Windows Analysis Report
https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html

Overview

General Information

Sample URL:	https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html
Analysis ID:	1521777
Tags:	openphish
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Multi AV Scanner detection for submitted file

Detected non-DNS traffic on DNS port

Classification

Signatures

AV Detection

Multi AV Scanner detection for submitted file

Source: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html

Virustotal: Detection: 13%

Perma Link

Source: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:64394 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:49740 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:64390 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 2.16.164.97
Source: unknown	TCP traffic detected without corresponding DNS query: 2.16.164.97
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 2.16.164.97
Source: unknown	TCP traffic detected without corresponding DNS query: 2.16.164.97
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ledge.html HTTP/1.1Host: pub-38e912f981004cb7857cf5826c7f1c1b.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.1.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.3.1.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/UMX9jlahOh2Y.css HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/download.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/download1.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/mfkNbEskGSwj.svg HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Yzvm8sG7noXg.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.1.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.3.1.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/download.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/download1.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/Crypto/fonts.png HTTP/1.1Host: 0174meldingen.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://newmedappdate.netlify.app/Folder/UMX9jlahOh2Y.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/mfkNbEskGSwj.svg HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/WZ0i3ciKJp19.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Yzvm8sG7noXg.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/8Sy1Q1E1EfZN.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/eGfjLjEcIGAc.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/a9SypYD4A2v9.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Bflfh7PtIV1m.mov HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Language: en-US,en;q=0.9Range: bytes=0-
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /Folder/Bflfh7PtIV1m.mov HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Language: en-US,en;q=0.9Range: bytes=786432-820217If-Range: "d3779301f4f187459d906e549889d7c5-ssl"
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pub-38e912f981004cb7857cf5826c7f1c1b.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Bflfh7PtIV1m.mov HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Language: en-US,en;q=0.9Range: bytes=65536-139263If-None-Match: "d3779301f4f187459d906e549889d7c5-ssl"
Source: global traffic	HTTP traffic detected: GET /Folder/WZ0i3ciKJp19.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/8Sy1Q1E1EfZN.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/a9SypYD4A2v9.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/eGfjLjEcIGAc.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Bflfh7PtIV1m.mov HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Language: en-US,en;q=0.9Range: bytes=139264-786431If-Range: "d3779301f4f187459d906e549889d7c5-ssl"

Source: global traffic	DNS traffic detected: DNS query: pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev
Source: global traffic	DNS traffic detected: DNS query: newmedappdate.netlify.app
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: 0174meldingen.online
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 29 Sep 2024 01:36:09 GMTServer: ApacheContent-Length: 0Connection: closeContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 29 Sep 2024 01:36:14 GMTContent-Type: text/htmlContent-Length: 27150Connection: closeServer: cloudflareCF-RAY: 8ca83db8be8a0c90-EWR

Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_89.2.dr, chromecache_74.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_66.2.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=378607
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=449857
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=470258
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=589347
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/12359
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13378
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=137337
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_66.2.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: chromecache_66.2.dr	String found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
Source: chromecache_66.2.dr	String found in binary or memory: https://code.jquery.com/jquery-3.3.1.js
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_88.2.dr	String found in binary or memory: https://developers.cloudflare.com/r2/data-access/public-buckets/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#resolved-values
Source: chromecache_66.2.dr	String found in binary or memory: https://fonts.gstatic.com/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/eslint/eslint/issues/3229
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/eslint/eslint/issues/6125
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#category-listed
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
Source: chromecache_66.2.dr	String found in binary or memory: https://ikulopinawaeniyan.publicvm.com/res.php
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://jsperf.com/getall-vs-sizzle/2
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/8Sy1Q1E1EfZN.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/Bflfh7PtIV1m.mov
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/UMX9jlahOh2Y.css
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/WZ0i3ciKJp19.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/Yzvm8sG7noXg.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/a9SypYD4A2v9.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/connect.mp4
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/download.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/download1.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/eGfjLjEcIGAc.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/mfkNbEskGSwj.svg
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-48
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-54
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-57
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-59
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-61
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-64
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-75
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-a
Source: chromecache_88.2.dr	String found in binary or memory: https://www.cloudflare.com/favicon.ico
Source: chromecache_66.2.dr	String found in binary or memory: https://www.ledger.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64395 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64395
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@16/46@18/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1972,i,610400983261234010,9711384866539688891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1972,i,610400983261234010,9711384866539688891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.17.24.14	unknown	United States	13335	CLOUDFLARENETUS	false
173.208.194.98	0174meldingen.online	United States	32097	WIIUS	false
142.250.185.100	www.google.com	United States	15169	GOOGLEUS	false
18.192.94.96	unknown	United States	16509	AMAZON-02US	false
151.101.2.137	code.jquery.com	United States	54113	FASTLYUS	false
54.161.234.33	newmedappdate.netlify.app	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.66.0.235	pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev	United States	13335	CLOUDFLARENETUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.7
192.168.2.4

