Windows Analysis Report
http://nbghcghdsghds.weebly.com/

Overview

General Information

Sample URL:	http://nbghcghdsghds.weebly.com/
Analysis ID:	1521934
Tags:	openphish
Infos:

Detection

HTMLPhisher

Score:	68
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Yara detected HtmlPhish20

Phishing site detected (based on logo match)

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML title does not match URL

Stores files to the Windows start menu directory

Suricata IDS alerts with low severity for network traffic

Suspicious form URL found

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://nbghcghdsghds.weebly.com/

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

AI detected phishing page

Source: https://nbghcghdsghds.weebly.com/	LLM: Score: 9 Reasons: The legitimate domain for AT&T is att.com., The provided URL (nbghcghdsghds.weebly.com) does not match the legitimate domain., Weebly is a website builder platform, and it is uncommon for well-known brands like AT&T to use such platforms for their main services., The URL contains random characters, which is a common tactic used in phishing attempts., The presence of input fields for User ID and Password on a suspicious URL increases the risk of phishing. DOM: 0.1.pages.csv
Source: https://nbghcghdsghds.weebly.com/	LLM: Score: 9 Reasons: The URL 'nbghcghdsghds.weebly.com' does not match the legitimate domain 'att.com'., The domain 'weebly.com' is a website builder platform, which is not typically used by well-known brands like AT&T for their official sites., The subdomain 'nbghcghdsghds' is nonsensical and does not relate to AT&T., The presence of a password input field on a non-legitimate domain is a common phishing tactic. DOM: 0.4.pages.csv

Yara detected HtmlPhish20

Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: 0.5.pages.csv, type: HTML
Source: Yara match	File source: 0.6.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_137, type: DROPPED

Phishing site detected (based on logo match)

Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched

HTML body contains low number of good links

Source: https://nbghcghdsghds.weebly.com/

HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://nbghcghdsghds.weebly.com/

HTTP Parser: Base64 decoded: https://nbghcghdsghds.weebly.com:443

HTML title does not match URL

Source: https://nbghcghdsghds.weebly.com/

HTTP Parser: Title: Xxx does not match URL

Suspicious form URL found

Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: Form action: https://nbghcghdsghds.weebly.com/ajax/apps/formSubmitAjax.php
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: Form action: https://nbghcghdsghds.weebly.com/ajax/apps/formSubmitAjax.php
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: Form action: https://nbghcghdsghds.weebly.com/ajax/apps/formSubmitAjax.php

Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon

Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="author".. found
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="author".. found
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="author".. found

Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49749 version: TLS 1.2

Suricata IDS alerts with low severity for network traffic

Source: Network traffic	Suricata IDS: 2032366 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com M1 2016-02-02 : 74.115.51.9:443 -> 192.168.2.5:49711
Source: Network traffic	Suricata IDS: 2032367 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com M2 2016-02-02 : 74.115.51.9:443 -> 192.168.2.5:49711

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg
Source: global traffic	HTTP traffic detected: GET /files/main_style.css?1727360426 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /files/templateArtifacts.js?1727360426 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /css/sites.css?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/old/fancybox.css?1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/social-icons.css?buildtime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Lato/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Cabin/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Roboto/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-1.8.3.min.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1727297940& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/main.js?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/photo-2024-09-11-16-16-21_orig.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/photo-2024-09-11-15-59-30_orig.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/footerSignup.js?buildTime=1727448693 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-1.8.3.min.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/templateArtifacts.js?1727360426 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/photo-2024-09-11-16-16-21_orig.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1727297940& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/photo-2024-09-11-15-59-30_orig.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/plugins.js?1583952700 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/custom.js?1583952700 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/background-images/1135338628.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main-customer-accounts-site.js?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Lato/regular.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://nbghcghdsghds.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Lato/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Lato/italic.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://nbghcghdsghds.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Lato/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Cabin/regular.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://nbghcghdsghds.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Cabin/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/main.js?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/background-images/1135338628.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/footerSignup.js?buildTime=1727448693 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/theme/custom.js?1583952700 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/plugins.js?1583952700 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main-customer-accounts-site.js?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /css/free-footer-v3.css?buildtime=1727448693 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/wsnbn/snowday262.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?_=1727582676307 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en; _snow_ses.01d0=*; _snow_id.01d0=75d736d6-15b9-4917-bb59-33eeaad2b31d.1727582678.1.1727582678.1727582678.d69eb178-1d0f-41f5-9519-0a4b254f3158
Source: global traffic	HTTP traffic detected: GET /js/wsnbn/snowday262.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?_=1727582676307 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en; _snow_ses.01d0=; _snow_id.01d0=75d736d6-15b9-4917-bb59-33eeaad2b31d.1727582678.1.1727582678.1727582678.d69eb178-1d0f-41f5-9519-0a4b254f3158
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en; _snow_ses.01d0=*; _snow_id.01d0=75d736d6-15b9-4917-bb59-33eeaad2b31d.1727582678.1.1727582678.1727582678.d69eb178-1d0f-41f5-9519-0a4b254f3158
Source: global traffic	HTTP traffic detected: GET /com.snowplowanalytics.snowplow/tp2 HTTP/1.1Host: ec.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sp=c189fbdd-f396-47ac-8775-016a7dd55076
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C&co=aHR0cHM6Ly9uYmdoY2doZHNnaGRzLndlZWJseS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=yack8gfuxya1 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C&co=aHR0cHM6Ly9uYmdoY2doZHNnaGRzLndlZWJseS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=yack8gfuxya1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C&co=aHR0cHM6Ly9uYmdoY2doZHNnaGRzLndlZWJseS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=yack8gfuxya1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AGteOypeS5ZgCYBeiiANML8qrMGhFlvmON1aeBiXx0B9vN2KmSza_BWyoWeTz3t4iq5LB2XVo7YmgC-X-JdGEEI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5bXS1rYDaJ--xHJ3cbc4_gVgTQhjF_PUVtWgyr-NHWgbVXCbvztjmd0cThXDDMoHazwNa6A2vED3mnqrwQ7V2wo_bUw2NzGbrMm7VQGUQZtJbif7JJv4rWSF8D8IeZ138zRs0deH7iNmqbY47CVEArQbOwmFPti1I2nKKfzMIvbuU-YysZJMOJJ_eWKTsDhK-om76I&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1CAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AGteOypeS5ZgCYBeiiANML8qrMGhFlvmON1aeBiXx0B9vN2KmSza_BWyoWeTz3t4iq5LB2XVo7YmgC-X-JdGEEI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5bXS1rYDaJ--xHJ3cbc4_gVgTQhjF_PUVtWgyr-NHWgbVXCbvztjmd0cThXDDMoHazwNa6A2vED3mnqrwQ7V2wo_bUw2NzGbrMm7VQGUQZtJbif7JJv4rWSF8D8IeZ138zRs0deH7iNmqbY47CVEArQbOwmFPti1I2nKKfzMIvbuU-YysZJMOJJ_eWKTsDhK-om76I&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AGteOypeS5ZgCYBeiiANML8qrMGhFlvmON1aeBiXx0B9vN2KmSza_BWyoWeTz3t4iq5LB2XVo7YmgC-X-JdGEEI
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: nbghcghdsghds.weebly.com
Source: global traffic	DNS traffic detected: DNS query: cdn2.editmysite.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ec.editmysite.com

