Linux Analysis Report
https://generali.werbeartikel-online-shop.com

Overview

General Information

Sample URL:	https://generali.werbeartikel-online-shop.com
Analysis ID:	1528210
Infos:

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false

Signatures

Creates hidden files and/or directories

Creates hidden files without content (potentially used as a mutex)

Queries the installed Ubuntu/CentOS release

Reads the 'hosts' file potentially containing internal network hosts

Uses the "uname" system call to query kernel version information (possible evasion)

Classification

Signatures

Source: unknown

HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.20:58630 version: TLS 1.2

Reads the 'hosts' file potentially containing internal network hosts

Source: /usr/lib/firefox/firefox (PID: 4797)

Reads hosts file: /etc/hosts

Jump to behavior

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-aliveUpgrade-Insecure-Requests: 1
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/NormalizeCss/normalize.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /6/Firefox/66.0.3/20190410113011/Linux_x86_64-gcc3/en-US/release-cck-ubuntu/Linux%204.4.0-116-generic%20(GTK%203.18.9%2Clibpulse%208.0.0)/canonical/1.0/ HTTP/1.1Host: snippets.cdn.mozilla.netUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/css/shop/frame/style/de/bramble.min.2.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/css/shop/content/layout/bramble.min.2.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/template/css/bramble_rootStyles.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/css/shop/content/style/de/bramble.min.2.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/css/shop/frame/layout/bramble.min.2.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /us-west/bundles-pregen/Firefox/en-us/default.json HTTP/1.1Host: snippets.cdn.mozilla.netUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/template/css/bramble_customDesign.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Fontello/fontello.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/template/css/bramble_responsive.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/template/css/bramble_customResponsive.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuery/jquery.min.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuery/jquery-migrate.min.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Fontello/fontello-animation.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryUI/jquery-ui.min.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryUI/jquery-ui.theme.min.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryUI/jquery-ui.min.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryUI/jquery-ui.structure.min.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Cosmoshop.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuerySlickCarousel/css/slick.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuerySlickCarousel/css/slick-theme.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/FormLib/shop_formlib.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/modernizr/modernizr.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryCookie/jquery.cookie.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuerySlickCarousel/js/slick.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/LiveSearch/jQueryLiveSearch.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/template/js/bramble_shopFunctions.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/lib/de_categories_61fc104855eb3a96fccf5f576c8595fd.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/style.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/lazyClasses.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/overrides.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Cache.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/EventHandler.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Helper.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Validators.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Ajax.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/pix/template_vorlage/bramble/shop_header/de/Logo.png HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: image/webp,/Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/pix/template_vorlage/bramble/shop_header/de/apple-touch-icon.png HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: image/webp,/Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/pix/s/favicon/icon.ico HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: image/webp,/Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/pix/template_vorlage/bramble/suchleiste/de/logo.png HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: image/webp,/Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Fontello/fontello.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveRange: bytes=65155-If-Range: "14bd0-5feccdab8af05"
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/shop/Core.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/Ejs_3_1_6_min.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/jQuery/Modal.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Fontello/font/cs.woff?29759507 HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: identityReferer: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Fontello/fontello.cssConnection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/jQuery/Loading.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/jQuery/loading.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/jQuery/modal.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /update/3/GMP/66.0.3/20190410113011/Linux_x86_64-gcc3/null/release-cck-ubuntu/Linux%204.4.0-116-generic%20(GTK%203.18.9%2Clibpulse%208.0.0)/canonical/1.0/update.xml HTTP/1.1Host: aus5.mozilla.orgUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: xev8YB1whZWmp3xLeb+PtQ==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: Giwk5E669Eu9xuCnED93cg==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: DhrbBwdwLy0yYGCNGbsk2Q==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: dmzcw8f+mp0a8xDMLWeZpg==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: DZJ26dvtPenqt++cA0yyNQ==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket

Source: global traffic	DNS traffic detected: DNS query: generali.werbeartikel-online-shop.com
Source: global traffic	DNS traffic detected: DNS query: push.services.mozilla.com

Source: unknown

HTTP traffic detected: POST /cgi-bin/cosmoshop/lshop.cgi HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: application/json, text/javascript, */*; q=0.01Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Content-Type: application/x-www-form-urlencoded; charset=UTF-8X-Requested-With: XMLHttpRequestContent-Length: 78Connection: keep-alive

Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://crl.pki.goog/gsr2/gsr2.crl0?
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl0=
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://ocsp.pki.goog/gsr202
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://wiki.ubuntu.com
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://wiki.ubuntu.com/moc.utnubu.ikiw.
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.debian.org
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.debian.org/gro.naibed.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.ubuntu.com
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.ubuntu.com/moc.utnubu.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://answers.launchpad.net
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://answers.launchpad.net/ubuntu/
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com
Source: recovery.jsonlz4.tmp.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/GENERALI
Source: AD059B96D97FE240161540F36D46C5F70734D6F2.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/default/css/shop/content/layout/bramble.min.
Source: 255180BBFC392A33F03051F3DC10335C080DDA20.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/default/css/shop/frame/layout/bramble.min.2.
Source: E39A30365062FED6A062C3B828869E960E9E1641.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/default/template/css/bramble_customDesign.cs
Source: 9E876DD8AD3949F308300382320CBAFF2C684314.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/default/template/css/bramble_customResponsiv
Source: 40ABD0A962B8FE31514026AD426D53FC2AD624FE.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/css/shop/content/style/de/bramble.min
Source: 1B22BDA5BA68A1448FCB56906398FE61B0AEE710.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/css/shop/frame/style/de/bramble.min.2
Source: 17BCC6A55E85E8F6A4C660529BB763D3464877E1.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Fontello/fontello-animation.css
Source: C451CAD6E876978E63FFFC9865A83D89CFBE951D.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Fontello/fontello.css
Source: E8D2EF960BE529ACF6A67B8DF1D64710B0CD15D1.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/NormalizeCss/normalize.css
Source: 66B7941C45385F0CD6B46B392D0BEF2CBD64288D.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQuery/jquery-migrate.min.js
Source: 1ACD9749AAE3D02FEE084B8576784A1535E5546C.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQuery/jquery.min.js
Source: C7093830EE04AD47A1F61AE4D939134F0A4244BF.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/template/css/bramble_responsive.css
Source: 919AD4B6B4DF5BEE81EE8EC9665A5FC662F12E3B.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/template/css/bramble_rootStyles.css
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/moc.pohs-enilno-lekitraebrew.ilareneg.d
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.comd
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: https://pki.goog/repository/0
Source: C389DE279BF5275924497D5B33D1F1900116E591.34.dr	String found in binary or memory: https://snippets.cdn.mozilla.net/us-west/bundles-pregen/Firefox/en-us/default.json
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://support.mozilla.org
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://support.mozilla.org/en-US/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=fire
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://support.mozilla.org/en-US/products/firefoxgro.allizom.troppus.
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: https://www.digicert.com/CPS0
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/about/gro.allizom.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/contribute/gro.allizom.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/central/gro.allizom.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43760
Source: unknown	Network traffic detected: HTTP traffic on port 43732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43758
Source: unknown	Network traffic detected: HTTP traffic on port 43726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43754
Source: unknown	Network traffic detected: HTTP traffic on port 59210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43756
Source: unknown	Network traffic detected: HTTP traffic on port 43764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43752
Source: unknown	Network traffic detected: HTTP traffic on port 58630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58630
Source: unknown	Network traffic detected: HTTP traffic on port 43770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43746
Source: unknown	Network traffic detected: HTTP traffic on port 43784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43742
Source: unknown	Network traffic detected: HTTP traffic on port 43782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59208
Source: unknown	Network traffic detected: HTTP traffic on port 43720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43738
Source: unknown	Network traffic detected: HTTP traffic on port 43714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43732
Source: unknown	Network traffic detected: HTTP traffic on port 43762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43730
Source: unknown	Network traffic detected: HTTP traffic on port 43800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43728
Source: unknown	Network traffic detected: HTTP traffic on port 43740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43720
Source: unknown	Network traffic detected: HTTP traffic on port 43780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43718
Source: unknown	Network traffic detected: HTTP traffic on port 43768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43716
Source: unknown	Network traffic detected: HTTP traffic on port 43716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43794
Source: unknown	Network traffic detected: HTTP traffic on port 43802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43790
Source: unknown	Network traffic detected: HTTP traffic on port 43710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43792
Source: unknown	Network traffic detected: HTTP traffic on port 43760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43786
Source: unknown	Network traffic detected: HTTP traffic on port 43788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43780
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43782
Source: unknown	Network traffic detected: HTTP traffic on port 43730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43776
Source: unknown	Network traffic detected: HTTP traffic on port 43894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43778
Source: unknown	Network traffic detected: HTTP traffic on port 43766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43890
Source: unknown	Network traffic detected: HTTP traffic on port 43758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43770
Source: unknown	Network traffic detected: HTTP traffic on port 43888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43806
Source: unknown	Network traffic detected: HTTP traffic on port 43772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43764
Source: unknown	Network traffic detected: HTTP traffic on port 43786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43884

Source: unknown

HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.20:58630 version: TLS 1.2

Source: classification engine

Classification label: clean2.lin@0/74@20/0

Creates hidden files and/or directories

Source: /usr/bin/exo-open (PID: 4782)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/bin/exo-open (PID: 4782)	Directory: /home/james/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Directory: /home/james/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Directory: /home/james/.local	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Directory: /home/james/.config	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	File: /tmp/firefox_james/.parentlock	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	File: /home/james/.mozilla/firefox/5zxot757.default/.parentlock	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	File: /home/james/.cache/mozilla/firefox/5zxot757.default/.startup-incomplete	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.Xdefaults-ubuntu	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.mime.types	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.mozilla/firefox/5zxot757.default/storage/permanent/chrome/.metadata-v2	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.mailcap	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.cache	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4825)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4825)	Directory: /home/james/.drirc	Jump to behavior
Source: /usr/bin/dbus-launch (PID: 4859)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4923)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4968)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 5009)	Directory: /home/james/.Xauthority	Jump to behavior

Creates hidden files without content (potentially used as a mutex)

Source: /usr/lib/firefox/firefox (PID: 4797)	Empty hidden file: /tmp/firefox_james/.parentlock	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Empty hidden file: /home/james/.cache/mozilla/firefox/5zxot757.default/.startup-incomplete	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Empty hidden file: /home/james/.mozilla/firefox/5zxot757.default/.parentlock	Jump to behavior

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /usr/bin/exo-open (PID: 4782)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4825)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/bin/dbus-launch (PID: 4859)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4923)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4968)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 5009)	Queries kernel information via 'uname':	Jump to behavior

