Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://tinyurl.com/yhntdrax?_k=vPtuG

Overview

General Information

Sample URL:https://tinyurl.com/yhntdrax?_k=vPtuG
Analysis ID:1544494

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Detected non-DNS traffic on DNS port
HTML page contains hidden javascript code
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6832 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 7064 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2028,i,10516973827388125939,17990343588405902882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 4928 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=728 --field-trial-handle=2028,i,10516973827388125939,17990343588405902882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 5148 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6444 --field-trial-handle=2028,i,10516973827388125939,17990343588405902882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • chrome.exe (PID: 6628 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://tinyurl.com/yhntdrax?_k=vPtuG" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://stockx.com/HTTP Parser: Base64 decoded: <svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" fill="none"><path fill="#B20F03" d="M16 3a13 13 0 1 0 13 13A13.015 13.015 0 0 0 16 3m0 24a11 11 0 1 1 11-11 11.01 11.01 0 0 1-11 11"/><path fill="#B20F03" d="M17.038 18.615H14.87L14.563 9.5h2....
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/932166512?random=1730207038626&cv=11&fst=1730207038626&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ao0v867974353za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1280&u_h=1024&url=https%3A%2F%2Fstockx.com%2F&ref=https%3A%2F%2Fstockx.com%2F%3F__cf_chl_tk%3D7.Ln3eYdMMqqco.qdf9ow6SdiMwypBzCXMgMe4pPYHY-1730207006-1.0.1.1-JbL.wsFXt_sWHC73zFmDIJ6_Eq5gOgVkO7p6djVaOU8&hn=www.googleadservices.com&frm=0&tiba=StockX%3A%20Sneakers%2C%20Streetwear%2C%20Trading%20Cards%2C%20Handbags%2C%20Watches&npa=0&pscdl=noapi&auid=471892694.1730207039&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Source: https://stockx.com/HTTP Parser: Iframe src: https://14636937.fls.doubleclick.net/activityi;src=14636937;type=005;cat=005;ord=7952951088541;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=1072422172;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14636937;type=005;cat=005;ord=7952951088541;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=1072422172;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://14636937.fls.doubleclick.net/activityi;src=14636937;type=test;cat=test;ord=5875598466420;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=470943391;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14636937;type=test;cat=test;ord=5875598466420;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=470943391;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://gum.criteo.com/syncframe?topUrl=stockx.com&origin=onetag#{"bundle":{"identifierExtractor":{"origin":0},"value":null},"cw":true,"optout":{"identifierExtractor":{"origin":0},"value":null},"origin":"onetag","tld":"stockx.com","topUrl":"stockx.com","version":"5_29_0","ifa":{"identifierExtractor":{"origin":0},"value":null},"lsw":true,"pm":0}
Source: https://stockx.com/HTTP Parser: Iframe src: https://fledge.us.criteo.com/interest-group/abt/iframe
Source: https://stockx.com/HTTP Parser: Iframe src: https://fledge.us.criteo.com/interest-group?data=KMZWznxaOVdoaDhlWTJnU05KZVR4dC8yU1JoTUh4QUJYaWFpMGpiQmhjNVU1Z3hqcklwQksxd29SWFBGS0s3eVlOeUZXZy91Z1FLNkhNL1dRRVZvUjhzUGpPN2FtdkRSMUc1TlBVMVpWSGZpZnJhS1ZWazZ4UUVYQ3doZmhscUo2aWFqaFljZ0M0eUZ0QXlmRWlVcGYra1ZwekZ2M1NOS0h2cTYxOHM1dVV2NnRrSzQ9fA