Source: unknown

HTTP traffic detected: POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveContent-Length: 83sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, */*; q=0.01Content-Type: application/json; charset=UTF-8X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://nbghcghdsghds.weebly.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en

Source: chromecache_162.2.dr, chromecache_155.2.dr	String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: http://www.google-analytics.com
Source: chromecache_111.2.dr, chromecache_131.2.dr	String found in binary or memory: https://cdn2.editmysite.com/js/
Source: chromecache_137.2.dr	String found in binary or memory: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_137.2.dr	String found in binary or memory: https://nbghcghdsghds.weebly.com/
Source: chromecache_137.2.dr	String found in binary or memory: https://nbghcghdsghds.weebly.com/uploads/1/5/0/9/150915330/photo-2024-09-11-15-59-30_orig.jpg
Source: chromecache_137.2.dr	String found in binary or memory: https://nbghcghdsghds.weebly.com/uploads/1/5/0/9/150915330/photo-2024-09-11-16-16-21_orig.jpg
Source: chromecache_104.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_104.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: https://ssl.google-analytics.com
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: https://ssl.google-analytics.com/j/__utm.gif
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect?
Source: chromecache_104.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_162.2.dr, chromecache_155.2.dr	String found in binary or memory: https://twitter.com/jacobrossi/status/480596438489890816
Source: chromecache_128.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences?
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: https://www.google.com/analytics/web/inpage/pub/inpage.js?
Source: chromecache_137.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_98.2.dr, chromecache_105.2.dr, chromecache_104.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.
Source: chromecache_98.2.dr, chromecache_105.2.dr, chromecache_103.2.dr, chromecache_110.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Source: chromecache_137.2.dr	String found in binary or memory: https://www.weebly.com/signup?utm_source=internal&utm_medium=footer

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49749 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@18/117@22/12

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2028,i,813183238970478399,6694276822351329767,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://nbghcghdsghds.weebly.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2028,i,813183238970478399,6694276822351329767,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.184.196	unknown	United States	15169	GOOGLEUS	false
142.250.186.36	unknown	United States	15169	GOOGLEUS	false
74.115.51.8	nbghcghdsghds.weebly.com	United States	27647	WEEBLYUS	true
74.115.51.9	unknown	United States	27647	WEEBLYUS	false
151.101.1.46	weebly.map.fastly.net	United States	54113	FASTLYUS	false
34.216.246.231	sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com	United States	16509	AMAZON-02US	false
44.238.64.85	unknown	United States	16509	AMAZON-02US	false
216.58.206.68	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.6
192.168.2.5

