Source: https://cegcaib.meetonline24.link/s/48767346ea3e9?id=4DV46V |
HTTP Parser: Base64 decoded: https://1000fapvids.online/3QkpHJ?source=bbtest&ad_campaign_id=107047&sub= |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.3:49717 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.3:49721 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.3:49725 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.3:49729 version: TLS 1.2 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
HTTP traffic: Redirect from: lunik.help to https://cegcaib.meetonline24.link/s/48767346ea3e9?id=4dv46v |
Source: Joe Sandbox View |
IP Address: 52.202.204.11 52.202.204.11 |
Source: Joe Sandbox View |
IP Address: 239.255.255.250 239.255.255.250 |
Source: Joe Sandbox View |
IP Address: 23.217.172.185 23.217.172.185 |
Source: Joe Sandbox View |
IP Address: 104.17.112.233 104.17.112.233 |
Source: Joe Sandbox View |
JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.43 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.155 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.189.173.5 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.43 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.155 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.202.204.11 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /psdk/v2/content?surfaceId=ACROBAT_READER_MASTER_SURFACEID&surfaceId=DC_READER_LAUNCH_CARD&surfaceId=DC_Reader_RHP_Banner&surfaceId=DC_Reader_RHP_Retention&surfaceId=Edit_InApp_Aug2020&surfaceId=DC_FirstMile_Right_Sec_Surface&surfaceId=DC_Reader_Upsell_Cards&surfaceId=DC_FirstMile_Home_View_Surface&surfaceId=DC_Reader_RHP_Intent_Banner&surfaceId=DC_Reader_Disc_LHP_Banner&surfaceId=DC_Reader_Edit_LHP_Banner&surfaceId=DC_Reader_Convert_LHP_Banner&surfaceId=DC_Reader_Sign_LHP_Banner&surfaceId=DC_Reader_More_LHP_Banner&surfaceId=DC_Reader_Disc_LHP_Retention&surfaceId=DC_Reader_Home_LHP_Trial_Banner&adcProductLanguage=en-us&adcVersion=23.6.20320&adcProductType=SingleClientMini&adcOSType=WIN&adcCountryCode=US&adcXAPIClientID=api_reader_desktop_win_23.6.20320&encodingScheme=BASE_64 HTTP/1.1Host: p13n.adobe.ioConnection: keep-alivesec-ch-ua: "Chromium";v="105"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36Accept: application/json, text/javascript, */*; q=0.01x-adobe-uuid: 970e02fa-57d1-4240-a0ce-04ea7a641583x-adobe-uuid-type: visitorIdx-api-key: AdobeReader9sec-ch-ua-platform: "Windows"Origin: https://rna-resource.acrobat.comAccept-Language: en-US,en;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rna-resource.acrobat.com/Accept-Encoding: gzip, deflate, br |
Source: global traffic |
HTTP traffic detected: GET /onboarding/smskillreader.txt HTTP/1.1Host: armmf.adobe.comConnection: keep-aliveAccept-Language: en-US,en;q=0.9User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brIf-None-Match: "78-5faa31cce96da"If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT |
