYyI6MCwiZ20iOjAsImVwIjpudWxsLCJwciI6MjE4NDY1LCJydCI6MSwicnMiOjUwMCwic2EiOiI1MiIsInNiIjoiaS0wYjQ5OTg3NDE5ODVjNWJmNiIsInNwIjozNDk2NzIsInN0IjoxMjc2MjY0LCJ1ayI6InVlMS01ZDI1YzI3ODM0NWQ0NDAyYWNhYWI1ZmQ1MDVmODJiNCIsInpuIjozMDc0OTUsInRzIjoxNzI3NDk0NTE5MjIyLCJwbiI6IndhbSIsImdjIjp0cnVlLCJnQyI6dHJ1ZSwiZ3MiOiJub25lIiwiZGMiOjEsInR6IjoiVVRDIiwiYmEiOjEsImZxIjowfQ&s=la8IUwTCiUNymS4uFhk-3YBSSh4&publisher_website_key=wam.md5.4e57dd4ee20ba0f2b57932dbb6a63187 HTTP/1.1Host: ms.godaddy.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: azk=ue1-5d25c278345d4402acaab5fd505f82b4; azk-ss=true
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: mail33.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://mail33.godaddysites.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3/recaptcha HTTP/1.1Host: contact.apps-api.instantpage.secureserver.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://mail33.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mail33.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_ HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3/recaptcha HTTP/1.1Host: contact.apps-api.instantpage.secureserver.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_ HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tYWlsMzMuZ29kYWRkeXNpdGVzLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=ttf4ufmktujh HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tYWlsMzMuZ29kYWRkeXNpdGVzLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=ttf4ufmktujhAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tYWlsMzMuZ29kYWRkeXNpdGVzLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=ttf4ufmktujhAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: mail33.godaddysites.com
Source: global traffic	DNS traffic detected: DNS query: img1.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: isteam.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ms.godaddy.com
Source: global traffic	DNS traffic detected: DNS query: contact.apps-api.instantpage.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: 241.42.69.40.in-addr.arpa

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundLink: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.34.7.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossoriginCache-Control: max-age=30Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.comContent-Type: text/html;charset=utf-8Vary: Accept-EncodingServer: DPS/2.0.0+sha-227ca78X-Version: 227ca78X-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Sat, 28 Sep 2024 03:35:26 GMTConnection: closeTransfer-Encoding: chunked

Source: chromecache_164.1.dr, chromecache_115.1.dr, chromecache_165.1.dr, chromecache_98.1.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_91.1.dr	String found in binary or memory: https://contact.apps-api.instantpage.secureserver.net
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://github.com/clauseggers/Playfair-Display)
Source: chromecache_154.1.dr, chromecache_119.1.dr	String found in binary or memory: https://github.com/lancedikson/bowser
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqW106F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtk6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWu06F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuk6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWxU6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2)
Source: chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/isteam/ip/b15a93f7-3b3b-447d-a4b5-98e3dc9769f1/AT%26T_logo_.png
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc
Source: chromecache_91.1.dr	String found in binary or memory: https://mail.godaddysites.com/
Source: chromecache_181.1.dr	String found in binary or memory: https://mail.godaddysites.com/404
Source: chromecache_153.1.dr, chromecache_126.1.dr	String found in binary or memory: https://ms.godaddy.com/i.gif?e=eyJ2IjoiMS4xMiIsImF2IjoxMzc5NjY0LCJhdCI6MjQ0NywiYnQiOjAsImNtIjoz
Source: chromecache_153.1.dr, chromecache_126.1.dr	String found in binary or memory: https://ms.godaddy.com/r?e=eyJ2IjoiMS4xMiIsImF2IjoxMzc5NjY0LCJhdCI6MjQ0NywiYnQiOjAsImNtIjozNjk2
Source: chromecache_168.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_91.1.dr	String found in binary or memory: https://policies.google.com/privacy
Source: chromecache_91.1.dr	String found in binary or memory: https://policies.google.com/terms
Source: chromecache_168.1.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_168.1.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_174.1.dr, chromecache_103.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_177.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.
Source: chromecache_131.1.dr, chromecache_106.1.dr, chromecache_101.1.dr, chromecache_177.1.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49765 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.win@17/154@29/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1676,i,2499375781031443177,1263258385363923790,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://mail33.godaddysites.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1676,i,2499375781031443177,1263258385363923790,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.36	unknown	United States	15169	GOOGLEUS	false
3.121.64.201	isteam.wsimg.com	United States	16509	AMAZON-02US	false
216.58.212.164	www.google.com	United States	15169	GOOGLEUS	false
13.248.243.5	mail33.godaddysites.com	United States	16509	AMAZON-02US	true
45.40.130.49	proxy.k8s.pnc.phx.secureserver.net	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.164	unknown	United States	15169	GOOGLEUS	false
142.250.186.164	unknown	United States	15169	GOOGLEUS	false
34.250.180.246	e-prod-alb-s102-eu-west-1-02.adzerk.net	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.4
192.168.2.5