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/932166512?random=1730207038626&cv=11&fst=1730207038626&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ao0v867974353za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1280&u_h=1024&url=https%3A%2F%2Fstockx.com%2F&ref=https%3A%2F%2Fstockx.com%2F%3F__cf_chl_tk%3D7.Ln3eYdMMqqco.qdf9ow6SdiMwypBzCXMgMe4pPYHY-1730207006-1.0.1.1-JbL.wsFXt_sWHC73zFmDIJ6_Eq5gOgVkO7p6djVaOU8&hn=www.googleadservices.com&frm=0&tiba=StockX%3A%20Sneakers%2C%20Streetwear%2C%20Trading%20Cards%2C%20Handbags%2C%20Watches&npa=0&pscdl=noapi&auid=471892694.1730207039&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Source: https://stockx.com/HTTP Parser: Iframe src: https://14636937.fls.doubleclick.net/activityi;src=14636937;type=005;cat=005;ord=7952951088541;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=1072422172;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14636937;type=005;cat=005;ord=7952951088541;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=1072422172;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://14636937.fls.doubleclick.net/activityi;src=14636937;type=test;cat=test;ord=5875598466420;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=470943391;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14636937;type=test;cat=test;ord=5875598466420;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=470943391;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://gum.criteo.com/syncframe?topUrl=stockx.com&origin=onetag#{"bundle":{"identifierExtractor":{"origin":0},"value":null},"cw":true,"optout":{"identifierExtractor":{"origin":0},"value":null},"origin":"onetag","tld":"stockx.com","topUrl":"stockx.com","version":"5_29_0","ifa":{"identifierExtractor":{"origin":0},"value":null},"lsw":true,"pm":0}
Source: https://stockx.com/HTTP Parser: Iframe src: https://fledge.us.criteo.com/interest-group/abt/iframe
Source: https://stockx.com/HTTP Parser: Iframe src: https://fledge.us.criteo.com/interest-group?data=KMZWznxaOVdoaDhlWTJnU05KZVR4dC8yU1JoTUh4QUJYaWFpMGpiQmhjNVU1Z3hqcklwQksxd29SWFBGS0s3eVlOeUZXZy91Z1FLNkhNL1dRRVZvUjhzUGpPN2FtdkRSMUc1TlBVMVpWSGZpZnJhS1ZWazZ4UUVYQ3doZmhscUo2aWFqaFljZ0M0eUZ0QXlmRWlVcGYra1ZwekZ2M1NOS0h2cTYxOHM1dVV2NnRrSzQ9fA
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/932166512?random=1730207038626&cv=11&fst=1730207038626&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ao0v867974353za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1280&u_h=1024&url=https%3A%2F%2Fstockx.com%2F&ref=https%3A%2F%2Fstockx.com%2F%3F__cf_chl_tk%3D7.Ln3eYdMMqqco.qdf9ow6SdiMwypBzCXMgMe4pPYHY-1730207006-1.0.1.1-JbL.wsFXt_sWHC73zFmDIJ6_Eq5gOgVkO7p6djVaOU8&hn=www.googleadservices.com&frm=0&tiba=StockX%3A%20Sneakers%2C%20Streetwear%2C%20Trading%20Cards%2C%20Handbags%2C%20Watches&npa=0&pscdl=noapi&auid=471892694.1730207039&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Source: https://stockx.com/HTTP Parser: Iframe src: https://14636937.fls.doubleclick.net/activityi;src=14636937;type=005;cat=005;ord=7952951088541;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=1072422172;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14636937;type=005;cat=005;ord=7952951088541;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=1072422172;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://14636937.fls.doubleclick.net/activityi;src=14636937;type=test;cat=test;ord=5875598466420;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=470943391;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14636937;type=test;cat=test;ord=5875598466420;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=470943391;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://gum.criteo.com/syncframe?topUrl=stockx.com&origin=onetag#{"bundle":{"identifierExtractor":{"origin":0},"value":null},"cw":true,"optout":{"identifierExtractor":{"origin":0},"value":null},"origin":"onetag","tld":"stockx.com","topUrl":"stockx.com","version":"5_29_0","ifa":{"identifierExtractor":{"origin":0},"value":null},"lsw":true,"pm":0}