Source: global traffic |
HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.3448/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.3031&MK=eOavZntpguNMsXc&MD=OvKd+3xz HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.3448/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.3031&MK=eOavZntpguNMsXc&MD=OvKd+3xz HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /2rtry5hu HTTP/1.1Host: tinyurl.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /?id=4DV46V HTTP/1.1Host: lunik.helpConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /s/48767346ea3e9?id=4DV46V HTTP/1.1Host: cegcaib.meetonline24.linkConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://lunik.help/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cegcaib.meetonline24.linksec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /bundle/787/assets/css/style.css HTTP/1.1Host: cegcaib.meetonline24.linkConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cegcaib.meetonline24.link/s/48767346ea3e9?id=4DV46VAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: s=8I47TBUnGMJufBOkE5JFgCjIbk2qTUPBsuTzdvf%2FC882BSFv2PvV%2F5sCW%2F4Tui6hpVCCdx3QOzivyYFCYY9oCCB%2B3vmnHuNb%2FRS476B71XBlkpyoztBnAquowomQVkz2Vw3Wgoi5vrr%2BbJ5uANCUTfl5s2XOu2IePDvrYuhu%2F41TqFXgA9WK5vgz%2FX%2B1m065NZwubUjoZBXgEeFRg%2FiOyBFyrfJCqs2Dvfcw075u6Yb%2BG82k0jVzTfjeO1m56xN7Hqwob%2FTR71rh2fSRRgMr3mSPUh%2BTcTS7Me8F8m5r7gC%2FHOY9mwgrurT0rkdySCaP%2BOZJE6LBarOsWcQutQnA9PfioERsMHJw6JtAP%2B8Jb8RNsC2XuVfO6%2FpL4gA077ih2wqQc1lzMaIBTDSzG8ckkqV4IuCeNf%2FmVqlcrxigwfeW73fWlLqob6htrCbtCca18SnvpzjNRtejfwKsH4B0b4ZihTlDSR0Q3w8%2FlBfVg2hDq3Q0RIVFVaLU0fZV5nw%2Faqn3jTs%2Bcm61J3qXwiTCluURdxdtKormC18NSBuHj5mp4KKmvjy3ZZYsiCm2Jzu43bcaAIOkwa5sRjY6JsUpFkAc0hV3KeYIuSmyeomFBtb0c7V8PskdueDfq35LnngeaQjv%2FO34xdcd9HD7qaCkLFUfYZgtugegOWMH56INSug%2FYbpxxONkY2eEnsot3Z5I0o5pVr8skbTPjbe%2FbFhBeCL9u0167AKNhYl%2FyNxey3F8i2c5T9Fzq5kUpR2s5hYAOAXBe1XE7kJJwecFsRnIvdXv4QYGZjGdF3Rttxu4o%2Bwynvkt6nVCHvU8m95RqzNRimgDD9kk6udgKbIkf3L6iqFaO%2FJ25UzebOVZH1Sn4NM4Iu5vkTz8%2FlbdYzzrkvOo265%2BCzYvBnr6BD1XnpFIy%2BHDMHCBU4hii4KA11Il65EK%2Bte2Od4nOHd1Sj1RwPOGyw8RNszsI%2Bh66S2AhtwBsrvmdcmbkwLcnFYhocTCBszHu61TDUeEUxdkKp2feIaWUq6vfPtGJ6gJdMnYhe7d%2F2YTbDbvJuiBU3jQeo5DARefQyVe6nvhdAQj%2FMlh0ToeZ8KsfQifQTGcYHEgNUwJYCDSPBxPVDLsjELKMebu0EkhlDEBnIrWaMFmoum%2BPQbV4EgKWaIT58%2BZeT2rliMfAK1WLAUPkHt3nrHvDP27tqZlYag1YvB%2BUeX0pzSwxpHwLizzwVx9iNFrCTmvW%2BIlgNNfqqxwTWCeWbGGE4RSZOapNfzKwSAm4sxu0nflajG7TAVhKWuV9uBtsr9Fvc8%2FgyQFfvqMVybwB5AMLYB5zxHpjHnnqz2OhP%2FWFMJRJDGLNhSh8VVtORAUIg5qX26e3tV%2FkVVtWrlKUMuLj%2BmfDCObXOmbx0P6L5b7lgDVNJzBMOiFpE1Y49hA4mCEDX2LF6EtM921G5Iu1YMHMdYVaM5Gn6hsV6GlhD0Q4pvnTtALqDK7k7xrtOv6iLg3NHT9aJaV2qsm4fw9837XGj19NIkMH%2B%2F1UWUY%2FgAyiyWkddWm9P05FOrgOpj1o8TkaaWVDoOhOYPTGmTzKDrQDwJm1wWsA7hyTa1RTR7u9G0%2Be3R%2FthWZytaJCqxXen24Ymt86yvGChKp0tlTaeLW0kH9KOH7gC22IQaFT1UCLOzDAsqys%2F70WHF5fMrlRLQzLrp7HQqS%2F%2FlcxlFdVcvRt1GXi68f71QSQk3VAoY2g5BnkgdkOEh%2B1jkDhSxyAJ6fHmq%2BhzYRiVh66oaCE |