Contacted Domains

Name	IP	Active
mail33.godaddysites.com	13.248.243.5	true
proxy.k8s.pnc.phx.secureserver.net	45.40.130.49	true
e-prod-alb-s102-eu-west-1-02.adzerk.net	34.250.180.246	true
www.google.com	216.58.212.164	true
isteam.wsimg.com	3.121.64.201	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
img1.wsimg.com	unknown	unknown
241.42.69.40.in-addr.arpa	unknown	unknown
ms.godaddy.com	unknown	unknown
contact.apps-api.instantpage.secureserver.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js	false	0%, Virustotal, Browse	unknown
https://mail33.godaddysites.com/sw.js	true		unknown
https://mail33.godaddysites.com/favicon.ico	true		unknown
https://mail33.godaddysites.com/	true		unknown
https://contact.apps-api.instantpage.secureserver.net/v3/recaptcha	false	0%, Virustotal, Browse	unknown
https://www.google.com/recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_	false	1%, Virustotal, Browse	unknown
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY	false	0%, Virustotal, Browse	unknown
https://ms.godaddy.com/i.gif?e=eyJ2IjoiMS4xMiIsImF2IjoxMzc5NjY0LCJhdCI6MjQ0NywiYnQiOjAsImNtIjozNjk2NjY5OTcsImNoIjo1NDQ0NSwiY2siOnt9LCJjciI6NDA4ODkzMDIyLCJkaSI6Ijc0ODgzYmM5OGJmNzQ5Y2FhM2JlY2ZmMmNjYmI1Y2UzIiwiZGoiOjAsImlpIjoiYjUzYjI4OTAyMjNjNDkxMmJjYWMzZGM1OWYzOWNjNWUiLCJkbSI6MywiZmMiOjU4Mzk1MjEyMywiZmwiOjU3MTk5NDU0MywiaXAiOiI2NC4yMDIuMTYwLjAiLCJrdyI6Int7a2V5d29yZH19IiwibnciOjEwNjYzLCJwYyI6MCwib3AiOjAsIm1wIjowLCJlYyI6MCwiZ20iOjAsImVwIjpudWxsLCJwciI6MjE4NDY1LCJydCI6MSwicnMiOjUwMCwic2EiOiI1MiIsInNiIjoiaS0wYjQ5OTg3NDE5ODVjNWJmNiIsInNwIjozNDk2NzIsInN0IjoxMjc2MjY0LCJ1ayI6InVlMS01ZDI1YzI3ODM0NWQ0NDAyYWNhYWI1ZmQ1MDVmODJiNCIsInpuIjozMDc0OTUsInRzIjoxNzI3NDk0NTE5MjIyLCJwbiI6IndhbSIsImdjIjp0cnVlLCJnQyI6dHJ1ZSwiZ3MiOiJub25lIiwiZGMiOjEsInR6IjoiVVRDIiwiYmEiOjEsImZxIjowfQ&s=la8IUwTCiUNymS4uFhk-3YBSSh4&publisher_website_key=wam.md5.4e57dd4ee20ba0f2b57932dbb6a63187	false		unknown
https://mail33.godaddysites.com/manifest.webmanifest	true		unknown
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tYWlsMzMuZ29kYWRkeXNpdGVzLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=ttf4ufmktujh	false		unknown
https://mail33.godaddysites.com/markup/ad	true		unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with very long lines (1352)	BBC377A5A14CAB044687128BF320EC9B	AAE3B5A17F7C156DB812EB0EDC42925775D29D3C	2FEBC6A5E682FA23A35E302816955AE357173A6E32C0B4C6F9B317F295B40C23
Chrome Cache Entry: 101	ASCII text, with very long lines (1468), with no line terminators	65EB48C6ECD52F98BA6C8DF95A7C2321	B14A8F70D89C2083D3A2F2FE33B5F0B7D82F71EA	F62C5790D40D4E6744EBA267A9A801B48F0121457E7AF1547F8734E406EC26D6
Chrome Cache Entry: 102	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0	5D4AEB4E5F5EF754E307D7FFAEF688BD	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
Chrome Cache Entry: 103	ASCII text, with very long lines (2475)	3643D154757C760303339C47CEC56C47	E3B8AAE5BA2FAD8757B664B75FBFB50C3A49B370	98191917C68CC992FE05BD0C2BE0D132D0B12FF0A190D7B93425E4303E053E11
Chrome Cache Entry: 104	ASCII text, with very long lines (16761)	C1F5CAECE668FBE0D94F7EB03ACF4616	A22168D5EC1B4D260AEA8D1CB496A29F331673F4	1EFFFA1742904DCDB59C9AF6E504187C83CCB9EC00C977AF610B50B400C98A78
Chrome Cache Entry: 105	ASCII text	C56A3C01C8DF9B14371DAA1F4241803D	453EB3D23B86688CDAD143E90E9FEB502F090CF3	6B27F2A6E1F6C9C520D4DB215EBB255F27FCD559A906F5802EACE9754E3FFF61
Chrome Cache Entry: 106	ASCII text, with no line terminators	59EE3965FCB16F88E9BDC20B9CD8612E	3D93A27E4DAC9DDA01DC5BBCCA9E1F53E827DAF2	020A92F2FB27981D1398F916AE17400F8F11473962EBD858B7BF6901814EDD7B
Chrome Cache Entry: 107	ASCII text, with very long lines (608)	E4F1F68799B205BD274B0B0BAFDD270B	5A7B8E67B8352044396666327FB9DC1FD3547F8E	3E70A6DFA38838ACC67E68EA0CEA39386F98D68D55C509F86785654D35FAB463
Chrome Cache Entry: 108	ASCII text, with very long lines (32922), with no line terminators	4D6AF572D0A5C316EC1CE95B4FC1ECE7	E34529850B1A2905F714E640BB67D98944CDC304	3576494759AC5FA90CB51B34E63B6112D37919EC5CCF5C9321145BDA54ADCC93
Chrome Cache Entry: 109	ASCII text, with very long lines (1809)	7112942BE59D2FE97C50ADA22C640FA7	64863C928776A59DA08B95722D963ED83AD1DD11	1BF0EF11C7A47F6399224C0BEF519AE58F5756EA422051B3DCBEDC643A72ABFB