Queries the installed Ubuntu/CentOS release

Source: /usr/lib/firefox/firefox (PID: 4839)

Arguments: /usr/bin/lsb_release -> /usr/bin/python3 -Es /usr/bin/lsb_release -idrc

Jump to behavior

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.32.121.112	d228z91au11ukj.cloudfront.net	United States	16509	AMAZON-02US	false
35.244.181.201	prod.balrog.prod.cloudops.mozgcp.net	United States	15169	GOOGLEUS	false
95.142.78.35	generali.werbeartikel-online-shop.com	Germany	51483	SASGCecinastr70DE	false
34.107.243.93	push.services.mozilla.com	United States	15169	GOOGLEUS	false

Contacted Domains

Name	IP	Active
prod.balrog.prod.cloudops.mozgcp.net	35.244.181.201	true
push.services.mozilla.com	34.107.243.93	true
generali.werbeartikel-online-shop.com	95.142.78.35	true
d228z91au11ukj.cloudfront.net	13.32.121.112	true

Contacted URLs

Name	Malicious	Reputation
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/style.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/default/template/css/bramble_customDesign.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/shop/Core.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/lazyClasses.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/NormalizeCss/normalize.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQuerySlickCarousel/js/slick.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQuerySlickCarousel/css/slick.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQuerySlickCarousel/css/slick-theme.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/css/shop/frame/style/de/bramble.min.2.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/Cosmoshop.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/external/jQuery/Loading.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/Helper.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQueryUI/jquery-ui.min.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/pix/template_vorlage/bramble/shop_header/de/apple-touch-icon.png	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQuery/jquery-migrate.min.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/external/Ejs_3_1_6_min.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Fontello/font/cs.woff?29759507	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/default/lib/de_categories_61fc104855eb3a96fccf5f576c8595fd.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Fontello/fontello-animation.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/template/css/bramble_responsive.css	false	unknown
https://generali.werbeartikel-online-shop.com/	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQueryUI/jquery-ui.min.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQueryUI/jquery-ui.theme.min.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/default/template/css/bramble_customResponsive.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/FormLib/shop_formlib.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/template/js/bramble_shopFunctions.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQueryCookie/jquery.cookie.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQuery/jquery.min.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/external/jQuery/modal.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/css/shop/content/style/de/bramble.min.2.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/default/css/shop/content/layout/bramble.min.2.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/Validators.js	false	unknown
https://generali.werbeartikel-online-shop.com/cgi-bin/cosmoshop/lshop.cgi	false	unknown
https://push.services.mozilla.com/	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/template/css/bramble_rootStyles.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/external/jQuery/Modal.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/pix/template_vorlage/bramble/shop_header/de/Logo.png	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/overrides.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/EventHandler.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/default/css/shop/frame/layout/bramble.min.2.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Fontello/fontello.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/Cache.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/LiveSearch/jQueryLiveSearch.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/pix/template_vorlage/bramble/suchleiste/de/logo.png	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQueryUI/jquery-ui.structure.min.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/external/jQuery/loading.css	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Cosmoshop/Ajax.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/modernizr/modernizr.js	false	unknown
https://generali.werbeartikel-online-shop.com/cosmoshop/default/pix/s/favicon/icon.ico	false	unknown