Source: https://stockx.com/HTTP Parser: Iframe src: https://fledge.us.criteo.com/interest-group/abt/iframe
Source: https://stockx.com/HTTP Parser: Iframe src: https://fledge.us.criteo.com/interest-group?data=KMZWznxaOVdoaDhlWTJnU05KZVR4dC8yU1JoTUh4QUJYaWFpMGpiQmhjNVU1Z3hqcklwQksxd29SWFBGS0s3eVlOeUZXZy91Z1FLNkhNL1dRRVZvUjhzUGpPN2FtdkRSMUc1TlBVMVpWSGZpZnJhS1ZWazZ4UUVYQ3doZmhscUo2aWFqaFljZ0M0eUZ0QXlmRWlVcGYra1ZwekZ2M1NOS0h2cTYxOHM1dVV2NnRrSzQ9fA
Source: https://stockx.com/HTTP Parser: Iframe src: https://api.sardine.ai/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf#eyJsb2FkZXJJbml0VGltZSI6MTczMDIwNzA1NjIzOSwiZW5hYmxlQmlvbWV0cmljcyI6dHJ1ZSwiZW5hYmxlRE5TIjp0cnVlLCJyZXZpc2lvbiI6IjIwMjQtMTAtMTYtMGMxMTRjZiIsIm9yaWdpbiI6Imh0dHBzOi8vc3RvY2t4LmNvbSIsImNvbGxlY3RvckRvbWFpbiI6ImFwaS5zYXJkaW5lLmFpIiwicGl4ZWxVUkwiOiJodHRwczovL3Auc2FyZGluZS5haS92MS9iLnBuZyIsImRCYXNlRG9tYWluIjoiZC5zYXJkaW5lLmFpIiwibG9jYXRpb24iOiJodHRwczovL3N0b2NreC5jb20vIiwicmVmZXJyZXIiOiJodHRwczovL3N0b2NreC5jb20vP19fY2ZfY2hsX3RrPTcuTG4zZVlkTU1xcWNvLnFkZjlvdzZTZGlNd3lwQnpDWE1nTWU0cFBZSFktMTczMDIwNzAwNi0xLjAuMS4xLUpiTC53c0ZYdF9zV0hDNzN6Rm1ESUo2X0VxNWdPZ1ZrTzdwNmRqVmFPVTgiLCJ1dWlkIjoiYjZkZjkxNmEtNjE4Ny00NTMxLWIwN2QtYmQ2ZDA5NTc5NDZkIiwiY2xpZW50SWQiOiI3Y2NjNDNhNi1lZmNjLTRlYTYtODkzMS1kOGE5NGM4NDBhNWYiLCJzZXNzaW9uS2V5IjoiYmRiNjU3MjgtNzM5MC00Y2MyLWI5YTktNGY1NzQ1OWU3NmI5IiwiZmxvdyI6IkhvbWUiLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24ifQ==
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/932166512?random=1730207038626&cv=11&fst=1730207038626&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ao0v867974353za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1280&u_h=1024&url=https%3A%2F%2Fstockx.com%2F&ref=https%3A%2F%2Fstockx.com%2F%3F__cf_chl_tk%3D7.Ln3eYdMMqqco.qdf9ow6SdiMwypBzCXMgMe4pPYHY-1730207006-1.0.1.1-JbL.wsFXt_sWHC73zFmDIJ6_Eq5gOgVkO7p6djVaOU8&hn=www.googleadservices.com&frm=0&tiba=StockX%3A%20Sneakers%2C%20Streetwear%2C%20Trading%20Cards%2C%20Handbags%2C%20Watches&npa=0&pscdl=noapi&auid=471892694.1730207039&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Source: https://stockx.com/HTTP Parser: Iframe src: https://14636937.fls.doubleclick.net/activityi;src=14636937;type=005;cat=005;ord=7952951088541;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=1072422172;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14636937;type=005;cat=005;ord=7952951088541;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=1072422172;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://14636937.fls.doubleclick.net/activityi;src=14636937;type=test;cat=test;ord=5875598466420;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=470943391;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14636937;type=test;cat=test;ord=5875598466420;npa=0;auiddc=471892694.1730207039;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=sneakers;u7=undefined;u8=undefined;u9=undefined;ps=1;pcor=470943391;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9187635940z8811876068za201zb811876068;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101823848~101925629;epver=2;~oref=https%3A%2F%2Fstockx.com%2F?