Chrome Cache Entry: 110	ASCII text, with very long lines (853)	9FB360D8BB466F0F00AB949C544E81CD	0701E1B32E958B7964CBF327E2C847629FC6170E	952B4D5BBB6DA7BE37A3997984FFDA5EB7EA67F361FC9E80C92484ABFF9001C7
Chrome Cache Entry: 111	ASCII text, with very long lines (1211)	CB9BFA0FBDD957FBE7F4841B70341DB2	9CAD12A3580D3E4D340CB867E88B687C75564C5A	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
Chrome Cache Entry: 112	ASCII text, with very long lines (52036)	813EB73AD12FC878D7537DFEEDE0DC9D	E99E4F2AC870BA78D118415688583A5FAA2AD2D7	0F5F84CAF8449F7C45DBAE0075F7B7CC0928089EBB90EECCA48842A79EA26076
Chrome Cache Entry: 113	Web Open Font Format (Version 2), TrueType, length 50296, version 1.0	B02AB8B0D683A0457568340DBA20309E	E18C3B8737970D37BE1BB85B0F588303A89E63BB	0D8601A776B7DC777CD23BC42392D05A43DF0D6402328E8913B58811083B513D
Chrome Cache Entry: 114	ASCII text, with very long lines (17998)	59D00FA56FB8B29068D96A431A52AE7B	9F8C5455383C49873A60CAEBACB1DECAAE0F909E	76E6DCC56BA185BAB0F2E68B485146BC42E79395A67DF0F7C23A18790677DE09
Chrome Cache Entry: 115	Unicode text, UTF-8 text, with very long lines (20947)	753CB19EE1A756E46FAA0F118B1B4E01	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
Chrome Cache Entry: 116	ASCII text	8F12765EB30FBDCFCDC116D13F7FC272	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
Chrome Cache Entry: 117	ASCII text, with very long lines (464)	5F154A7FA7F1766669690629E31D4FC0	F29869E8F680CAB986A0181F4A5C7850A9DEEF9E	B1EB1C1FDBD0B4C262C77C116BE730209ED46F03040AE937E0C4C2AC7A45570C
Chrome Cache Entry: 118	ASCII text, with very long lines (52036)	813EB73AD12FC878D7537DFEEDE0DC9D	E99E4F2AC870BA78D118415688583A5FAA2AD2D7	0F5F84CAF8449F7C45DBAE0075F7B7CC0928089EBB90EECCA48842A79EA26076
Chrome Cache Entry: 119	ASCII text, with very long lines (38970)	4722AF1C22D292D35241538F7736AD48	2FBCFF3AB13FC9F6B094EDBBF459BB21E6D5AE5F	93447B59405D5626D29FB34CE3571E177A36789223BBD27A6AA2BE06FCAB5595
Chrome Cache Entry: 120	ASCII text, with very long lines (905)	62A914B2C847D4D02B76164D7A2A54C6	20D9F49A90A51FA6C8420640610DF77F7A96D919	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
Chrome Cache Entry: 121	ASCII text, with very long lines (19192)	6D3EF447E600919E9121A206F95927FF	3E71AD791A7A64143286A2509FA05A4EC51E2626	D878A5BC1169E8045C7AE719FB461AF86A9ACAE70DED2DF5674FE8BB2AE52393
Chrome Cache Entry: 122	ASCII text, with very long lines (383)	21AD22788E6CAA18A4E9E57F7372B108	50EBDD2452193BEAB7D1899F788FBBF32D90DD55	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
Chrome Cache Entry: 123	ASCII text	DAA79AD7558674F6A12D962ABF47F2F6	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
Chrome Cache Entry: 124	ASCII text, with very long lines (853)	9FB360D8BB466F0F00AB949C544E81CD	0701E1B32E958B7964CBF327E2C847629FC6170E	952B4D5BBB6DA7BE37A3997984FFDA5EB7EA67F361FC9E80C92484ABFF9001C7
Chrome Cache Entry: 125	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0	285467176F7FE6BB6A9C6873B3DAD2CC	EA04E4FF5142DDD69307C183DEF721A160E0A64E	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
Chrome Cache Entry: 126	HTML document, ASCII text, with very long lines (1781)	5BDDDC82044157FF48206C44A36805D7	279F53E809CC81900534843991AE1DA9F3F2937F	B59511F3FEDFFDBB09C8A94192D838F2F0C4C19EA1FC0F978F417C9AFF071408
Chrome Cache Entry: 127	JSON data	BD2719C68690AB59F6ADE432E4F66D45	2C0C85B7DF71726868538F1286F7F1DE7A85AD81	0FA1F5CEC7FC7479F0683F1C5BE0B1DE14BDCA9C23AFC23A7DE7B25C56CF7240
Chrome Cache Entry: 128	PNG image data, 183 x 75, 8-bit colormap, non-interlaced	E8E06F4D564D5B856B1A5D2B55C5CED9	B37618618B3712B806E4A84CBF0FE405FAC42985	B0B8AE57B01CCDE17A5D42B097B64356EAE2C96AA11C8A3A9D6F96BDD835D659
Chrome Cache Entry: 129	ASCII text	C56A3C01C8DF9B14371DAA1F4241803D	453EB3D23B86688CDAD143E90E9FEB502F090CF3	6B27F2A6E1F6C9C520D4DB215EBB255F27FCD559A906F5802EACE9754E3FFF61
Chrome Cache Entry: 130	ASCII text, with very long lines (383)	21AD22788E6CAA18A4E9E57F7372B108	50EBDD2452193BEAB7D1899F788FBBF32D90DD55	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
Chrome Cache Entry: 131	ASCII text, with no line terminators	59EE3965FCB16F88E9BDC20B9CD8612E	3D93A27E4DAC9DDA01DC5BBCCA9E1F53E827DAF2	020A92F2FB27981D1398F916AE17400F8F11473962EBD858B7BF6901814EDD7B