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.210.172	true
nbghcghdsghds.weebly.com	74.115.51.8	true
sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com	34.216.246.231	true
weebly.map.fastly.net	151.101.1.46	true
www.google.com	216.58.206.68	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
ec.editmysite.com	unknown	unknown
cdn2.editmysite.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js	false		unknown
https://nbghcghdsghds.weebly.com/uploads/1/5/0/9/150915330/photo-2024-09-11-15-59-30_orig.jpg	true		unknown
https://cdn2.editmysite.com/fonts/Lato/regular.woff2	false		unknown
http://nbghcghdsghds.weebly.com/	true		unknown
https://cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1727448693	false		unknown
https://cdn2.editmysite.com/fonts/Cabin/regular.woff2	false		unknown
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C&co=aHR0cHM6Ly9uYmdoY2doZHNnaGRzLndlZWJseS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=yack8gfuxya1	false		unknown
https://cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png	false		unknown
https://nbghcghdsghds.weebly.com/uploads/1/5/0/9/150915330/background-images/1135338628.jpg	true		unknown
https://cdn2.editmysite.com/fonts/Lato/font.css?2	false		unknown
https://nbghcghdsghds.weebly.com/favicon.ico	true		unknown
https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1727448693	false		unknown
https://cdn2.editmysite.com/css/sites.css?buildTime=1727297940	false		unknown
https://cdn2.editmysite.com/fonts/Roboto/font.css?2	false		unknown
https://nbghcghdsghds.weebly.com/	true		unknown
https://nbghcghdsghds.weebly.com/uploads/1/5/0/9/150915330/photo-2024-09-11-16-16-21_orig.jpg	true		unknown
https://cdn2.editmysite.com/css/social-icons.css?buildtime=1727297940	false		unknown
https://cdn2.editmysite.com/fonts/Cabin/font.css?2	false		unknown
https://nbghcghdsghds.weebly.com/files/templateArtifacts.js?1727360426	true		unknown
https://cdn2.editmysite.com/css/old/fancybox.css?1727297940	false		unknown
https://cdn2.editmysite.com/js/site/main.js?buildTime=1727297940	false		unknown
https://cdn2.editmysite.com/js/jquery-1.8.3.min.js	false		unknown
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY	false		unknown
https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1727297940	false		unknown
https://cdn2.editmysite.com/fonts/Lato/italic.woff2	false		unknown
https://www.google.com/recaptcha/api.js?_=1727582676307	false		unknown
https://nbghcghdsghds.weebly.com/files/theme/plugins.js?1583952700	true		unknown
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5bXS1rYDaJ--xHJ3cbc4_gVgTQhjF_PUVtWgyr-NHWgbVXCbvztjmd0cThXDDMoHazwNa6A2vED3mnqrwQ7V2wo_bUw2NzGbrMm7VQGUQZtJbif7JJv4rWSF8D8IeZ138zRs0deH7iNmqbY47CVEArQbOwmFPti1I2nKKfzMIvbuU-YysZJMOJJ_eWKTsDhK-om76I&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C	false		unknown
https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2	false	URL Reputation: safe	unknown
https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1727297940&	false		unknown
https://nbghcghdsghds.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]	true		unknown
https://nbghcghdsghds.weebly.com/files/main_style.css?1727360426	true		unknown
https://www.google.com/recaptcha/api2/reload?k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C	false		unknown
https://nbghcghdsghds.weebly.com/files/theme/custom.js?1583952700	true		unknown
https://cdn2.editmysite.com/js/wsnbn/snowday262.js	false		unknown
https://www.google.com/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:04:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	9035FF10EE74BF6CD6773BF653339098	85EC7D7DEEB9128A8754F4F2B86689365B2E7566	A095065A7A6D644382BD8CEF414948B4748CA915235F899265AD71C415CD819A
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:04:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	84EBBD2B7015A83345A33DAAE89DC09B	396ECAA6AA7E55C8C5EC030E37D64DE83DC1C26C	145D7A54C3A26B52AD1C2B9E776CE7F11AE0F0B27F6D09D3EE5F8F98D0BBA0A0
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	BA29118950739D1C1AF5584E12BF74D7	910F81FCF1FA0A344A7B0F509BE79A55B828008E	33A90AD79269BB2A55D99E6716E978726F033557CDD58BCF35E6D9512F2FDF3F
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:04:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	E20BB1796C90B47503A662F15EE9E0A4	1FF976AE340209ED33439361D2DA08AB8C5E2E2F	EB0595A3C53F144B8E08B7EAF5CA0609F2E556A52531492D1BF504979587CFC0
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:04:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	20F483E618D1719AE598CE7487966ADE	9FFC9270947080630DBD11017D9373AC24FA632A	11CEBE12C25E7FE00A4C76634BC2BEC221ABE3223AE4C17938035105B92727C1