Source: https://stockx.com/HTTP Parser: Iframe src: https://api.sardine.ai/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf#eyJsb2FkZXJJbml0VGltZSI6MTczMDIwNzA1NjIzOSwiZW5hYmxlQmlvbWV0cmljcyI6dHJ1ZSwiZW5hYmxlRE5TIjp0cnVlLCJyZXZpc2lvbiI6IjIwMjQtMTAtMTYtMGMxMTRjZiIsIm9yaWdpbiI6Imh0dHBzOi8vc3RvY2t4LmNvbSIsImNvbGxlY3RvckRvbWFpbiI6ImFwaS5zYXJkaW5lLmFpIiwicGl4ZWxVUkwiOiJodHRwczovL3Auc2FyZGluZS5haS92MS9iLnBuZyIsImRCYXNlRG9tYWluIjoiZC5zYXJkaW5lLmFpIiwibG9jYXRpb24iOiJodHRwczovL3N0b2NreC5jb20vIiwicmVmZXJyZXIiOiJodHRwczovL3N0b2NreC5jb20vP19fY2ZfY2hsX3RrPTcuTG4zZVlkTU1xcWNvLnFkZjlvdzZTZGlNd3lwQnpDWE1nTWU0cFBZSFktMTczMDIwNzAwNi0xLjAuMS4xLUpiTC53c0ZYdF9zV0hDNzN6Rm1ESUo2X0VxNWdPZ1ZrTzdwNmRqVmFPVTgiLCJ1dWlkIjoiYjZkZjkxNmEtNjE4Ny00NTMxLWIwN2QtYmQ2ZDA5NTc5NDZkIiwiY2xpZW50SWQiOiI3Y2NjNDNhNi1lZmNjLTRlYTYtODkzMS1kOGE5NGM4NDBhNWYiLCJzZXNzaW9uS2V5IjoiYmRiNjU3MjgtNzM5MC00Y2MyLWI5YTktNGY1NzQ1OWU3NmI5IiwiZmxvdyI6IkhvbWUiLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24ifQ==
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No favicon
Source: https://stockx.com/HTTP Parser: No <meta name="author".. found
Source: https://stockx.com/HTTP Parser: No <meta name="author".. found
Source: https://stockx.com/HTTP Parser: No <meta name="author".. found
Source: https://stockx.com/HTTP Parser: No <meta name="author".. found
Source: https://stockx.com/HTTP Parser: No <meta name="author".. found
Source: https://stockx.com/HTTP Parser: No <meta name="copyright".. found
Source: https://stockx.com/HTTP Parser: No <meta name="copyright".. found
Source: https://stockx.com/HTTP Parser: No <meta name="copyright".. found
Source: https://stockx.com/HTTP Parser: No <meta name="copyright".. found
Source: https://stockx.com/HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.17:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49805 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49822 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.17:57607 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:57987 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.20:443 -> 192.168.2.17:57986 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.20:443 -> 192.168.2.17:57988 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.209.186:443 -> 192.168.2.17:57993 version: TLS 1.2
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.17:57580 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:53489 -> 162.159.36.2:53
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /?_k=vPtuG HTTP/1.1Host: gov.winterpaymenko.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: tinyurl.com
Source: global trafficDNS traffic detected: DNS query: gov.winterpaymenko.top
Source: global trafficDNS traffic detected: DNS query: stockx.com
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: web-assets.stockx.com
Source: global trafficDNS traffic detected: DNS query: geolocation.onetrust.com
Source: global trafficDNS traffic detected: DNS query: cdn.cookielaw.org
Source: global trafficDNS traffic detected: DNS query: evs.cdp.stockx.com
Source: global trafficDNS traffic detected: DNS query: images-cs.stockx.com
Source: global trafficDNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global trafficDNS traffic detected: DNS query: stk.px-cloud.net
Source: global trafficDNS traffic detected: DNS query: collector-px16ud0kof.cl6.px-cloud.net
Source: global trafficDNS traffic detected: DNS query: static.fbot.me
Source: global trafficDNS traffic detected: DNS query: campaign.fbot.me
Source: global trafficDNS traffic detected: DNS query: cdn.quantummetric.com
Source: global trafficDNS traffic detected: DNS query: stockx-assets.imgix.net
Source: global trafficDNS traffic detected: DNS query: public.fbot.me
Source: global trafficDNS traffic detected: DNS query: images.stockx.com
Source: global trafficDNS traffic detected: DNS query: api.cdp.stockx.com
Source: global trafficDNS traffic detected: DNS query: connect.facebook.net
Source: global trafficDNS traffic detected: DNS query: rbidsna5.stockx.com
Source: global trafficDNS traffic detected: DNS query: getrockerbox.com
Source: global trafficDNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: td.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: mapixl.com
Source: global trafficDNS traffic detected: DNS query: c.amazon-adsystem.com
Source: global trafficDNS traffic detected: DNS query: dynamic.criteo.com
Source: global trafficDNS traffic detected: DNS query: dx.mountain.com
Source: global trafficDNS traffic detected: DNS query: collector-40161.us.tvsquared.com
Source: global trafficDNS traffic detected: DNS query: s.amazon-adsystem.com
Source: global trafficDNS traffic detected: DNS query: gum.criteo.com
Source: global trafficDNS traffic detected: DNS query: 14636937.fls.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: ara.paa-reporting-advertising.amazon
Source: global trafficDNS traffic detected: DNS query: login.microsoftonline.com
Source: global trafficDNS traffic detected: DNS query: adservice.google.com
Source: global trafficDNS traffic detected: DNS query: ad.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: px.mountain.com
Source: global trafficDNS traffic detected: DNS query: sslwidget.criteo.com
Source: global trafficDNS traffic detected: DNS query: widget.us.criteo.com
Source: global trafficDNS traffic detected: DNS query: gs.mountain.com
Source: global trafficDNS traffic detected: DNS query: fledge.us.criteo.com
Source: global trafficDNS traffic detected: DNS query: measurement-api.criteo.com
Source: global trafficDNS traffic detected: DNS query: zn4tqdz21wlnz4zv8-stockxcustomerres.siteintercept.qualtrics.com
Source: global trafficDNS traffic detected: DNS query: cloudflareinsights.com
Source: global trafficDNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: x.bidswitch.net
Source: global trafficDNS traffic detected: DNS query: ib.adnxs.com
Source: global trafficDNS traffic detected: DNS query: partner.mediawallahscript.com
Source: global trafficDNS traffic detected: DNS query: rtb-csync.smartadserver.com
Source: global trafficDNS traffic detected: DNS query: sync-t1.taboola.com
Source: global trafficDNS traffic detected: DNS query: visitor.omnitagjs.com
Source: global trafficDNS traffic detected: DNS query: r.casalemedia.com
Source: global trafficDNS traffic detected: DNS query: ads.stickyadstv.com
Source: global trafficDNS traffic detected: DNS query: ad.360yield.com
Source: global trafficDNS traffic detected: DNS query: dis.criteo.com
Source: global trafficDNS traffic detected: DNS query: i.liadm.com
Source: global trafficDNS traffic detected: DNS query: contextual.media.net
Source: global trafficDNS traffic detected: DNS query: exchange.mediavine.com
Source: global trafficDNS traffic detected: DNS query: dpm.demdex.net
Source: global trafficDNS traffic detected: DNS query: jadserve.postrelease.com
Source: global trafficDNS traffic detected: DNS query: sync.outbrain.com
Source: global trafficDNS traffic detected: DNS query: simage2.pubmatic.com
Source: global trafficDNS traffic detected: DNS query: trends.revcontent.com
Source: global trafficDNS traffic detected: DNS query: pixel.rubiconproject.com
Source: global trafficDNS traffic detected: DNS query: match.sharethrough.com