Name	Type	MD5	SHA1	SHA256
/home/james/.cache/dconf/user	very short file (no magic)	93B885ADFE0DA089CDF634904FD59F71	5BA93C9DB0CFF93F52B521D7420E43F6EDA2784F	6E340B9CFFB37A989CA544E6BB780A2C78901D3FB33738768511A30617AFA01D
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/17BCC6A55E85E8F6A4C660529BB763D3464877E1	data	B38243F58A962EDE284CAEE3FA6F295C	9D10723982FED876AA9E9A70ABD6BA56DD8CEF46	A7F9AC562B7CCA22742C65C55BEAC2BE9F8569BE4B6E1FCFF1B04F244E125EDD
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/1ACD9749AAE3D02FEE084B8576784A1535E5546C	ASCII text, with very long lines (32033)	13C7AE2E39B8E38D480D6F2A36DE779F	2B12B8231763F1F02632FC942976ED1981C30CF7	40515BBF2335C3440CBF17F44B8FB7C2007FD0E9D4AA75119A56C6F153F4724C
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/1B22BDA5BA68A1448FCB56906398FE61B0AEE710	data	19026ABB0FD3923DA47D06B3604A440B	42CE096BE02CC88AE7693C99EFA3DF1397BE81C7	33BA8C7FA199045AF567ED9049EBAAFC5B47E4875605C430D98C412C1F0A6170
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/255180BBFC392A33F03051F3DC10335C080DDA20	data	1DBF7856C8A3A7219705DA9CF83064FB	55654C818D14B34AE20C30FEE517706098CAA198	9BDEE64EF619FBCE93DA804C98E9C2AD9C5E29234A2CD9C5153C772AEAFC98BB
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/40ABD0A962B8FE31514026AD426D53FC2AD624FE	data	DBC02366223A60EF30888AA2CB57E281	B748C45FF44F48370E83349E76D13B1F55A98519	637ACE80F98F4A44F4031F15DDEF17AA78B758A1A032741FE334F120D5F229A9
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/66B7941C45385F0CD6B46B392D0BEF2CBD64288D	data	52E001E2999CDA6D31C88452314BC1BA	737D763D3433171804BF9FB31EAE7E08BF4E1720	179C241713C796DFCC0AD48178AA43144BA27940A07A2D7A4A0955C60D964EAB
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/919AD4B6B4DF5BEE81EE8EC9665A5FC662F12E3B	data	59DAEFF7B3C4C9212102F45F95E8692E	A2E79D355AF1D90AC978CFD636CE01E1377CC095	B1E30BC149D7AE6BC12BBB6C6E269A3A75EE6D4913B2518C662508AFC2E414DD
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/9E876DD8AD3949F308300382320CBAFF2C684314	data	D2C61E2FADE6EAF32DA310282B102D15	0D2B726B1CD8FB011F55D70B4A812A7E8BAACC4B	24193CB560C2D3729D9056854A2FEEF019A169D51535BC44CD18C332D2AA7FB8
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/AD059B96D97FE240161540F36D46C5F70734D6F2	data	C3EE352D08CBD2FC00151A5DD4DCA702	680A45712F8A4EE23F765E1A94D491B324CDC194	0FB581D58DC2C6FB2D05577286176DB9149AE24755574207E558572ABD6E84BD
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/C389DE279BF5275924497D5B33D1F1900116E591	JSON data	99D86B06CB321AA74A54DAEB0991B97C	998A6954A66F983B4A7669B735092AB8891D1E7A	4CDB00B89703A26AA22AF7C22CDDD2E1CDC8BE24B25315BDF214D6A036CB3DC6
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/C451CAD6E876978E63FFFC9865A83D89CFBE951D	data	42DB6E6C5F3A409C76FBB554ABDEF875	39C200C6F3D823CBC1E49BD9D0B5007D5F097172	0463576D2AD9C5C50DE837F669886584958AFFD77104279EE9BAB8CAF3C31946
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/C7093830EE04AD47A1F61AE4D939134F0A4244BF	data	DB9E3D272953CF0F6DB5280337487912	F0E58E5877DC117881B801D6CE17907693B39D23	76EC7C791DA31BFED2B7FA9AA61CBB837A94BB3AAE7ADD33BC4F668786993953
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/E39A30365062FED6A062C3B828869E960E9E1641	data	8E4ECCF072C667B9CC49C123AFC2CDB0	0D6109C54E5DB876DCD604D88E40FCEFC0A06B94	834CFA0768F0D37AD9AB4FCEA606FBD9124BDF8FAC143CD95D80B122BBBC545E
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/E8D2EF960BE529ACF6A67B8DF1D64710B0CD15D1	data	F81A719FD2A2C1EE1A4AA73BBA3B43AF	0102F82356B109401654292B7B57AB92E89A09B4	8D08858C4CD5A6CE3C5470DE52FFA1A5812F607961EDDEC6FEB4167A72A190D2
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/allow-flashallow-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/allow-flashallow-digest256.sbstore	data	D886A47C89D9C49C795DA345BC236990	59E863E0D2B4E428D8C738D48FA0F6F7BAC36849	A03C5E2656D2F292BF5794C8EEB8D223CD6BA4F4BFB2ED1F325460E879D0BCF7
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/base-track-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/base-track-digest256.sbstore	data	60985C9439E7E254CA4EAD41AD1EFF32	184C8B3263D678D854F7B05FC41FDD3267A46FD6	5DA0A3FFC814575410D0F58D9647944AF4EB0809BE9E3475CD96B94DC2B14B56
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flash-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flash-digest256.sbstore	data	0E8FE60CCD7E9B4C32589A5743A95302	190F3BC536C9489C707AE31DA32BF86947EA5D78	2B124D4026850A3CFFD28DBACB58AEC28F7DCD4D40BC14E52BBE96D60CE4E749