Chrome Cache Entry: 132	Web Open Font Format (Version 2), TrueType, length 28584, version 1.66	17081510F3A6F2F619EC8C6F244523C7	87F34B2A1532C50F2A424C345D03FE028DB35635	2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
Chrome Cache Entry: 133	ASCII text	DAA79AD7558674F6A12D962ABF47F2F6	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
Chrome Cache Entry: 134	PNG image data, 468 x 192, 8-bit/color RGBA, non-interlaced	468D4F10C8E3A8A4BD7E8A4CF4C65857	EB7D5C6B06B3DD8985D11F3FCC280A2AFAC99C40	086520B0025DEE70AA7BF326B45A2E26CE8D7D9716D90CFA999D27B234B3CF4C
Chrome Cache Entry: 135	ASCII text, with no line terminators	AFB69DF47958EB78B4E941270772BD6A	D9FE9A625E906FF25C1F165E7872B1D9C731E78E	874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878
Chrome Cache Entry: 136	ASCII text	8578A331AD09BB2EF6359FEC3916BEFC	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
Chrome Cache Entry: 137	ASCII text, with very long lines (724)	33AFF52B82A1DF246136E75500D93220	4675754451AF81F996EAB925923C31EF5115A9F4	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
Chrome Cache Entry: 138	ASCII text, with very long lines (367)	401821742DEF46C40D4CF5F0121C8BEC	1852305A4F2D7E120F9B7BD185790B98CDF9BFA6	462D8298239BC61418760DB4204CD135D990537E625782D059CB9D3A1D0266A4
Chrome Cache Entry: 139	ASCII text, with very long lines (12251)	DFB4BEE7C6378574342CDFCE62FDD1D7	75679AE1470880C7209353283879CB58C010621B	BFF3C0C2907BCFFD63DEDC687B8FCA61197E8B783C644B3D665AC3620C383E3C
Chrome Cache Entry: 140	ASCII text, with very long lines (651)	7B01FCDF2048E82F4DF741791CD44F61	D1D126931B5D6937B1496E7950342D6A06F361B9	CBC04C06117804A9A97013C97A0714B027DF8279C5F1D0FD0478756A0944AEE6
Chrome Cache Entry: 141	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 142	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 143	ASCII text, with very long lines (330)	C86B7F8224FA45FB1682AC94D8F75AC6	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
Chrome Cache Entry: 144	ASCII text	8578A331AD09BB2EF6359FEC3916BEFC	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
Chrome Cache Entry: 145	ASCII text, with very long lines (608)	E4F1F68799B205BD274B0B0BAFDD270B	5A7B8E67B8352044396666327FB9DC1FD3547F8E	3E70A6DFA38838ACC67E68EA0CEA39386F98D68D55C509F86785654D35FAB463
Chrome Cache Entry: 146	Web Open Font Format (Version 2), TrueType, length 38372, version 1.0	16ECEC131289CA4925D35C0515B28D9F	E2CBE7EC2BB494226EA423C7A7353B0E18B304C2	CB8CAC32D5CEF83E7674916378C2F47BDBBA7E6E6BD936F8026A58AC4E71FA53
Chrome Cache Entry: 147	ASCII text, with very long lines (3043)	852CBC5322260E00B44F2C682F88B2C7	BCAF229E6134F43EB5F974C9891E4D16FAF1D344	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
Chrome Cache Entry: 148	ASCII text, with no line terminators	178C857B571F3BD8C2DC20783EED13BA	C331D56403991CE18A7055ED80017032E9E8C7AD	ECD63E3A6F90AB34AF6095919E3D27094D9B01A4BFC748B890FD635926787A91
Chrome Cache Entry: 149	RIFF (little-endian) data, Web/P image	F73E12B77A968FCFA9CF86100F59A2E3	03A6136429215E464767AA18FBEE5E2C4E182A00	8C6BAEC5488A1FF0E6A27297DF3E052D4370140A673DCDC2BFB93285773F8B29
Chrome Cache Entry: 150	ASCII text, with very long lines (367)	401821742DEF46C40D4CF5F0121C8BEC	1852305A4F2D7E120F9B7BD185790B98CDF9BFA6	462D8298239BC61418760DB4204CD135D990537E625782D059CB9D3A1D0266A4
Chrome Cache Entry: 151	ASCII text, with very long lines (330)	C86B7F8224FA45FB1682AC94D8F75AC6	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
Chrome Cache Entry: 152	ASCII text, with no line terminators	0D89F833B0926945F92B57AB5BB95661	939C666D27C640417BE44FCEEB760E4C3E9F01C4	E188D587649C1F443E75631DC0654480DE3E3497A8D211024B1388B76C8D531F
Chrome Cache Entry: 153	HTML document, ASCII text, with very long lines (1781)	23A9F8B54E4DA58E1263E01B741A187F	B9C3669E8848BE5055803AE63148474CCA57ACEB	A9B1615413AA0F739FCB4E41EB300194F17A8175AC861107C644B688D4DE70AA
Chrome Cache Entry: 154	ASCII text, with very long lines (38970)	4722AF1C22D292D35241538F7736AD48	2FBCFF3AB13FC9F6B094EDBBF459BB21E6D5AE5F	93447B59405D5626D29FB34CE3571E177A36789223BBD27A6AA2BE06FCAB5595