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:04:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	3210DB8EEAA42CC8978CAECD4E775839	9E882B955E04AB702B21DDC330BEC7308D42A75F	939CB78485C6AB924754078A73E95D783545317B4961EDFA2931E6EB009AB722
Chrome Cache Entry: 100	ASCII text, with very long lines (13080)	AA7169765A33370C48D42D5A61E1C295	D6E0EE7C23BE26E6C6E99DED099CECC8B26D68FB	94AD44B2A6E0AC9A1F6EBF8E1B72BD8D442B97B9B465F65667D1ACB2B903E033
Chrome Cache Entry: 101	ASCII text, with very long lines (17998)	59D00FA56FB8B29068D96A431A52AE7B	9F8C5455383C49873A60CAEBACB1DECAAE0F909E	76E6DCC56BA185BAB0F2E68B485146BC42E79395A67DF0F7C23A18790677DE09
Chrome Cache Entry: 102	ASCII text, with very long lines (32147)	016FFAE66513FCAE583BCC64A0B66869	CD2CCF7CC47BD6ADBC1FB46F8A88D610824F7037	55F966D09AFC4A653A1F26B57E57412D5C42191D5692157D94110B23CA74C9D2
Chrome Cache Entry: 103	ASCII text, with no line terminators	59EE3965FCB16F88E9BDC20B9CD8612E	3D93A27E4DAC9DDA01DC5BBCCA9E1F53E827DAF2	020A92F2FB27981D1398F916AE17400F8F11473962EBD858B7BF6901814EDD7B
Chrome Cache Entry: 104	ASCII text, with very long lines (724)	33AFF52B82A1DF246136E75500D93220	4675754451AF81F996EAB925923C31EF5115A9F4	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
Chrome Cache Entry: 105	ASCII text, with very long lines (1434), with no line terminators	E7F4945A3458503BDEE0AD9476537604	CD049E2F8F9D05ABC087BBEF7EFEDA01EFB0F3A6	8AB3BC08E25F6A7E24EF75EE66ED06360BCEEACE487D22822D7724B3F2BBED50
Chrome Cache Entry: 106	ASCII text	8748EEC74F3E1353FF5D59C4FC793928	5C585058EBE43354156E0C7F1C40937128804FA7	CB2642E037C6E74EACE100541B7E6776ECAF14371B49E4DECF7831BFB0A7147B
Chrome Cache Entry: 107	ASCII text, with very long lines (65483)	3576A6E73C9DCCDBBC4A2CF8FF544AD7	06E872300088B9BA8A08427D28ED0EFCDF9C6FF5	61C6CAEBD23921741FB5FFE6603F16634FCA9840C2BF56AC8201E9264D6DACCF
Chrome Cache Entry: 108	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	4D27526198AC873CCEC96935198E0FB9	B98D8B73AD6A0F7477C3397561B4AAB37BF262AA	40A2146151863BCF46C786D596E81A308D1B0D26D74635BE441E92656F29B1B4
Chrome Cache Entry: 109	ASCII text, with very long lines (724)	33AFF52B82A1DF246136E75500D93220	4675754451AF81F996EAB925923C31EF5115A9F4	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
Chrome Cache Entry: 110	ASCII text, with no line terminators	59EE3965FCB16F88E9BDC20B9CD8612E	3D93A27E4DAC9DDA01DC5BBCCA9E1F53E827DAF2	020A92F2FB27981D1398F916AE17400F8F11473962EBD858B7BF6901814EDD7B
Chrome Cache Entry: 111	ASCII text, with very long lines (3600), with no line terminators	40B81B2D52BA9D2E2C64C31FF6A24CD7	6B5689250661646ECBB841F2475F1556A113373C	E06BACA13F25DF9C7D684FC1B1FDFBBBB95070A1D5A9CD648632DA7BCCC90B96
Chrome Cache Entry: 112	exported SGML document, ASCII text, with very long lines (1630)	AE81AB7069097A055829FB9919258138	7DC529F16FB595BBBFC5937ADFE1D0A5CF563F8A	5A630B41E7C3D34392BCB150A5731B6261BC6314D71D5DB8407A646AF15BF8AF
Chrome Cache Entry: 113	ASCII text, with very long lines (2512)	99BBE560926E583B8E99036251DEB783	8D81B73AE06F664F9D9E53DD5829A799BF434491	648E766BF519673F9A90CC336CBECEDE80DCBE3419B43D36ECBB25D88F5584A3
Chrome Cache Entry: 114	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	07BF314AAB04047B9E9A959EE6F63DA3	17BEF6602672E2FD9956381E01356245144003E5	55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE
Chrome Cache Entry: 115	exported SGML document, ASCII text, with very long lines (1630)	AE81AB7069097A055829FB9919258138	7DC529F16FB595BBBFC5937ADFE1D0A5CF563F8A	5A630B41E7C3D34392BCB150A5731B6261BC6314D71D5DB8407A646AF15BF8AF
Chrome Cache Entry: 116	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	0F2A4639B8A4CB30C76E8333C00D30A6	57E273A270BB864970D747C74B3F0A7C8E515B13	44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98
Chrome Cache Entry: 117	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1280x749, components 3	6B6EB32D2B80A10789A447027D3325E7	7D3B0459D16C27AEE4AB78F2328777923A82E961	AA99BF2620056BC8E793173D610861167EB8329DD9B5C45733EB796356BEE196
Chrome Cache Entry: 118	ASCII text, with very long lines (65536), with no line terminators	025F5BACD3035E5CF943BD87A2FCF845	BC2526C2F2263CE2C3672D99C63E901C0ABF7445	5ECAB7CE27F2BC2FCDD78CB016D7E8908AF282B3914A1993B26CB7CBC84039B3
Chrome Cache Entry: 119	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3	35104981988B30A232D0FAF98838DA62	90381E3B59BBFF7F5EACFF8CF76D8560635254D3	511EFC341DC32D12D2F91EDB2B43FE2328E76EFCCA37D71D8C5CCB9380FEDC2C
Chrome Cache Entry: 120	ASCII text, with no line terminators	AFB69DF47958EB78B4E941270772BD6A	D9FE9A625E906FF25C1F165E7872B1D9C731E78E	874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878
Chrome Cache Entry: 121	ASCII text	031AFC1E38DF9F7A75040672E5D7625C	B4393D10E75A500B9C3701CECD2E06D9AB8894F7	66EA3B4259912AD511FDDC6E8EDD1A8AA28D7F623D14FC65E746146AB568A039