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flashsubdoc-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flashsubdoc-digest256.sbstore	data	04824A1F92353F43EBB9E7F74B7476FD	C2636E8FFA8A5256D7D1F21E147101356E783114	B48E58EBAB82E4C376F16150A3FFF850C1111FF1F5985D68819CFD6F0DB159D2
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flash-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flash-digest256.sbstore	data	C921D8E98FA01B4F303481E112202E92	9D23B452AD0D06C355477CF70E3AA5D0ADFE6278	4EF1038730EC8BC7206713C29A936768831B922C5E6C83355FD62D7401D8C1DC
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashallow-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashallow-digest256.sbstore	data	6F85BC4B2ECB49E26B0BD83A821065D0	4DF430B4D63605E41855DBCB3837A189D4CC7604	C0B3BC9B3DC507AB654CAF72D13C3AEFA58C9B13B1E4D14DD8816712D80A7E54
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashsubdoc-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashsubdoc-digest256.sbstore	data	BA0009932844173BC8F9AF264229DF24	C8F6956FA86F4E9CF71599B735E28860245AE4B5	66D1C00C04D86E313E9A02775CDF906B1BE8D4CD6BEF423A1B9E21CC4E9F50C1
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozplugin-block-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozplugin-block-digest256.sbstore	data	D6ACF2573E12AFDD7939568804D3FCC1	5C54AD3FF47C6B925E7AC17D361FE0FA60B9181E	5525CBF8F8DC41D19AC632ED324E55293A510AE0EEBA16D0E3F33C707AA58A0C
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozstd-trackwhite-digest256.pset	data	076933FF9904D1110D896E2C525E39E5	4188442577FA77F25820D9B2D01CC446E30684AC	4CBBD8CA5215B8D161AEC181A74B694F4E24B001D5B081DC0030ED797A8973E0
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozstd-trackwhite-digest256.sbstore	data	845BEDB718B8941F643BB988F640E141	DB9BC33A9C9FF6E6D3651710DC1AC8D387759D24	5083D014CC7E8CFB15D4803429A9AB5FA397E1010CE66D0C8B8215C7FC3C6FDE
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple-1.sbstore	data	E2CF527CA7550B7E7BDF7311E483A2C3	C354190BB2B8A00A6051EF2FB86E189AB053FE93	F1E07B1D717433F47073DC54A7D98E3E87B3D0FA88E53466F93EA544AF885D11
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple.sbstore	data	E2CF527CA7550B7E7BDF7311E483A2C3	C354190BB2B8A00A6051EF2FB86E189AB053FE93	F1E07B1D717433F47073DC54A7D98E3E87B3D0FA88E53466F93EA544AF885D11
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple-1.sbstore	data	051FB32DECE757BA112AC36DC72E3A91	A30D26CEE0F69FA67BF9E60BA692F4831373CC07	0806D98FB3DE55F75D7C0B17E26146567E08C483031526659A4A35D09B97EF19
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple.sbstore	data	051FB32DECE757BA112AC36DC72E3A91	A30D26CEE0F69FA67BF9E60BA692F4831373CC07	0806D98FB3DE55F75D7C0B17E26146567E08C483031526659A4A35D09B97EF19
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple-1.sbstore	data	3675254E341DF799D4307C1F59109185	8711844A41A4ACE77BA0A01A4D3AF2B2E59E6A75	23D108134BED6099793F7DD6B8B6E62081EC3B945EFDBC7C5E0E779FD9B82F98
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple.sbstore	data	3675254E341DF799D4307C1F59109185	8711844A41A4ACE77BA0A01A4D3AF2B2E59E6A75	23D108134BED6099793F7DD6B8B6E62081EC3B945EFDBC7C5E0E779FD9B82F98
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple-1.sbstore	data	3D1CE5E50208F0CB3B979186043A548F	10C66032C5ACAC22D70670B9302437141E6371EF	1E13D05D482C3D533DC6035AF2B2D6E84749412A5748D1435B70CEC8B312340B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple.sbstore	data	3D1CE5E50208F0CB3B979186043A548F	10C66032C5ACAC22D70670B9302437141E6371EF	1E13D05D482C3D533DC6035AF2B2D6E84749412A5748D1435B70CEC8B312340B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple-1.sbstore	data	95F28EDE25C301301F25FBBD9A3C56EC	80F7D95AFC0DE8C608F672A6837C664EF847BCD5	87763DF78772F7D750B0FA5A31EEC23E931FD3BD1CBB33BEDDFC61889DA36478
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple.sbstore	data	95F28EDE25C301301F25FBBD9A3C56EC	80F7D95AFC0DE8C608F672A6837C664EF847BCD5	87763DF78772F7D750B0FA5A31EEC23E931FD3BD1CBB33BEDDFC61889DA36478
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple-1.sbstore	data	65E942614EEE70680464AC4BE75019FC	7CA1B5994684A7FE37A61BC350A1FA8A89BF91DA	34395085DA32C8B4EFE9959E3B0D756B43FFED17694D66F39B966CD331BD9A94
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple.sbstore	data	65E942614EEE70680464AC4BE75019FC	7CA1B5994684A7FE37A61BC350A1FA8A89BF91DA	34395085DA32C8B4EFE9959E3B0D756B43FFED17694D66F39B966CD331BD9A94
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple-1.sbstore	data	A5695CC64D77967232B0C1344C6E72B3	B0F151A5292D4B796668B242BF896FDBB5A24B67	042A22B8681D754671D2018BA109B31A53EE3728D48C6379043F8E3394E7FBAD