Source: global trafficDNS traffic detected: DNS query: s.ad.smaato.net
Source: global trafficDNS traffic detected: DNS query: tapestry.tapad.com
Source: global trafficDNS traffic detected: DNS query: criteo-sync.teads.tv
Source: global trafficDNS traffic detected: DNS query: 1f2e7.v.fwmrm.net
Source: global trafficDNS traffic detected: DNS query: criteo-partners.tremorhub.com
Source: global trafficDNS traffic detected: DNS query: ade.clmbtech.com
Source: global trafficDNS traffic detected: DNS query: sync.srv.stackadapt.com
Source: global trafficDNS traffic detected: DNS query: ad.tpmn.co.kr
Source: global trafficDNS traffic detected: DNS query: eb2.3lift.com
Source: global trafficDNS traffic detected: DNS query: beacon.riskified.com
Source: global trafficDNS traffic detected: DNS query: api.sardine.ai
Source: global trafficDNS traffic detected: DNS query: siteintercept.qualtrics.com
Source: global trafficDNS traffic detected: DNS query: static.criteo.net
Source: global trafficDNS traffic detected: DNS query: ad.tpmn.io
Source: global trafficDNS traffic detected: DNS query: img.riskified.com
Source: global trafficDNS traffic detected: DNS query: match.prod.bidr.io
Source: global trafficDNS traffic detected: DNS query: objeq4jkwkqdgqfkgvggfjkclhnltn1q.d.sardine.ai
Source: global trafficDNS traffic detected: DNS query: p.sardine.ai
Source: global trafficDNS traffic detected: DNS query: stun.l.google.com
Source: global trafficDNS traffic detected: DNS query: c.riskified.com
Source: global trafficDNS traffic detected: DNS query: match.adsrvr.org
Source: global trafficDNS traffic detected: DNS query: pr-bh.ybp.yahoo.com
Source: global trafficDNS traffic detected: DNS query: csm.nl3.eu.criteo.net
Source: global trafficDNS traffic detected: DNS query: image8.pubmatic.com
Source: global trafficDNS traffic detected: DNS query: image2.pubmatic.com
Source: global trafficDNS traffic detected: DNS query: browser-intake-datadoghq.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 57645 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57920 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 57759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 57657 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57932 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57599 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 57747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 57850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 57829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 57784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57608 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 57670 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57587 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 50121 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57669 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57944 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57613 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 57825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50116 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57940 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57694 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57952 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57625 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50128 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57682 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57894 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57939 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57637 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 57711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57976 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57649 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57650 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57616 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57685 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57960 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57709
Source: unknownNetwork traffic detected: HTTP traffic on port 57959 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57704
Source: unknownNetwork traffic detected: HTTP traffic on port 57628 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57701
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57700
Source: unknownNetwork traffic detected: HTTP traffic on port 57673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57891 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57716
Source: unknownNetwork traffic detected: HTTP traffic on port 57996 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57711
Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49676 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57915 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57592 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57878 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50104 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57641 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57697 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57768
Source: unknownNetwork traffic detected: HTTP traffic on port 57665 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57774
Source: unknownNetwork traffic detected: HTTP traffic on port 57751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57773
Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57770
Source: unknownNetwork traffic detected: HTTP traffic on port 57992 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50018 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57785
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57780
Source: unknownNetwork traffic detected: HTTP traffic on port 57854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57653 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57911 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57596 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57601 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57794
Source: unknownNetwork traffic detected: HTTP traffic on port 50099 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57790
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57792
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57791
Source: unknownNetwork traffic detected: HTTP traffic on port 50043 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50100 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57979 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57923 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57799
Source: unknownNetwork traffic detected: HTTP traffic on port 50006 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57721
Source: unknownNetwork traffic detected: HTTP traffic on port 50112 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57720
Source: unknownNetwork traffic detected: HTTP traffic on port 57793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57723
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57722
Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57730