Chrome Cache Entry: 122	ASCII text, with very long lines (65024)	DFA3295E02BF02FEEC7714B264BFCA69	0276AD3E36A772492A28BC16F130A76497FA20B4	CCB10E6D0C530D4C0FE0F2B118B212CAC22E00C23BC7C2D1A45DB0F19928A112
Chrome Cache Entry: 123	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 374x213, components 3	FDED353CAD9A41D4F7D3925ABC39CC75	DD199B1A19997322F6191DA823FFE60185C88534	7285CC40C8E5B4F7970EF6A10C6E05F9E601912A2F28B48FBEEBA7DFF8C06BC2
Chrome Cache Entry: 124	ASCII text	05F181094C6A399A6A095B872FDD62A2	DCD242A26E18EAA525C20AE2BC6E32D2393664F6	926C730CD097087583D7B2EAF8CFA55FABCB061F576CFBF154BE708DFE672C77
Chrome Cache Entry: 125	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	0F2A4639B8A4CB30C76E8333C00D30A6	57E273A270BB864970D747C74B3F0A7C8E515B13	44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98
Chrome Cache Entry: 126	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 182x64, components 3	0698BA6D11F8A66B9F8396C00D876270	2F600DECF20AEFFBC2443E8C17157229301F4C23	39AB7D26E2F2B5E282A0708E9224DA4797F8D5B6AD3F34173B99BA67C8AA62E4
Chrome Cache Entry: 127	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	07BF314AAB04047B9E9A959EE6F63DA3	17BEF6602672E2FD9956381E01356245144003E5	55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE
Chrome Cache Entry: 128	ASCII text, with very long lines (1305)	E9372F0EBBCF71F851E3D321EF2A8E5A	2C7D19D1AF7D97085C977D1B69DCB8B84483D87C	1259EA99BD76596239BFD3102C679EB0A5052578DC526B0452F4D42F8BCDD45F
Chrome Cache Entry: 129	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	88E0F42C9FA4F94AA8BCD54D1685C180	5AD9D47A49B82718BAA3BE88550A0B3350270C42	89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
Chrome Cache Entry: 130	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 374x213, components 3	FDED353CAD9A41D4F7D3925ABC39CC75	DD199B1A19997322F6191DA823FFE60185C88534	7285CC40C8E5B4F7970EF6A10C6E05F9E601912A2F28B48FBEEBA7DFF8C06BC2
Chrome Cache Entry: 131	ASCII text, with very long lines (3600), with no line terminators	40B81B2D52BA9D2E2C64C31FF6A24CD7	6B5689250661646ECBB841F2475F1556A113373C	E06BACA13F25DF9C7D684FC1B1FDFBBBB95070A1D5A9CD648632DA7BCCC90B96
Chrome Cache Entry: 132	ASCII text, with very long lines (3910)	1DCEBBB5A1EB8B028310CEEB72A339B3	E254B7A35AC189FD1CE9CF8BD78593BEBFE27D7D	865CB87DE9FC4D6530EDCE21F0103107ABAE6ABE45CABDFF2AD9AF067B3D8E0A
Chrome Cache Entry: 133	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1280x749, components 3	6B6EB32D2B80A10789A447027D3325E7	7D3B0459D16C27AEE4AB78F2328777923A82E961	AA99BF2620056BC8E793173D610861167EB8329DD9B5C45733EB796356BEE196
Chrome Cache Entry: 134	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 135	ASCII text, with very long lines (724)	33AFF52B82A1DF246136E75500D93220	4675754451AF81F996EAB925923C31EF5115A9F4	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
Chrome Cache Entry: 136	JSON data	F6BF880CA34C3E868763365FDC30B392	9B1B41E6AAE16E4FDCC28DBE92679D564352C8C5	B884D8BFFBC6E1C794D4EAE301A9698B535F857D1837B9B9D60C4651A78A2E1E
Chrome Cache Entry: 137	HTML document, Unicode text, UTF-8 text, with very long lines (887), with CRLF, LF line terminators	09982A747E9E4AA5A7A101A0F7138E1C	962CFDEB7ABC0F3289B80B2979D9E68AD7DD5A1C	85EBE664581CA3091558E6EE1237B8CCB7843224C4774C942FC08974F1A55A2D
Chrome Cache Entry: 138	ASCII text, with very long lines (17998)	59D00FA56FB8B29068D96A431A52AE7B	9F8C5455383C49873A60CAEBACB1DECAAE0F909E	76E6DCC56BA185BAB0F2E68B485146BC42E79395A67DF0F7C23A18790677DE09
Chrome Cache Entry: 139	ASCII text	031AFC1E38DF9F7A75040672E5D7625C	B4393D10E75A500B9C3701CECD2E06D9AB8894F7	66EA3B4259912AD511FDDC6E8EDD1A8AA28D7F623D14FC65E746146AB568A039
Chrome Cache Entry: 140	Web Open Font Format (Version 2), TrueType, length 15340, version 1.0	19B7A0ADFDD4F808B53AF7E2CE2AD4E5	81D5D4C7B5035AD10CCE63CF7100295E0C51FDDA	C912A9CE0C3122D4B2B29AD26BFE06B0390D1A5BDAA5D6128692C0BEFD1DFBBD
Chrome Cache Entry: 141	Web Open Font Format (Version 2), TrueType, length 24408, version 1.0	EFEE2D080D7BEBDD2E0AEB2E030813A0	F8D38F9F9584E48C2E469877EBD94232265585F1	BCA1D88ADA544D9C80872D4DA27133FAB6D347361FA26E932B47EC9559088FD0
Chrome Cache Entry: 142	ASCII text, with very long lines (2632)	B09E83D2AEAC55C0D3B67186CD5009FF	FA87CEC84CC36FC2E70804867DA24578EA331999	251A983A1B4B2CC76542AA398AE6B3499978A788860B54A8081D35D7A843303C
Chrome Cache Entry: 143	Web Open Font Format (Version 2), TrueType, length 15476, version 1.0	083F5CAFE748B8AC91823B36986D7FDA	0D763699E5BCE633AA6ADC03370B8630B87C1B31	A3D8AFCBC68D3AE65312E50CE252F5EB4CB817D3FE39452BD37A76F896AB5921
Chrome Cache Entry: 144	ASCII text, with very long lines (32147)	016FFAE66513FCAE583BCC64A0B66869	CD2CCF7CC47BD6ADBC1FB46F8A88D610824F7037	55F966D09AFC4A653A1F26B57E57412D5C42191D5692157D94110B23CA74C9D2