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple.pset	data	E2CECF06A89B4A6D968486F17F30DA5D	46757A7F71DCFBEB5511665F123810148727324E	E6B10FF8681FB7461557E6227D036617C7ECFC6E31A35412F8A5F72C217F318B
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple.sbstore	data	A5695CC64D77967232B0C1344C6E72B3	B0F151A5292D4B796668B242BF896FDBB5A24B67	042A22B8681D754671D2018BA109B31A53EE3728D48C6379043F8E3394E7FBAD
/home/james/.mozilla/firefox/5zxot757.default/addonStartup.json.lz4.tmp	Mozilla lz4 compressed data, originally 1426 bytes	C03070F8A39B68E1DF90C197530147B8	CA5D078F9FE04FA46AF10505F930F1F67DEA4314	FB1ABAC28102E4FD1F7CD97C8B4135681C9BD4BA0EF1517895B278DB52BF5256
/home/james/.mozilla/firefox/5zxot757.default/cert9.db	SQLite 3.x database, last written using SQLite version 3026000, page size 32768, file counter 4, database pages 7, cookie 0x5, schema 4, UTF-8, version-valid-for 4	ABD2C50FF4EEDD2F6442D3504189B717	D73ADB9FBDC9B6F0E2DF605557C7C7910118A4B1	171B0A27000291D9B4256E55531F219D0AE75460DF16D7DB10DDD56F07C243DD
/home/james/.mozilla/firefox/5zxot757.default/cert9.db-journal	data	CD2F7B67E05C8961E78C424A4070F0E4	220866F436AD2D807652CE13A9BFC626A45ABB78	311281E2A2ED5AEB765B9A6EE315D6AD534D4A25B5ED967D8784903A18C22ADE
/home/james/.mozilla/firefox/5zxot757.default/key4.db	SQLite 3.x database, last written using SQLite version 3026000, page size 32768, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3	CA9E8C0956917824A400A8BBB4FEDF7F	7D9A172496EDAC164EEC4D7D2E6A012B6F26DBE5	0987B4B8C8875C280924BD70CE301E883A42DD450DEED1E4ADD1109023B8E21D
/home/james/.mozilla/firefox/5zxot757.default/key4.db-journal	data	E877D6A262525843E31A13F07F487E90	4CC2001AEB3C3B445F6DF29DE5B7540CD1399C22	F45DA8290B7112DB856482D10543E24A31DF27616C3AAD84C7546EB09AA2BBAA
/home/james/.mozilla/firefox/5zxot757.default/permissions.sqlite	SQLite 3.x database, user version 9, last written using SQLite version 3026000, page size 32768, file counter 5, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 5	3EC564DFFB31A761D90CC78B79A12619	179B48158BB8B9FAB1422D40C9B0618307AC0C5B	18A9301EDE2C87FC24D9CE4EB1DC710DE2CD13C9DC57C46B0D88F08F8EC0CB91
/home/james/.mozilla/firefox/5zxot757.default/permissions.sqlite-journal	data	EB8F9978979688517646A4A7F24124CF	51DD2198A81A8592F518B980F4B87F591FF8BCE8	127CDCED860D4F663368DFD8C9BE87DA3304650863A294AF69FA7A6F7776D6D9
/home/james/.mozilla/firefox/5zxot757.default/places.sqlite-wal	SQLite Write-Ahead Log, version 3007000	B21043C51B2397C51B950F7FE4E79EF5	1F0AD213EDA64E1E6EFC77C7445EEC39FDB9FF83	4683964D419452EF76B2457393FD61EE97BF1CA34041A99EBAFCD9EB281DB326
/home/james/.mozilla/firefox/5zxot757.default/prefs-1.js	ASCII text, with very long lines (663)	FB1F75DF95CEB4010AB5DF9A054B7099	AA20CD2A850561F7D15D420C2EC48FE67531A86A	2D2EC5009D05EE117B8A0FB7F6B124597FF74F263170FDF856B6967FBA66859F
/home/james/.mozilla/firefox/5zxot757.default/sessionCheckpoints.json.tmp	JSON data	C0E4C22C50DD21142F57714EF49B8713	06B77307DCA5C889EA279243E74730CBC10801BE	6FE46B65B76B3DF32D8392853740B35ED75B6E23F4FBD6F45F3EFA1D496E6717
/home/james/.mozilla/firefox/5zxot757.default/sessionstore-backups/recovery.jsonlz4.tmp	Mozilla lz4 compressed data, originally 26998 bytes	6DE64290495C91B1EE07CF79892B91C7	217E964B1640FBC1383FFC34DFC1747975AA2E3F	6D0411619F2B578F67C32DEA6986DA7D0740AECE77BF45EBED3AC710AB7C0E31
/proc/4923/gid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/4923/setgroups	ASCII text, with no line terminators	05AFB6CE69B9CEF1BD6ECE7E4745F96C	1D16DC2DCC6851208C1B981E2EC377250A4A0CC5	3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
/proc/4923/uid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/4968/gid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/4968/setgroups	ASCII text, with no line terminators	05AFB6CE69B9CEF1BD6ECE7E4745F96C	1D16DC2DCC6851208C1B981E2EC377250A4A0CC5	3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
/proc/4968/uid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/5009/gid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
/proc/5009/setgroups	ASCII text, with no line terminators	05AFB6CE69B9CEF1BD6ECE7E4745F96C	1D16DC2DCC6851208C1B981E2EC377250A4A0CC5	3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
/proc/5009/uid_map	ASCII text, with no line terminators	54258652109C33FE06188083A3EC23F4	013EC30A95D66C56642C193613A829B746982601	C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E