Source: unknownNetwork traffic detected: HTTP traffic on port 57947 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57690 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50087 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57739
Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57735
Source: unknownNetwork traffic detected: HTTP traffic on port 57830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57733
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57740
Source: unknownNetwork traffic detected: HTTP traffic on port 57980 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50124 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57745
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57750
Source: unknownNetwork traffic detected: HTTP traffic on port 57621 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57752
Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57751
Source: unknownNetwork traffic detected: HTTP traffic on port 57689 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57935 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57633 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57754
Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57760
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57763
Source: unknownNetwork traffic detected: HTTP traffic on port 57726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57762
Source: unknownNetwork traffic detected: HTTP traffic on port 57584 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57898 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 57668 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57989 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 57656 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 57851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 57714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50130 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57990 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57965 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57598 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57612 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
Source: unknownNetwork traffic detected: HTTP traffic on port 57681 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
Source: unknownNetwork traffic detected: HTTP traffic on port 57773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57586 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50084 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57624 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50110 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 57895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.17:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49805 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49822 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.17:57607 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:57987 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.20:443 -> 192.168.2.17:57986 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.20:443 -> 192.168.2.17:57988 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.209.186:443 -> 192.168.2.17:57993 version: TLS 1.2
Source: classification engineClassification label: clean1.win@37/6@327/937
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2028,i,10516973827388125939,17990343588405902882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://tinyurl.com/yhntdrax?_k=vPtuG"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2028,i,10516973827388125939,17990343588405902882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=728 --field-trial-handle=2028,i,10516973827388125939,17990343588405902882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6444 --field-trial-handle=2028,i,10516973827388125939,17990343588405902882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=728 --field-trial-handle=2028,i,10516973827388125939,17990343588405902882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6444 --field-trial-handle=2028,i,10516973827388125939,17990343588405902882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Drive-by Compromise		Windows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
static.nl3.vip.prod.criteo.net
178.250.1.3
truefalse
    		unknown
    csm.nl3.vip.prod.criteo.net
    		178.250.1.25
    		truefalse
      		unknown
      eu-eb2.3lift.com
      		76.223.111.18
      		truefalse
        		unknown
        measurement-api.nl3.vip.prod.criteo.com
        		178.250.1.24
        		truefalse
          		unknown
          api.sardine.ai
          		34.120.14.251
          		truefalse
            		unknown
            gov.winterpaymenko.top
            		172.67.161.241
            		truefalse
              		unknown
              r.casalemedia.com
              		172.64.151.101
              		truefalse
                		unknown
                cm.g.doubleclick.net
                		142.250.185.66
                		truefalse
                  		unknown
                  idaas-ext.cph.liveintent.com
                  		18.235.24.39
                  		truefalse
                    		unknown
                    ds-pr-bh.ybp.gysm.yahoodns.net
                    		34.243.94.39
                    		truefalse
                      		unknown
                      www.google.com
                      		142.250.185.132
                      		truefalse
                        		unknown
                        dualstack.com.imgix.map.fastly.net
                        		151.101.130.208
                        		truefalse
                          		unknown
                          px.mountain.com
                          		52.89.99.220
                          		truefalse
                            		unknown
                            match.adsrvr.org
                            		52.223.40.198
                            		truefalse
                              		unknown
                              match.prod.bidr.io
                              		52.208.224.133
                              		truefalse
                                		unknown
                                nydc1.outbrain.org
                                		70.42.32.191
                                		truefalse
                                  		unknown
                                  mapixl.com
                                  		23.96.207.177
                                  		truefalse
                                    		unknown
                                    dx.mountain.com
                                    		34.238.149.65
                                    		truefalse
                                      		unknown
                                      trends.revcontent.com
                                      		34.243.99.253
                                      		truefalse
                                        		unknown
                                        pug-lhr-bc.pubmnet.com
                                        		185.64.191.210
                                        		truefalse
                                          		unknown
                                          stk.px-cloud.net
                                          		34.107.199.61