Chrome Cache Entry: 145	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 146	ASCII text, with very long lines (65024)	845F7D73734AC4CEC9BF37F9CFA8BDDA	1DE6F0DCAD2A909DAA01D1A669847FF403DCAC1A	3BC618127A31EDB2D57E8444933A7ECEF9972BD1EAA8C35AB6D0CD718CE79EFA
Chrome Cache Entry: 147	Web Open Font Format (Version 2), TrueType, length 23580, version 1.0	E1B3B5908C9CF23DFB2B9C52B9A023AB	FCD4136085F2A03481D9958CC6793A5ED98E714C	918B7DC3E2E2D015C16CE08B57BCB64D2253BAFC1707658F361E72865498E537
Chrome Cache Entry: 148	ASCII text, with very long lines (65536), with no line terminators	0CA290F7801B0434CFE66A0F300A324C	0891B431E5F2671A211DDD8F03ACF1D07792F076	0C613DC5F9E10DFF735C7A102433381C97B89C4A26CE26C78D9FFAD1ADDDC528
Chrome Cache Entry: 149	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0	5D4AEB4E5F5EF754E307D7FFAEF688BD	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
Chrome Cache Entry: 150	ASCII text, with very long lines (1305)	E9372F0EBBCF71F851E3D321EF2A8E5A	2C7D19D1AF7D97085C977D1B69DCB8B84483D87C	1259EA99BD76596239BFD3102C679EB0A5052578DC526B0452F4D42F8BCDD45F
Chrome Cache Entry: 151	ASCII text, with very long lines (32029)	1AB9351AED8F75646E675BD6F71554FA	A8B8132CF79D5EE6F714EAF265D291B06526F241	7138DB2D226E4DD1FF2A29A02C0CFDECD3CA55822DD7180EF445F645B4299B68
Chrome Cache Entry: 152	ASCII text	883E3027B65CEF38BA8624069F989DCB	02D28332B36E73F9A1FF855ADFCE7466119117C9	B4F2DE5B6B0CE67EB0BDB6BDB1A0272CE6C6A17D9632EC9A090565D339836AB1
Chrome Cache Entry: 153	PNG image data, 199 x 97, 8-bit colormap, non-interlaced	6E0F7AD31BF187E0D88FC5787573BA71	14E8B85CC32A01C8901E4AC0160582D29A45E9E6	580EF6409E067A4EC4A427400C7D6216184869E2DA53343DF20753CC1F8A46CD
Chrome Cache Entry: 154	ASCII text, with very long lines (2512)	99BBE560926E583B8E99036251DEB783	8D81B73AE06F664F9D9E53DD5829A799BF434491	648E766BF519673F9A90CC336CBECEDE80DCBE3419B43D36ECBB25D88F5584A3
Chrome Cache Entry: 155	ASCII text	64497D2AB794CDB5E3C5C86CF7C5A611	34ACD67927409D0795EE025F64F99757494AFFED	637B5D2A661D0201F239A7AFCD1278BF55BEC7EF7ADA6CC6C0485C4E45D9B702
Chrome Cache Entry: 156	ASCII text, with very long lines (65483)	3576A6E73C9DCCDBBC4A2CF8FF544AD7	06E872300088B9BA8A08427D28ED0EFCDF9C6FF5	61C6CAEBD23921741FB5FFE6603F16634FCA9840C2BF56AC8201E9264D6DACCF
Chrome Cache Entry: 157	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	4D27526198AC873CCEC96935198E0FB9	B98D8B73AD6A0F7477C3397561B4AAB37BF262AA	40A2146151863BCF46C786D596E81A308D1B0D26D74635BE441E92656F29B1B4
Chrome Cache Entry: 158	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3	35104981988B30A232D0FAF98838DA62	90381E3B59BBFF7F5EACFF8CF76D8560635254D3	511EFC341DC32D12D2F91EDB2B43FE2328E76EFCCA37D71D8C5CCB9380FEDC2C
Chrome Cache Entry: 159	ASCII text, with no line terminators	67793F8D8A5B74161C67D8B1EBE28D33	5E48E5D26D22B144AF984D45D2E0601164737C1F	E2A2D79BC3CB978C108B9544257976D62E7CDF6F92EF800ABB754582085544FA
Chrome Cache Entry: 160	PNG image data, 199 x 97, 8-bit colormap, non-interlaced	6E0F7AD31BF187E0D88FC5787573BA71	14E8B85CC32A01C8901E4AC0160582D29A45E9E6	580EF6409E067A4EC4A427400C7D6216184869E2DA53343DF20753CC1F8A46CD
Chrome Cache Entry: 161	ASCII text, with very long lines (571)	263C2EDDF8A4B84EE702EC4FC37A679C	6C7986FE43FBC1597658D743834E6CDFF2F0F7DA	267C2A9BB9FE162A48DDF45EB61A9603D4F110034328CA3A65B277332ACE5273
Chrome Cache Entry: 162	ASCII text	64497D2AB794CDB5E3C5C86CF7C5A611	34ACD67927409D0795EE025F64F99757494AFFED	637B5D2A661D0201F239A7AFCD1278BF55BEC7EF7ADA6CC6C0485C4E45D9B702
Chrome Cache Entry: 163	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	88E0F42C9FA4F94AA8BCD54D1685C180	5AD9D47A49B82718BAA3BE88550A0B3350270C42	89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
Chrome Cache Entry: 164	ASCII text, with very long lines (32029)	1AB9351AED8F75646E675BD6F71554FA	A8B8132CF79D5EE6F714EAF265D291B06526F241	7138DB2D226E4DD1FF2A29A02C0CFDECD3CA55822DD7180EF445F645B4299B68
Chrome Cache Entry: 165	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 182x64, components 3	0698BA6D11F8A66B9F8396C00D876270	2F600DECF20AEFFBC2443E8C17157229301F4C23	39AB7D26E2F2B5E282A0708E9224DA4797F8D5B6AD3F34173B99BA67C8AA62E4
Chrome Cache Entry: 98	ASCII text, with very long lines (1434), with no line terminators	E7F4945A3458503BDEE0AD9476537604	CD049E2F8F9D05ABC087BBEF7EFEDA01EFB0F3A6	8AB3BC08E25F6A7E24EF75EE66ED06360BCEEACE487D22822D7724B3F2BBED50
Chrome Cache Entry: 99	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0	285467176F7FE6BB6A9C6873B3DAD2CC	EA04E4FF5142DDD69307C183DEF721A160E0A64E	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://nbghcghdsghds.weebly.com/