Source: unknown

HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.20:58630 version: TLS 1.2

Reads the 'hosts' file potentially containing internal network hosts

Source: /usr/lib/firefox/firefox (PID: 4797)

Reads hosts file: /etc/hosts

Jump to behavior

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-aliveUpgrade-Insecure-Requests: 1
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/NormalizeCss/normalize.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /6/Firefox/66.0.3/20190410113011/Linux_x86_64-gcc3/en-US/release-cck-ubuntu/Linux%204.4.0-116-generic%20(GTK%203.18.9%2Clibpulse%208.0.0)/canonical/1.0/ HTTP/1.1Host: snippets.cdn.mozilla.netUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/css/shop/frame/style/de/bramble.min.2.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/css/shop/content/layout/bramble.min.2.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/template/css/bramble_rootStyles.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/css/shop/content/style/de/bramble.min.2.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/css/shop/frame/layout/bramble.min.2.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /us-west/bundles-pregen/Firefox/en-us/default.json HTTP/1.1Host: snippets.cdn.mozilla.netUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/template/css/bramble_customDesign.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Fontello/fontello.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/template/css/bramble_responsive.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/template/css/bramble_customResponsive.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuery/jquery.min.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuery/jquery-migrate.min.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Fontello/fontello-animation.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryUI/jquery-ui.min.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryUI/jquery-ui.theme.min.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryUI/jquery-ui.min.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryUI/jquery-ui.structure.min.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Cosmoshop.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuerySlickCarousel/css/slick.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuerySlickCarousel/css/slick-theme.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/FormLib/shop_formlib.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/modernizr/modernizr.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQueryCookie/jquery.cookie.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/jQuerySlickCarousel/js/slick.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/LiveSearch/jQueryLiveSearch.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/template/js/bramble_shopFunctions.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/lib/de_categories_61fc104855eb3a96fccf5f576c8595fd.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/style.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/lazyClasses.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/overrides.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Cache.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/EventHandler.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Helper.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Validators.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/Ajax.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/pix/template_vorlage/bramble/shop_header/de/Logo.png HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: image/webp,/Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/pix/template_vorlage/bramble/shop_header/de/apple-touch-icon.png HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: image/webp,/Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/default/pix/s/favicon/icon.ico HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: image/webp,/Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/pix/template_vorlage/bramble/suchleiste/de/logo.png HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: image/webp,/Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Fontello/fontello.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveRange: bytes=65155-If-Range: "14bd0-5feccdab8af05"
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/shop/Core.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/Ejs_3_1_6_min.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/jQuery/Modal.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Fontello/font/cs.woff?29759507 HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: identityReferer: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Fontello/fontello.cssConnection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/jQuery/Loading.js HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/jQuery/loading.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /cosmoshop/shared/libs/Cosmoshop/external/jQuery/modal.css HTTP/1.1Host: generali.werbeartikel-online-shop.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/css,/;q=0.1Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brReferer: https://generali.werbeartikel-online-shop.com/Connection: keep-aliveCookie: SHOP_SESSION_generali.werbeartikel-online-shop.com=1728312512.71117.0uHYw6pSErPHx3g9qVqS8v3aVhJI3yRwSNCyGzwU
Source: global traffic	HTTP traffic detected: GET /update/3/GMP/66.0.3/20190410113011/Linux_x86_64-gcc3/null/release-cck-ubuntu/Linux%204.4.0-116-generic%20(GTK%203.18.9%2Clibpulse%208.0.0)/canonical/1.0/update.xml HTTP/1.1Host: aus5.mozilla.orgUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: xev8YB1whZWmp3xLeb+PtQ==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: Giwk5E669Eu9xuCnED93cg==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: DhrbBwdwLy0yYGCNGbsk2Q==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: dmzcw8f+mp0a8xDMLWeZpg==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: /Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: DZJ26dvtPenqt++cA0yyNQ==Connection: keep-alive, UpgradePragma: no-cacheCache-Control: no-cacheUpgrade: websocket

Source: global traffic	DNS traffic detected: DNS query: generali.werbeartikel-online-shop.com
Source: global traffic	DNS traffic detected: DNS query: push.services.mozilla.com

Source: unknown

Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://crl.pki.goog/gsr2/gsr2.crl0?
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl0=
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: http://ocsp.pki.goog/gsr202
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://wiki.ubuntu.com
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://wiki.ubuntu.com/moc.utnubu.ikiw.
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.debian.org
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.debian.org/gro.naibed.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.ubuntu.com
Source: places.sqlite-wal.34.dr	String found in binary or memory: http://www.ubuntu.com/moc.utnubu.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://answers.launchpad.net
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://answers.launchpad.net/ubuntu/
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com
Source: recovery.jsonlz4.tmp.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/GENERALI
Source: AD059B96D97FE240161540F36D46C5F70734D6F2.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/default/css/shop/content/layout/bramble.min.
Source: 255180BBFC392A33F03051F3DC10335C080DDA20.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/default/css/shop/frame/layout/bramble.min.2.
Source: E39A30365062FED6A062C3B828869E960E9E1641.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/default/template/css/bramble_customDesign.cs
Source: 9E876DD8AD3949F308300382320CBAFF2C684314.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/default/template/css/bramble_customResponsiv
Source: 40ABD0A962B8FE31514026AD426D53FC2AD624FE.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/css/shop/content/style/de/bramble.min
Source: 1B22BDA5BA68A1448FCB56906398FE61B0AEE710.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/css/shop/frame/style/de/bramble.min.2
Source: 17BCC6A55E85E8F6A4C660529BB763D3464877E1.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Fontello/fontello-animation.css
Source: C451CAD6E876978E63FFFC9865A83D89CFBE951D.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/Fontello/fontello.css
Source: E8D2EF960BE529ACF6A67B8DF1D64710B0CD15D1.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/NormalizeCss/normalize.css
Source: 66B7941C45385F0CD6B46B392D0BEF2CBD64288D.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQuery/jquery-migrate.min.js
Source: 1ACD9749AAE3D02FEE084B8576784A1535E5546C.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/libs/jQuery/jquery.min.js
Source: C7093830EE04AD47A1F61AE4D939134F0A4244BF.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/template/css/bramble_responsive.css
Source: 919AD4B6B4DF5BEE81EE8EC9665A5FC662F12E3B.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/cosmoshop/shared/template/css/bramble_rootStyles.css
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.com/moc.pohs-enilno-lekitraebrew.ilareneg.d
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://generali.werbeartikel-online-shop.comd
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: https://pki.goog/repository/0
Source: C389DE279BF5275924497D5B33D1F1900116E591.34.dr	String found in binary or memory: https://snippets.cdn.mozilla.net/us-west/bundles-pregen/Firefox/en-us/default.json
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://support.mozilla.org
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://support.mozilla.org/en-US/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=fire
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://support.mozilla.org/en-US/products/firefoxgro.allizom.troppus.
Source: cert9.db-journal.34.dr, cert9.db.34.dr	String found in binary or memory: https://www.digicert.com/CPS0
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/about/gro.allizom.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/contribute/gro.allizom.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/central/gro.allizom.www.
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
Source: places.sqlite-wal.34.dr	String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43760
Source: unknown	Network traffic detected: HTTP traffic on port 43732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43758
Source: unknown	Network traffic detected: HTTP traffic on port 43726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43754
Source: unknown	Network traffic detected: HTTP traffic on port 59210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43756
Source: unknown	Network traffic detected: HTTP traffic on port 43764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43752
Source: unknown	Network traffic detected: HTTP traffic on port 58630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58630
Source: unknown	Network traffic detected: HTTP traffic on port 43770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43746
Source: unknown	Network traffic detected: HTTP traffic on port 43784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43742
Source: unknown	Network traffic detected: HTTP traffic on port 43782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59208
Source: unknown	Network traffic detected: HTTP traffic on port 43720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43738
Source: unknown	Network traffic detected: HTTP traffic on port 43714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43732
Source: unknown	Network traffic detected: HTTP traffic on port 43762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43730
Source: unknown	Network traffic detected: HTTP traffic on port 43800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43728
Source: unknown	Network traffic detected: HTTP traffic on port 43740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43720
Source: unknown	Network traffic detected: HTTP traffic on port 43780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43718
Source: unknown	Network traffic detected: HTTP traffic on port 43768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43716
Source: unknown	Network traffic detected: HTTP traffic on port 43716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43794
Source: unknown	Network traffic detected: HTTP traffic on port 43802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43790
Source: unknown	Network traffic detected: HTTP traffic on port 43710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43792
Source: unknown	Network traffic detected: HTTP traffic on port 43760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43786
Source: unknown	Network traffic detected: HTTP traffic on port 43788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43780
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43782
Source: unknown	Network traffic detected: HTTP traffic on port 43730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43776
Source: unknown	Network traffic detected: HTTP traffic on port 43894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43778
Source: unknown	Network traffic detected: HTTP traffic on port 43766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43890
Source: unknown	Network traffic detected: HTTP traffic on port 43758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43770
Source: unknown	Network traffic detected: HTTP traffic on port 43888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43806
Source: unknown	Network traffic detected: HTTP traffic on port 43772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43764
Source: unknown	Network traffic detected: HTTP traffic on port 43786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43884

