Source: https://padlet.com/accounts260/battery-mart-chnx6g3lr76juocu |
SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering |
Source: https://padlet.com/accounts260/battery-mart-chnx6g3lr76juocu |
HTTP Parser: Base64 decoded: {"alg":"HS256"} |
Source: unknown |
HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.7:49706 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49793 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49839 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.7:50423 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: global traffic |
HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net |
Source: global traffic |
HTTP traffic detected: GET /accounts260/battery-mart-chnx6g3lr76juocu HTTP/1.1Host: padlet.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net |
Source: global traffic |
HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net |
Source: global traffic |
HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net |
Source: global traffic |
HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net |
Source: global traffic |
HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net |
Source: global traffic |
HTTP traffic detected: GET /api/1/padlet_starting_state?token=eklDQ3h3Y0FjR0Y1Ykc5aFpONEFHc2NIQUhWelpYSmZhV1RPckJxZlljY0hBSGRoYkd4ZmFXVE9EUFYyYWNjVEFHSnlaV0ZyYjNWMFgzTmxZM1JwYjI1ZmFXVEF4eHNBYzJWamRHbHZibDlpY21WaGEyOTFkRjlwWkdWdWRHbG1hV1Z5d01jVkFHbHpYM04xWW0xcGMzTnBiMjVmY21WeGRXVnpkTUxIRFFCcGMxOW1hWEp6ZEY5MmFXVjN3c2NNQUdselgzSmxZV1JmYjI1c2VjTEhFZ0JwYzE5emFXMXdiR2xtYVdWa1gzWnBaWGZDeHhJQWFYTmZjMk55WldWdWMyaHZkRjl0YjJSbHdzY2JBSGhmWVhWMGFHOXlYMmx1WDNOamNtVmxibk5vYjNSZmJXOWtaY1BISGdCNFgzSmxZV04wYVc5dWMxOXBibDl6WTNKbFpXNXphRzkwWDIxdlpHWER4eDBBZUY5amIyMXRaVzUwYzE5cGJsOXpZM0psWlc1emFHOTBYMjF2WkdYRHh3c0FhWE5mWlcxaVpXUmtaV1RDeHc4QWFYTmZiSFJwWDJWdFltVmtaR1Zrd3NjZEFHbHpYM2RvYVhSbFltOWhjbVJmWlcxaVpXUmZjR3hoZVY5dGIyUmx3c2NWQUdSbFptRjFiSFJmY0dSbVgzQmhaMlZmYzJsNlphSmhOTWNNQUdselgzTnNhV1JsYzJodmQ4TEhEd0J0WVdkcFkxOTNZV3hzWDNSNWNHWEF4dzRBWjJWdVpYSmhkR2x1WjE5d1pHYkN4d3NBWVhKMmIxOWpiMjVtYVdlQ3h3Y0FZMlJ1U0c5emRMUmhjM05sZEhNdWNHRmtiR1YwWTJSdUxtTnZiY2NGQUhSdmEyVnVnY2NLQUc5aGRYUm9WRzlyWlc3WlFERmpOamszTVRFMU56SXpOemcxWlRRME56UmhZVGxtTXprd1lqUXlObVZrTURNeU0ySmtaRFU1TW1Zd05qVmpOalV5WldNMk9UYzRNemRoWlRKbVlUVEhGQUJwYm5acGRHVmZhblZ6ZEY5aFkyTmxjSFJsWk1ESEV3QjZiMjl0WDJOdmJHeGhZbTl5WVhSbFgybGt3TWNQQUhwdmIyMWZiV1ZsZEdsdVoxOXBaTURISWdCcGMxOTFjMlZ5WDJodmMzUnBibWRmZW05dmJWOWpiMnhzWVdKdmNtRjBhVzl1d3NjakFIQmhjbUZ0WDNCdmMzUmZiVzlrWlhKaGRHbHZibDloWTNScGIyNWZjbVZ6ZFd4MHdNY21BSEJoY21GdFgyTnZiVzFsYm5SZmJXOWtaWEpoZEdsdmJsOWhZM1JwYjI1ZmNtVnpkV3gwd01jS0FHVjRjR2x5WlhOZllYVEhEd2pPWncwRXFzNElFZGlSQUtOVlZFTT0tLTY5NDI1NGM5Y2YzZGEwNDJjYjY4OWJlNjI2M2M2ZmZiYTE0Nzg2ZTM- HTTP/1.1Host: padlet.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://padlet.com/accounts260/battery-mart-chnx6g3lr76juocuAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ww_d=69cd9f3bff5d36ee8a4687f30b25158c; ww_s=c977d9db9daf1744340d99805ea17380; ww_l=; ww_f=beta%3Dfalse; ww_aun=Whimsical+Crocodile; ww_auh=1728904610; ww_p=tcfvbZexzCBie1LWlgHqSlUn%2BiLQbFl4CaqFkvq64O9yFFVrogc%2BRcLkOC0EbwpogOsVanM3F4K24QknsLY4BKyuBQSAB%2F7R4jnvCmIZK18GIzNHXcmP0%2FmJICWvQVvQXwFFRA7d9cxHZMrGeBeXjzeEgD7fcDsDJR40PA5rxyxbmhWzTh7OCcpGd5AWB80ZEAgNibjxiLlrtRR7ThNXJha%2FPribTc80Vz%2FTqtZQa2Z816o9%2BkNmuG6 |