Chrome Cache Entry: 155	ASCII text, with very long lines (1352)	BBC377A5A14CAB044687128BF320EC9B	AAE3B5A17F7C156DB812EB0EDC42925775D29D3C	2FEBC6A5E682FA23A35E302816955AE357173A6E32C0B4C6F9B317F295B40C23
Chrome Cache Entry: 156	ASCII text, with very long lines (3043)	852CBC5322260E00B44F2C682F88B2C7	BCAF229E6134F43EB5F974C9891E4D16FAF1D344	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
Chrome Cache Entry: 157	ASCII text	8F12765EB30FBDCFCDC116D13F7FC272	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
Chrome Cache Entry: 158	Web Open Font Format (Version 2), TrueType, length 48236, version 1.0	015C126A3520C9A8F6A27979D0266E96	2ACF956561D44434A6D84204670CF849D3215D5F	3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
Chrome Cache Entry: 159	ASCII text, with very long lines (65536), with no line terminators	2B008C6AB525F4EC8781E5E0790E5075	2D62789947E3A19BDB89BDD13CCB58D1934BC033	74A91F8813ED283DBA9D018AF197F92A50C245F867264DD5118D79C7F269823F
Chrome Cache Entry: 160	ASCII text, with very long lines (1211)	CB9BFA0FBDD957FBE7F4841B70341DB2	9CAD12A3580D3E4D340CB867E88B687C75564C5A	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
Chrome Cache Entry: 161	ASCII text, with very long lines (829)	9219CF782ED219BD3929A51E99503BC2	6AAC399854EC0405949566FAFDCA8C121F0CDA58	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
Chrome Cache Entry: 162	ASCII text, with very long lines (65536), with no line terminators	0CA290F7801B0434CFE66A0F300A324C	0891B431E5F2671A211DDD8F03ACF1D07792F076	0C613DC5F9E10DFF735C7A102433381C97B89C4A26CE26C78D9FFAD1ADDDC528
Chrome Cache Entry: 163	ASCII text, with very long lines (442)	5F10DF611C856F376981BE4DFBD17753	4463A27419B2FDFDBD81770C74DEE2E74BE948E0	EBD2BA2A0E879AE2CEC7D513324E04346153A581BE3AA202662E6C9D5B1CE6E1
Chrome Cache Entry: 164	Unicode text, UTF-8 text, with very long lines (20947)	753CB19EE1A756E46FAA0F118B1B4E01	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
Chrome Cache Entry: 165	Unicode text, UTF-8 text, with very long lines (63425)	1AC6EB1F47C6D412432A60133B2306AC	DAE75F5418C2C99DF45FD30F0273C10CD1FC7A1A	74ABBA2D59115A7C57239FE2609BA14A55B44995AB09170671B19D195E1278F3
Chrome Cache Entry: 166	ASCII text, with very long lines (522)	FADB3719FFA2A9E96CDC64FFEA0220FA	B9B00833E59E99ECE036B518D8429AF5EFEC1163	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
Chrome Cache Entry: 167	ASCII text, with very long lines (464)	5F154A7FA7F1766669690629E31D4FC0	F29869E8F680CAB986A0181F4A5C7850A9DEEF9E	B1EB1C1FDBD0B4C262C77C116BE730209ED46F03040AE937E0C4C2AC7A45570C
Chrome Cache Entry: 168	ASCII text, with very long lines (724)	33AFF52B82A1DF246136E75500D93220	4675754451AF81F996EAB925923C31EF5115A9F4	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
Chrome Cache Entry: 169	ASCII text, with no line terminators	AF05BEF606994073C2A519D80367BCA1	FE34580AFFC241BCB693C4821734C33A29F49759	B4816058BB78E50ADB95057CFEFB4C0D09C9FBB13215DB5380ADDABEF30EC5AC
Chrome Cache Entry: 170	ASCII text, with very long lines (1809)	7112942BE59D2FE97C50ADA22C640FA7	64863C928776A59DA08B95722D963ED83AD1DD11	1BF0EF11C7A47F6399224C0BEF519AE58F5756EA422051B3DCBEDC643A72ABFB
Chrome Cache Entry: 171	ASCII text, with very long lines (12251)	DFB4BEE7C6378574342CDFCE62FDD1D7	75679AE1470880C7209353283879CB58C010621B	BFF3C0C2907BCFFD63DEDC687B8FCA61197E8B783C644B3D665AC3620C383E3C
Chrome Cache Entry: 172	ASCII text, with very long lines (852)	1CCD3C1052745E96CE686CC6F6143F10	0B19BB42233073967E22FE75572E12908E70A8C9	F075FEFC90D97DA32D93AB7A2C9660A9D73B41A3B022497C8E6683CB6F98BF88
Chrome Cache Entry: 173	ASCII text, with very long lines (19192)	6D3EF447E600919E9121A206F95927FF	3E71AD791A7A64143286A2509FA05A4EC51E2626	D878A5BC1169E8045C7AE719FB461AF86A9ACAE70DED2DF5674FE8BB2AE52393
Chrome Cache Entry: 174	ASCII text, with very long lines (2475)	3643D154757C760303339C47CEC56C47	E3B8AAE5BA2FAD8757B664B75FBFB50C3A49B370	98191917C68CC992FE05BD0C2BE0D132D0B12FF0A190D7B93425E4303E053E11
Chrome Cache Entry: 175	ASCII text, with very long lines (1824)	EDC15AD5DAAC3CFA744BFFDB1E0174BE	E314A5CA702D0E77B2C2C023ADDADE266EA223B2	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