Source: unknown

HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.20:58630 version: TLS 1.2

Source: classification engine

Classification label: clean2.lin@0/74@20/0

Creates hidden files and/or directories

Source: /usr/bin/exo-open (PID: 4782)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/bin/exo-open (PID: 4782)	Directory: /home/james/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Directory: /home/james/.cache	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Directory: /home/james/.local	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Directory: /home/james/.config	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	File: /tmp/firefox_james/.parentlock	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	File: /home/james/.mozilla/firefox/5zxot757.default/.parentlock	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	File: /home/james/.cache/mozilla/firefox/5zxot757.default/.startup-incomplete	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.Xdefaults-ubuntu	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.mime.types	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.mozilla/firefox/5zxot757.default/storage/permanent/chrome/.metadata-v2	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.mailcap	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Directory: /home/james/.cache	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4825)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4825)	Directory: /home/james/.drirc	Jump to behavior
Source: /usr/bin/dbus-launch (PID: 4859)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4923)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4968)	Directory: /home/james/.Xauthority	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 5009)	Directory: /home/james/.Xauthority	Jump to behavior

Creates hidden files without content (potentially used as a mutex)

Source: /usr/lib/firefox/firefox (PID: 4797)	Empty hidden file: /tmp/firefox_james/.parentlock	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Empty hidden file: /home/james/.cache/mozilla/firefox/5zxot757.default/.startup-incomplete	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Empty hidden file: /home/james/.mozilla/firefox/5zxot757.default/.parentlock	Jump to behavior

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /usr/bin/exo-open (PID: 4782)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 (PID: 4790)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4797)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4825)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/bin/dbus-launch (PID: 4859)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4923)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 4968)	Queries kernel information via 'uname':	Jump to behavior
Source: /usr/lib/firefox/firefox (PID: 5009)	Queries kernel information via 'uname':	Jump to behavior

Queries the installed Ubuntu/CentOS release

Source: /usr/lib/firefox/firefox (PID: 4839)

Arguments: /usr/bin/lsb_release -> /usr/bin/python3 -Es /usr/bin/lsb_release -idrc

Jump to behavior

ID:	1528210
Product:	CloudBasic
Start time:	16:47:52
Start date:	07.10.2024
Cookbook:	browseurl.jbs
System description:	Ubuntu Linux 16.04 x64 (Kernel 4.4.0-116, Firefox 88.0, Document Viewer 3.18.2, LibreOffice 5.1.6.2, OpenJDK 1.8.0_171)
Architecture:	LINUX

Linux Analysis Report
https://generali.werbeartikel-online-shop.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Persistence and Installation Behavior

Malware Analysis System Evasion

Language, Device and Operating System Detection

Screenshots

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs

Linux Analysis Report https://generali.werbeartikel-online-shop.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Persistence and Installation Behavior

Malware Analysis System Evasion

Language, Device and Operating System Detection

Screenshots

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs

Linux Analysis Report
https://generali.werbeartikel-online-shop.com