Contacted Domains

Name	IP	Active
newmedappdate.netlify.app	54.161.234.33	true
code.jquery.com	151.101.2.137	true
cdnjs.cloudflare.com	104.17.25.14	true
0174meldingen.online	173.208.194.98	true
pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev	172.66.0.235	true
www.google.com	142.250.185.100	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://0174meldingen.online/css/Crypto/fonts.png	false		unknown
https://newmedappdate.netlify.app/Folder/Bflfh7PtIV1m.mov	false		unknown
https://newmedappdate.netlify.app/Folder/mfkNbEskGSwj.svg	false		unknown
https://newmedappdate.netlify.app/Folder/download1.png	false		unknown
https://code.jquery.com/jquery-3.1.1.min.js	false	URL Reputation: safe	unknown
https://newmedappdate.netlify.app/Folder/Yzvm8sG7noXg.png	false		unknown
https://code.jquery.com/jquery-3.3.1.js	false	URL Reputation: safe	unknown
https://newmedappdate.netlify.app/Folder/download.png	false		unknown
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	false	URL Reputation: safe	unknown
https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/favicon.ico	false		unknown
https://newmedappdate.netlify.app/Folder/a9SypYD4A2v9.png	false		unknown
https://newmedappdate.netlify.app/Folder/eGfjLjEcIGAc.png	false		unknown
https://newmedappdate.netlify.app/Folder/8Sy1Q1E1EfZN.png	false		unknown
https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html	true		unknown
https://newmedappdate.netlify.app/Folder/UMX9jlahOh2Y.css	false		unknown
https://newmedappdate.netlify.app/Folder/WZ0i3ciKJp19.png	false		unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 66	HTML document, ASCII text, with very long lines (13083), with CRLF line terminators	4EB83F29DDD4C7EDD3FE7E040C1F786D	2C03F035BBA1C6A3A268F2AA6C99946AB0C4D9DA	2DB01C3F2AEF022B5CF84B3FD5E57936664CB85FF6ABBA3175E3F426ADE1034E
Chrome Cache Entry: 67	ISO Media, Apple QuickTime movie, Apple QuickTime (.MOV/QT)	A6CA65B05C2B53811DC5F3AA831D5D84	54EE5ACEB438DEA38B9E69C36A36761DD920CCAB	B496EF983F05C6079D119207EA8CCF7110704403DE12B5AFFE96F4191BBA7A95
Chrome Cache Entry: 68	PNG image data, 418 x 472, 8-bit/color RGBA, non-interlaced	4802F8DD82FB35E2B2828100E9947E45	0A15B3D59241838CB750E50776370250CC88F938	BAC2C823A8696C6A658E36167EACD615F5EF53781274E77DDC8E9946205FE309
Chrome Cache Entry: 69	PNG image data, 1240 x 511, 8-bit gray+alpha, non-interlaced	37D86F9CD3B587A79FAD97EC79E899DD	C8AF3830C18C172E923CDB55CE00C3FE7519BDFE	69A5BC575B8BEC25DEDF3BDD5AC1E9D5B8E816A3712C26FFD9ECDD3F68011251