Chrome Cache Entry: 176	ASCII text, with very long lines (829)	9219CF782ED219BD3929A51E99503BC2	6AAC399854EC0405949566FAFDCA8C121F0CDA58	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
Chrome Cache Entry: 177	ASCII text, with very long lines (1468), with no line terminators	65EB48C6ECD52F98BA6C8DF95A7C2321	B14A8F70D89C2083D3A2F2FE33B5F0B7D82F71EA	F62C5790D40D4E6744EBA267A9A801B48F0121457E7AF1547F8734E406EC26D6
Chrome Cache Entry: 178	ASCII text, with very long lines (522)	FADB3719FFA2A9E96CDC64FFEA0220FA	B9B00833E59E99ECE036B518D8429AF5EFEC1163	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
Chrome Cache Entry: 179	ASCII text, with very long lines (16761)	C1F5CAECE668FBE0D94F7EB03ACF4616	A22168D5EC1B4D260AEA8D1CB496A29F331673F4	1EFFFA1742904DCDB59C9AF6E504187C83CCB9EC00C977AF610B50B400C98A78
Chrome Cache Entry: 180	JSON data	9C3981A9867E5550B8D0B15752097180	FC9C9BC4C97C6393F0C168E8EDF99C2520C65CB4	9BE601A8246265CAF7A9BBF703805A320499234908B81BB8361589AC81CCEAD7
Chrome Cache Entry: 181	HTML document, Unicode text, UTF-8 text, with very long lines (4341)	551AA3C70B236FE502AD454B1BE3EE42	B50D602D345C2A942D6D8244B98AEB2E1A00A322	F171BBB879DC40B998A5E9404D7475CBFEC17743A3AEEE0E53CFA24BFB709F98
Chrome Cache Entry: 182	ASCII text, with very long lines (65536), with no line terminators	2B008C6AB525F4EC8781E5E0790E5075	2D62789947E3A19BDB89BDD13CCB58D1934BC033	74A91F8813ED283DBA9D018AF197F92A50C245F867264DD5118D79C7F269823F
Chrome Cache Entry: 183	ASCII text, with very long lines (1824)	EDC15AD5DAAC3CFA744BFFDB1E0174BE	E314A5CA702D0E77B2C2C023ADDADE266EA223B2	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
Chrome Cache Entry: 184	RIFF (little-endian) data, Web/P image	2F9BC593A65A6A6A5B99C162AE43C3B4	E64C84269915F417C0B775CAE9241EE9FA370CE4	02E1C7EAF47E1B15F871108ABDABDDBCF5577F869A2FCD989538C75557E3C205
Chrome Cache Entry: 88	ASCII text, with very long lines (442)	5F10DF611C856F376981BE4DFBD17753	4463A27419B2FDFDBD81770C74DEE2E74BE948E0	EBD2BA2A0E879AE2CEC7D513324E04346153A581BE3AA202662E6C9D5B1CE6E1
Chrome Cache Entry: 89	ASCII text, with very long lines (852)	1CCD3C1052745E96CE686CC6F6143F10	0B19BB42233073967E22FE75572E12908E70A8C9	F075FEFC90D97DA32D93AB7A2C9660A9D73B41A3B022497C8E6683CB6F98BF88
Chrome Cache Entry: 90	JSON data	9C3981A9867E5550B8D0B15752097180	FC9C9BC4C97C6393F0C168E8EDF99C2520C65CB4	9BE601A8246265CAF7A9BBF703805A320499234908B81BB8361589AC81CCEAD7
Chrome Cache Entry: 91	HTML document, ASCII text, with very long lines (1662)	F85EBCABB146DB2A2F4D931FFB361731	55A5F4AFA618ED65565C680BE8349A932740B955	2D2696680CFA64908384C999EBFADE800519E0ED6880C9E209FAA6993521CB4A
Chrome Cache Entry: 92	ASCII text, with very long lines (1352)	5CC6B93D41889C0A55C6C4FCD2D89713	51A59C1DAE337817C4EBAC39FBE61C232705A893	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
Chrome Cache Entry: 93	ASCII text, with very long lines (17998)	59D00FA56FB8B29068D96A431A52AE7B	9F8C5455383C49873A60CAEBACB1DECAAE0F909E	76E6DCC56BA185BAB0F2E68B485146BC42E79395A67DF0F7C23A18790677DE09
Chrome Cache Entry: 94	ASCII text, with very long lines (905)	62A914B2C847D4D02B76164D7A2A54C6	20D9F49A90A51FA6C8420640610DF77F7A96D919	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
Chrome Cache Entry: 95	ASCII text, with very long lines (651)	7B01FCDF2048E82F4DF741791CD44F61	D1D126931B5D6937B1496E7950342D6A06F361B9	CBC04C06117804A9A97013C97A0714B027DF8279C5F1D0FD0478756A0944AEE6
Chrome Cache Entry: 96	ASCII text, with very long lines (1352)	5CC6B93D41889C0A55C6C4FCD2D89713	51A59C1DAE337817C4EBAC39FBE61C232705A893	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
Chrome Cache Entry: 97	Web Open Font Format (Version 2), TrueType, length 28000, version 1.66	A4BCA6C95FED0D0C5CC46CF07710DCEC	73B56E33B82B42921DB8702A33EFD0F2B2EC9794	5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
Chrome Cache Entry: 98	Unicode text, UTF-8 text, with very long lines (63425)	1AC6EB1F47C6D412432A60133B2306AC	DAE75F5418C2C99DF45FD30F0273C10CD1FC7A1A	74ABBA2D59115A7C57239FE2609BA14A55B44995AB09170671B19D195E1278F3
Chrome Cache Entry: 99	ASCII text, with very long lines (724)	33AFF52B82A1DF246136E75500D93220	4675754451AF81F996EAB925923C31EF5115A9F4	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://mail33.godaddysites.com/