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

AI detected phishing page

Source: https://nbghcghdsghds.weebly.com/	LLM: Score: 9 Reasons: The legitimate domain for AT&T is att.com., The provided URL (nbghcghdsghds.weebly.com) does not match the legitimate domain., Weebly is a website builder platform, and it is uncommon for well-known brands like AT&T to use such platforms for their main services., The URL contains random characters, which is a common tactic used in phishing attempts., The presence of input fields for User ID and Password on a suspicious URL increases the risk of phishing. DOM: 0.1.pages.csv
Source: https://nbghcghdsghds.weebly.com/	LLM: Score: 9 Reasons: The URL 'nbghcghdsghds.weebly.com' does not match the legitimate domain 'att.com'., The domain 'weebly.com' is a website builder platform, which is not typically used by well-known brands like AT&T for their official sites., The subdomain 'nbghcghdsghds' is nonsensical and does not relate to AT&T., The presence of a password input field on a non-legitimate domain is a common phishing tactic. DOM: 0.4.pages.csv

Yara detected HtmlPhish20

Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: 0.5.pages.csv, type: HTML
Source: Yara match	File source: 0.6.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_137, type: DROPPED

Phishing site detected (based on logo match)

Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched
Source: https://nbghcghdsghds.weebly.com/	Matcher: Template: att matched

HTML body contains low number of good links

Source: https://nbghcghdsghds.weebly.com/

HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://nbghcghdsghds.weebly.com/

HTTP Parser: Base64 decoded: https://nbghcghdsghds.weebly.com:443

HTML title does not match URL

Source: https://nbghcghdsghds.weebly.com/

HTTP Parser: Title: Xxx does not match URL

Suspicious form URL found

Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: Form action: https://nbghcghdsghds.weebly.com/ajax/apps/formSubmitAjax.php
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: Form action: https://nbghcghdsghds.weebly.com/ajax/apps/formSubmitAjax.php
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: Form action: https://nbghcghdsghds.weebly.com/ajax/apps/formSubmitAjax.php

Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No favicon

Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="author".. found
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="author".. found
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="author".. found

Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://nbghcghdsghds.weebly.com/	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49749 version: TLS 1.2

Suricata IDS alerts with low severity for network traffic

Source: Network traffic	Suricata IDS: 2032366 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com M1 2016-02-02 : 74.115.51.9:443 -> 192.168.2.5:49711
Source: Network traffic	Suricata IDS: 2032367 - Severity 2 - ET PHISHING Phishing Landing via Weebly.com M2 2016-02-02 : 74.115.51.9:443 -> 192.168.2.5:49711