Chrome Cache Entry: 70	ASCII text, with very long lines (440), with no line terminators	2369B52BBFB03D8B9C73CA4B5C76EA90	A4C2396F1B0D80B89044766E8D341EB066473462	D1F90FEF3F80C9B736F6D69DD00E328FFA1AD19F22DD2A6C824736AC8125F11A
Chrome Cache Entry: 71	PNG image data, 530 x 398, 8-bit/color RGBA, non-interlaced	9CC86BF7D2AFE087D7209DDCC7552AEE	8B6862CB708B34BA7000C7EBA8651B08F85C45BE	96C9EC39EA7361144C797060B09398FA43BFF0DCA108225AFE910461C1EE73A3
Chrome Cache Entry: 72	PNG image data, 448 x 506, 8-bit/color RGBA, non-interlaced	8FBE43F9735FF736D9C271452699762A	29C168CDF1634B7B55D16F8137C888D2E16C3516	B98D5ED89D2CE6B5143E31FEB7C4ED60B63C8C6E08AE4F60385A8E7BF6899C53
Chrome Cache Entry: 73	PNG image data, 530 x 398, 8-bit/color RGBA, non-interlaced	9CC86BF7D2AFE087D7209DDCC7552AEE	8B6862CB708B34BA7000C7EBA8651B08F85C45BE	96C9EC39EA7361144C797060B09398FA43BFF0DCA108225AFE910461C1EE73A3
Chrome Cache Entry: 74	ASCII text, with very long lines (19015)	70D3FDA195602FE8B75E0097EED74DDE	C3B977AA4B8DFB69D651E07015031D385DED964B	A52F7AA54D7BCAAFA056EE0A050262DFC5694AE28DEE8B4CAC3429AF37FF0D66
Chrome Cache Entry: 75	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 76	PNG image data, 528 x 436, 8-bit/color RGBA, non-interlaced	7BBEB77B29E00157DBC902E365C504CC	9B053E1A62AE43401B8B03984D6BE90B3819AC45	91D6B82C75EF8695F4C907C99E9239458AFAB5F00159EB8294F3D94F0E75AB28
Chrome Cache Entry: 77	ASCII text, with very long lines (32030)	E071ABDA8FE61194711CFC2AB99FE104	F647A6D37DC4CA055CED3CF64BBC1F490070ACBA	85556761A8800D14CED8FCD41A6B8B26BF012D44A318866C0D81A62092EFD9BF
Chrome Cache Entry: 78	PNG image data, 534 x 440, 8-bit/color RGBA, non-interlaced	FC319A08C03F263C6DA5344DC83414D6	C14F693B0B24C32E85805EF1EBA87E904362759A	F50D7F92CEBA5914F2E7574605800F7B43AC355D2544857EAA25C728BF7111C2
Chrome Cache Entry: 79	PNG image data, 108 x 539, 8-bit/color RGBA, non-interlaced	40F53D3B5E49A25F353352C76B6764BB	FAEA635A085F8D93BBC49238F65C6A5C96A68A87	A7EC38AFCB2F40F7A576C12E914AB95E0DFDE63B3CBCAD1806B97A6177A7E1E4
Chrome Cache Entry: 80	PNG image data, 448 x 506, 8-bit/color RGBA, non-interlaced	8FBE43F9735FF736D9C271452699762A	29C168CDF1634B7B55D16F8137C888D2E16C3516	B98D5ED89D2CE6B5143E31FEB7C4ED60B63C8C6E08AE4F60385A8E7BF6899C53
Chrome Cache Entry: 81	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 82	SVG Scalable Vector Graphics image	F2E70BA9501583B7EBBEB06DC45A745F	71244FE09D982498869444418AA864CBABA8862E	7C34850991C3B7DD8816EA3314A4DDF849F6FA94A5FC39B2493593F9F6AAC253