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Multi AV Scanner detection for domain / URL

Source: mail33.godaddysites.com

Virustotal: Detection: 15%

Perma Link

Multi AV Scanner detection for submitted file

Source: https://mail33.godaddysites.com/

Virustotal: Detection: 16%

Perma Link

Phishing

AI detected phishing page

Source: https://mail33.godaddysites.com/	LLM: Score: 9 Reasons: The brand AT&T is a well-known telecommunications company., The legitimate domain for AT&T is att.com., The provided URL (mail33.godaddysites.com) does not match the legitimate domain for AT&T., The URL uses a subdomain (mail33) and a different primary domain (godaddysites.com), which is not associated with AT&T., The use of a different domain (godaddysites.com) is suspicious and commonly used in phishing attempts. DOM: 0.6.pages.csv
Source: https://mail33.godaddysites.com/	LLM: Score: 9 Reasons: The legitimate domain for AT&T is att.com., The provided URL (mail33.godaddysites.com) does not match the legitimate domain., The URL uses a subdomain (mail33) and a different primary domain (godaddysites.com), which is not associated with AT&T., The presence of input fields for User ID and Password on a non-legitimate domain is a common phishing tactic. DOM: 0.0.pages.csv

HTML page contains hidden javascript code

Source: https://mail33.godaddysites.com/

HTTP Parser: Base64 decoded: utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_banner"}