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg
Source: global traffic	HTTP traffic detected: GET /files/main_style.css?1727360426 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /files/templateArtifacts.js?1727360426 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /css/sites.css?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/old/fancybox.css?1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/social-icons.css?buildtime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Lato/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Cabin/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Roboto/font.css?2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-1.8.3.min.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1727297940& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/main.js?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/photo-2024-09-11-16-16-21_orig.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/photo-2024-09-11-15-59-30_orig.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/footerSignup.js?buildTime=1727448693 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-1.8.3.min.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/templateArtifacts.js?1727360426 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/photo-2024-09-11-16-16-21_orig.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /js/lang/en/stl.js?buildTime=1727297940& HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/photo-2024-09-11-15-59-30_orig.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/plugins.js?1583952700 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/custom.js?1583952700 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/background-images/1135338628.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main-customer-accounts-site.js?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Lato/regular.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://nbghcghdsghds.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Lato/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Lato/italic.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://nbghcghdsghds.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Lato/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Cabin/regular.woff2 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://nbghcghdsghds.weebly.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn2.editmysite.com/fonts/Cabin/font.css?2Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/main.js?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/1/5/0/9/150915330/background-images/1135338628.jpg HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/site/footerSignup.js?buildTime=1727448693 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/theme/custom.js?1583952700 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /files/theme/plugins.js?1583952700 HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en
Source: global traffic	HTTP traffic detected: GET /js/site/main-customer-accounts-site.js?buildTime=1727297940 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /css/free-footer-v3.css?buildtime=1727448693 HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/wsnbn/snowday262.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?_=1727582676307 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en; _snow_ses.01d0=*; _snow_id.01d0=75d736d6-15b9-4917-bb59-33eeaad2b31d.1727582678.1.1727582678.1727582678.d69eb178-1d0f-41f5-9519-0a4b254f3158
Source: global traffic	HTTP traffic detected: GET /js/wsnbn/snowday262.js HTTP/1.1Host: cdn2.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?_=1727582676307 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en; _snow_ses.01d0=; _snow_id.01d0=75d736d6-15b9-4917-bb59-33eeaad2b31d.1727582678.1.1727582678.1727582678.d69eb178-1d0f-41f5-9519-0a4b254f3158
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; __cf_bm=VwLwz7yu5AALyqxb984qmrXv9MqbjcuPum5xcYV0U6k-1727582671-1.0.1.1-MaxQYOyazfGd63AqFzu50l1591CXrV0aV3iaLTS_jSSbKByJ99dqMYODsdgIjsBRSPhTrSqT3oSXklxiB0gUAg; language=en; _snow_ses.01d0=*; _snow_id.01d0=75d736d6-15b9-4917-bb59-33eeaad2b31d.1727582678.1.1727582678.1727582678.d69eb178-1d0f-41f5-9519-0a4b254f3158
Source: global traffic	HTTP traffic detected: GET /com.snowplowanalytics.snowplow/tp2 HTTP/1.1Host: ec.editmysite.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sp=c189fbdd-f396-47ac-8775-016a7dd55076
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C&co=aHR0cHM6Ly9uYmdoY2doZHNnaGRzLndlZWJseS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=yack8gfuxya1 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C&co=aHR0cHM6Ly9uYmdoY2doZHNnaGRzLndlZWJseS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=yack8gfuxya1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C&co=aHR0cHM6Ly9uYmdoY2doZHNnaGRzLndlZWJseS5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=yack8gfuxya1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://nbghcghdsghds.weebly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AGteOypeS5ZgCYBeiiANML8qrMGhFlvmON1aeBiXx0B9vN2KmSza_BWyoWeTz3t4iq5LB2XVo7YmgC-X-JdGEEI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5bXS1rYDaJ--xHJ3cbc4_gVgTQhjF_PUVtWgyr-NHWgbVXCbvztjmd0cThXDDMoHazwNa6A2vED3mnqrwQ7V2wo_bUw2NzGbrMm7VQGUQZtJbif7JJv4rWSF8D8IeZ138zRs0deH7iNmqbY47CVEArQbOwmFPti1I2nKKfzMIvbuU-YysZJMOJJ_eWKTsDhK-om76I&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1CAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AGteOypeS5ZgCYBeiiANML8qrMGhFlvmON1aeBiXx0B9vN2KmSza_BWyoWeTz3t4iq5LB2XVo7YmgC-X-JdGEEI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5bXS1rYDaJ--xHJ3cbc4_gVgTQhjF_PUVtWgyr-NHWgbVXCbvztjmd0cThXDDMoHazwNa6A2vED3mnqrwQ7V2wo_bUw2NzGbrMm7VQGUQZtJbif7JJv4rWSF8D8IeZ138zRs0deH7iNmqbY47CVEArQbOwmFPti1I2nKKfzMIvbuU-YysZJMOJJ_eWKTsDhK-om76I&k=6Ldf5h8UAAAAAJFJhN6x2OfZqBvANPQcnPa8eb1C HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AGteOypeS5ZgCYBeiiANML8qrMGhFlvmON1aeBiXx0B9vN2KmSza_BWyoWeTz3t4iq5LB2XVo7YmgC-X-JdGEEI
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: nbghcghdsghds.weebly.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: nbghcghdsghds.weebly.com
Source: global traffic	DNS traffic detected: DNS query: cdn2.editmysite.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ec.editmysite.com

Source: unknown

Source: chromecache_162.2.dr, chromecache_155.2.dr	String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: http://www.google-analytics.com
Source: chromecache_111.2.dr, chromecache_131.2.dr	String found in binary or memory: https://cdn2.editmysite.com/js/
Source: chromecache_137.2.dr	String found in binary or memory: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_137.2.dr	String found in binary or memory: https://nbghcghdsghds.weebly.com/
Source: chromecache_137.2.dr	String found in binary or memory: https://nbghcghdsghds.weebly.com/uploads/1/5/0/9/150915330/photo-2024-09-11-15-59-30_orig.jpg
Source: chromecache_137.2.dr	String found in binary or memory: https://nbghcghdsghds.weebly.com/uploads/1/5/0/9/150915330/photo-2024-09-11-16-16-21_orig.jpg
Source: chromecache_104.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_104.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: https://ssl.google-analytics.com
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: https://ssl.google-analytics.com/j/__utm.gif
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect?
Source: chromecache_104.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_162.2.dr, chromecache_155.2.dr	String found in binary or memory: https://twitter.com/jacobrossi/status/480596438489890816
Source: chromecache_128.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences?
Source: chromecache_150.2.dr, chromecache_128.2.dr	String found in binary or memory: https://www.google.com/analytics/web/inpage/pub/inpage.js?
Source: chromecache_137.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_98.2.dr, chromecache_105.2.dr, chromecache_104.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_109.2.dr, chromecache_135.2.dr, chromecache_104.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.
Source: chromecache_98.2.dr, chromecache_105.2.dr, chromecache_103.2.dr, chromecache_110.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Source: chromecache_137.2.dr	String found in binary or memory: https://www.weebly.com/signup?utm_source=internal&utm_medium=footer

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49749 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@18/117@22/12

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2028,i,813183238970478399,6694276822351329767,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://nbghcghdsghds.weebly.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2028,i,813183238970478399,6694276822351329767,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1521934
Product:	CloudBasic
Start time:	06:03:37
Start date:	29.09.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://nbghcghdsghds.weebly.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://nbghcghdsghds.weebly.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://nbghcghdsghds.weebly.com/