Chrome Cache Entry: 83	ASCII text	6A07DA9FAE934BAF3F749E876BBFDD96	46A436EBA01C79ACDB225757ED80BF54BAD6416B	D8AA24ECC6CECB1A60515BC093F1C9DA38A0392612D9AB8AE0F7F36E6EEE1FAD
Chrome Cache Entry: 84	ASCII text	D72105263FBFDAA9632A92F6121D7F6E	D54E5D0655101D453A765A91ADF4796C5834D159	6626713211E198C04D94E042ABD4D81CB92C73D149DA01EC209408D83BE959E5
Chrome Cache Entry: 85	ASCII text	6A07DA9FAE934BAF3F749E876BBFDD96	46A436EBA01C79ACDB225757ED80BF54BAD6416B	D8AA24ECC6CECB1A60515BC093F1C9DA38A0392612D9AB8AE0F7F36E6EEE1FAD
Chrome Cache Entry: 86	SVG Scalable Vector Graphics image	F2E70BA9501583B7EBBEB06DC45A745F	71244FE09D982498869444418AA864CBABA8862E	7C34850991C3B7DD8816EA3314A4DDF849F6FA94A5FC39B2493593F9F6AAC253
Chrome Cache Entry: 87	ASCII text, with very long lines (32030)	E071ABDA8FE61194711CFC2AB99FE104	F647A6D37DC4CA055CED3CF64BBC1F490070ACBA	85556761A8800D14CED8FCD41A6B8B26BF012D44A318866C0D81A62092EFD9BF
Chrome Cache Entry: 88	HTML document, ASCII text, with very long lines (611)	46DD133EE00DC1BAE5E4EEBA7B88432F	8AF86A4AC91CE48C062216FB94A6E1D57618A19B	9EB52EE46C7AB5EA4CA0982415DA99FDED1B7D7354F75E50847BDAE6CB44EB66
Chrome Cache Entry: 89	ASCII text, with very long lines (19015)	70D3FDA195602FE8B75E0097EED74DDE	C3B977AA4B8DFB69D651E07015031D385DED964B	A52F7AA54D7BCAAFA056EE0A050262DFC5694AE28DEE8B4CAC3429AF37FF0D66
Chrome Cache Entry: 90	PNG image data, 1240 x 511, 8-bit gray+alpha, non-interlaced	37D86F9CD3B587A79FAD97EC79E899DD	C8AF3830C18C172E923CDB55CE00C3FE7519BDFE	69A5BC575B8BEC25DEDF3BDD5AC1E9D5B8E816A3712C26FFD9ECDD3F68011251
Chrome Cache Entry: 91	PNG image data, 528 x 436, 8-bit/color RGBA, non-interlaced	7BBEB77B29E00157DBC902E365C504CC	9B053E1A62AE43401B8B03984D6BE90B3819AC45	91D6B82C75EF8695F4C907C99E9239458AFAB5F00159EB8294F3D94F0E75AB28
Chrome Cache Entry: 92	PNG image data, 534 x 440, 8-bit/color RGBA, non-interlaced	FC319A08C03F263C6DA5344DC83414D6	C14F693B0B24C32E85805EF1EBA87E904362759A	F50D7F92CEBA5914F2E7574605800F7B43AC355D2544857EAA25C728BF7111C2
Chrome Cache Entry: 93	PNG image data, 108 x 539, 8-bit/color RGBA, non-interlaced	40F53D3B5E49A25F353352C76B6764BB	FAEA635A085F8D93BBC49238F65C6A5C96A68A87	A7EC38AFCB2F40F7A576C12E914AB95E0DFDE63B3CBCAD1806B97A6177A7E1E4
Chrome Cache Entry: 94	PNG image data, 418 x 472, 8-bit/color RGBA, non-interlaced	4802F8DD82FB35E2B2828100E9947E45	0A15B3D59241838CB750E50776370250CC88F938	BAC2C823A8696C6A658E36167EACD615F5EF53781274E77DDC8E9946205FE309