Source: https://mail33.godaddysites.com/

HTTP Parser: No favicon

Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://mail33.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49765 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:49494 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /markup/ad HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /i.gif?e=eyJ2IjoiMS4xMiIsImF2IjoxMzc5NjY0LCJhdCI6MjQ0NywiYnQiOjAsImNtIjozNjk2NjY5OTcsImNoIjo1NDQ0NSwiY2siOnt9LCJjciI6NDA4ODkzMDIyLCJkaSI6Ijc0ODgzYmM5OGJmNzQ5Y2FhM2JlY2ZmMmNjYmI1Y2UzIiwiZGoiOjAsImlpIjoiYjUzYjI4OTAyMjNjNDkxMmJjYWMzZGM1OWYzOWNjNWUiLCJkbSI6MywiZmMiOjU4Mzk1MjEyMywiZmwiOjU3MTk5NDU0MywiaXAiOiI2NC4yMDIuMTYwLjAiLCJrdyI6Int7a2V5d29yZH19IiwibnciOjEwNjYzLCJwYyI6MCwib3AiOjAsIm1wIjowLCJlYyI6MCwiZ20iOjAsImVwIjpudWxsLCJwciI6MjE4NDY1LCJydCI6MSwicnMiOjUwMCwic2EiOiI1MiIsInNiIjoiaS0wYjQ5OTg3NDE5ODVjNWJmNiIsInNwIjozNDk2NzIsInN0IjoxMjc2MjY0LCJ1ayI6InVlMS01ZDI1YzI3ODM0NWQ0NDAyYWNhYWI1ZmQ1MDVmODJiNCIsInpuIjozMDc0OTUsInRzIjoxNzI3NDk0NTE5MjIyLCJwbiI6IndhbSIsImdjIjp0cnVlLCJnQyI6dHJ1ZSwiZ3MiOiJub25lIiwiZGMiOjEsInR6IjoiVVRDIiwiYmEiOjEsImZxIjowfQ&s=la8IUwTCiUNymS4uFhk-3YBSSh4&publisher_website_key=wam.md5.4e57dd4ee20ba0f2b57932dbb6a63187 HTTP/1.1Host: ms.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /markup/ad HTTP/1.1Host: mail33.godaddysites.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /i.gif?e=eyJ2IjoiMS4xMiIsImF2IjoxMzc5NjY0LCJhdCI6MjQ0NywiYnQiOjAsImNtIjozNjk2NjY5OTcsImNoIjo1NDQ0NSwiY2siOnt9LCJjciI6NDA4ODkzMDIyLCJkaSI6Ijc0ODgzYmM5OGJmNzQ5Y2FhM2JlY2ZmMmNjYmI1Y2UzIiwiZGoiOjAsImlpIjoiYjUzYjI4OTAyMjNjNDkxMmJjYWMzZGM1OWYzOWNjNWUiLCJkbSI6MywiZmMiOjU4Mzk1MjEyMywiZmwiOjU3MTk5NDU0MywiaXAiOiI2NC4yMDIuMTYwLjAiLCJrdyI6Int7a2V5d29yZH19IiwibnciOjEwNjYzLCJwYyI6MCwib3AiOjAsIm1wIjowLCJlYyI6MCwiZ20iOjAsImVwIjpudWxsLCJwciI6MjE4NDY1LCJydCI6MSwicnMiOjUwMCwic2EiOiI1MiIsInNiIjoiaS0wYjQ5OTg3NDE5ODVjNWJmNiIsInNwIjozNDk2NzIsInN0IjoxMjc2MjY0LCJ1ayI6InVlMS01ZDI1YzI3ODM0NWQ0NDAyYWNhYWI1ZmQ1MDVmODJiNCIsInpuIjozMDc0OTUsInRzIjoxNzI3NDk0NTE5MjIyLCJwbiI6IndhbSIsImdjIjp0cnVlLCJnQyI6dHJ1ZSwiZ3MiOiJub25lIiwiZGMiOjEsInR6IjoiVVRDIiwiYmEiOjEsImZxIjowfQ&s=la8IUwTCiUNymS4uFhk-3YBSSh4&publisher_website_key=wam.md5.4e57dd4ee20ba0f2b57932dbb6a63187 HTTP/1.1Host: ms.godaddy.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: azk=ue1-5d25c278345d4402acaab5fd505f82b4; azk-ss=true
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: mail33.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://mail33.godaddysites.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3/recaptcha HTTP/1.1Host: contact.apps-api.instantpage.secureserver.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://mail33.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: mail33.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mail33.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_ HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3/recaptcha HTTP/1.1Host: contact.apps-api.instantpage.secureserver.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_ HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tYWlsMzMuZ29kYWRkeXNpdGVzLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=ttf4ufmktujh HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://mail33.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tYWlsMzMuZ29kYWRkeXNpdGVzLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=ttf4ufmktujhAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tYWlsMzMuZ29kYWRkeXNpdGVzLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=ttf4ufmktujhAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: mail33.godaddysites.com
Source: global traffic	DNS traffic detected: DNS query: img1.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: isteam.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ms.godaddy.com
Source: global traffic	DNS traffic detected: DNS query: contact.apps-api.instantpage.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: 241.42.69.40.in-addr.arpa

Source: global traffic

Source: chromecache_164.1.dr, chromecache_115.1.dr, chromecache_165.1.dr, chromecache_98.1.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_91.1.dr	String found in binary or memory: https://contact.apps-api.instantpage.secureserver.net
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://github.com/clauseggers/Playfair-Display)
Source: chromecache_154.1.dr, chromecache_119.1.dr	String found in binary or memory: https://github.com/lancedikson/bowser
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqW106F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtk6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWu06F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuk6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWxU6F15M.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2)
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2)
Source: chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/isteam/ip/b15a93f7-3b3b-447d-a4b5-98e3dc9769f1/AT%26T_logo_.png
Source: chromecache_181.1.dr, chromecache_91.1.dr	String found in binary or memory: https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc
Source: chromecache_91.1.dr	String found in binary or memory: https://mail.godaddysites.com/
Source: chromecache_181.1.dr	String found in binary or memory: https://mail.godaddysites.com/404
Source: chromecache_153.1.dr, chromecache_126.1.dr	String found in binary or memory: https://ms.godaddy.com/i.gif?e=eyJ2IjoiMS4xMiIsImF2IjoxMzc5NjY0LCJhdCI6MjQ0NywiYnQiOjAsImNtIjoz
Source: chromecache_153.1.dr, chromecache_126.1.dr	String found in binary or memory: https://ms.godaddy.com/r?e=eyJ2IjoiMS4xMiIsImF2IjoxMzc5NjY0LCJhdCI6MjQ0NywiYnQiOjAsImNtIjozNjk2
Source: chromecache_168.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_91.1.dr	String found in binary or memory: https://policies.google.com/privacy
Source: chromecache_91.1.dr	String found in binary or memory: https://policies.google.com/terms
Source: chromecache_168.1.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_168.1.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_174.1.dr, chromecache_103.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_177.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_99.1.dr, chromecache_137.1.dr, chromecache_168.1.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.
Source: chromecache_131.1.dr, chromecache_106.1.dr, chromecache_101.1.dr, chromecache_177.1.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49765 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.win@17/154@29/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1676,i,2499375781031443177,1263258385363923790,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://mail33.godaddysites.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1676,i,2499375781031443177,1263258385363923790,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1521181
Product:	CloudBasic
Start time:	05:34:20
Start date:	28.09.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://mail33.godaddysites.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://mail33.godaddysites.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://mail33.godaddysites.com/