AV Detection

Multi AV Scanner detection for submitted file

Source: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html

Virustotal: Detection: 13%

Perma Link

Source: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:64394 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:49740 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:64390 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 2.16.164.97
Source: unknown	TCP traffic detected without corresponding DNS query: 2.16.164.97
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 2.16.164.97
Source: unknown	TCP traffic detected without corresponding DNS query: 2.16.164.97
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ledge.html HTTP/1.1Host: pub-38e912f981004cb7857cf5826c7f1c1b.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.1.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.3.1.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/UMX9jlahOh2Y.css HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/download.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/download1.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/mfkNbEskGSwj.svg HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Yzvm8sG7noXg.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.1.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.3.1.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/download.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/download1.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/Crypto/fonts.png HTTP/1.1Host: 0174meldingen.onlineConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://newmedappdate.netlify.app/Folder/UMX9jlahOh2Y.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/mfkNbEskGSwj.svg HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/WZ0i3ciKJp19.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Yzvm8sG7noXg.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/8Sy1Q1E1EfZN.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/eGfjLjEcIGAc.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/a9SypYD4A2v9.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Bflfh7PtIV1m.mov HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Language: en-US,en;q=0.9Range: bytes=0-
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /Folder/Bflfh7PtIV1m.mov HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Language: en-US,en;q=0.9Range: bytes=786432-820217If-Range: "d3779301f4f187459d906e549889d7c5-ssl"
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pub-38e912f981004cb7857cf5826c7f1c1b.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Bflfh7PtIV1m.mov HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Language: en-US,en;q=0.9Range: bytes=65536-139263If-None-Match: "d3779301f4f187459d906e549889d7c5-ssl"
Source: global traffic	HTTP traffic detected: GET /Folder/WZ0i3ciKJp19.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/8Sy1Q1E1EfZN.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/a9SypYD4A2v9.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/eGfjLjEcIGAc.png HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Folder/Bflfh7PtIV1m.mov HTTP/1.1Host: newmedappdate.netlify.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, ;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoReferer: https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.htmlAccept-Language: en-US,en;q=0.9Range: bytes=139264-786431If-Range: "d3779301f4f187459d906e549889d7c5-ssl"

Source: global traffic	DNS traffic detected: DNS query: pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev
Source: global traffic	DNS traffic detected: DNS query: newmedappdate.netlify.app
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: 0174meldingen.online
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 29 Sep 2024 01:36:09 GMTServer: ApacheContent-Length: 0Connection: closeContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 29 Sep 2024 01:36:14 GMTContent-Type: text/htmlContent-Length: 27150Connection: closeServer: cloudflareCF-RAY: 8ca83db8be8a0c90-EWR

Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_89.2.dr, chromecache_74.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_66.2.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=378607
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=449857
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=470258
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=589347
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/12359
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13378
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=137337
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_66.2.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: chromecache_66.2.dr	String found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
Source: chromecache_66.2.dr	String found in binary or memory: https://code.jquery.com/jquery-3.3.1.js
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_88.2.dr	String found in binary or memory: https://developers.cloudflare.com/r2/data-access/public-buckets/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#resolved-values
Source: chromecache_66.2.dr	String found in binary or memory: https://fonts.gstatic.com/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/eslint/eslint/issues/3229
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/eslint/eslint/issues/6125
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#category-listed
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
Source: chromecache_66.2.dr	String found in binary or memory: https://ikulopinawaeniyan.publicvm.com/res.php
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://jsperf.com/getall-vs-sizzle/2
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/8Sy1Q1E1EfZN.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/Bflfh7PtIV1m.mov
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/UMX9jlahOh2Y.css
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/WZ0i3ciKJp19.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/Yzvm8sG7noXg.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/a9SypYD4A2v9.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/connect.mp4
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/download.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/download1.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/eGfjLjEcIGAc.png
Source: chromecache_66.2.dr	String found in binary or memory: https://newmedappdate.netlify.app/Folder/mfkNbEskGSwj.svg
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-48
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-54
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-57
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-59
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-61
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-64
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://promisesaplus.com/#point-75
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_83.2.dr, chromecache_85.2.dr	String found in binary or memory: https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-a
Source: chromecache_88.2.dr	String found in binary or memory: https://www.cloudflare.com/favicon.ico
Source: chromecache_66.2.dr	String found in binary or memory: https://www.ledger.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64395 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64395
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@16/46@18/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1972,i,610400983261234010,9711384866539688891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1972,i,610400983261234010,9711384866539688891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1521777
Product:	CloudBasic
Start time:	03:35:10
Start date:	29.09.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://pub-38e912f981004cb7857cf5826c7f1c1b.r2.dev/ledge.html