                                          		truefalse
                                            		unknown
                                            gs.mountain.com
                                            		52.12.117.226
                                            		truefalse
                                              		unknown
                                              euw-ice.360yield.com
                                              		52.19.150.135
                                              		truefalse
                                                		unknown
                                                k8s-gateways-gwlh3-73da476369-1123590489.us-east-1.elb.amazonaws.com
                                                		54.173.249.172
                                                		truefalse
                                                  		unknown
                                                  d1ykf07e75w7ss.cloudfront.net
                                                  		108.138.6.136
                                                  		truefalse
                                                    		unknown
                                                    googleads.g.doubleclick.net
                                                    		142.250.186.66
                                                    		truefalse
                                                      		unknown
                                                      challenges.cloudflare.com
                                                      		104.18.95.41
                                                      		truefalse
                                                        		unknown
                                                        api.cdp.stockx.com
                                                        		54.186.34.49
                                                        		truefalse
                                                          		unknown
                                                          web-assets.stockx.com
                                                          		104.16.109.9
                                                          		truefalse
                                                            		unknown
                                                            td.doubleclick.net
                                                            		216.58.206.34
                                                            		truefalse
                                                              		unknown
                                                              campaign.fbot.me
                                                              		13.225.78.75
                                                              		truefalse
                                                                		unknown
                                                                public.fbot.me
                                                                		3.221.253.204
                                                                		truefalse
                                                                  		unknown
                                                                  in-ftd-109.nl3.vip.prod.criteo.com
                                                                  		178.250.1.8
                                                                  		truefalse
                                                                    		unknown
                                                                    partners-alb-1113315349.us-east-1.elb.amazonaws.com
                                                                    		18.205.127.149
                                                                    		truefalse
                                                                      		unknown
                                                                      stun.l.google.com
                                                                      		74.125.250.129
                                                                      		truefalse
                                                                        		unknown
                                                                        cdn.cookielaw.org
                                                                        		104.18.86.42
                                                                        		truefalse
                                                                          		unknown
                                                                          widget.us5.vip.prod.criteo.com
                                                                          		74.119.117.16
                                                                          		truefalse
                                                                            		unknown
                                                                            collectorv.us.tvsquared.com
                                                                            		3.137.102.166
                                                                            		truefalse
                                                                              		unknown
                                                                              static.fbot.me
                                                                              		18.66.112.126
                                                                              		truefalse
                                                                                		unknown
                                                                                dart.l.doubleclick.net
                                                                                		142.250.186.134
                                                                                		truefalse
                                                                                  		unknown
                                                                                  static.cloudflareinsights.com
                                                                                  		104.16.80.73
                                                                                  		truefalse
                                                                                    		unknown
                                                                                    objeq4jkwkqdgqfkgvggfjkclhnltn1q.d.sardine.ai
                                                                                    		34.120.14.251
                                                                                    		truefalse
                                                                                      		unknown
                                                                                      stockx.com
                                                                                      		104.16.110.9
                                                                                      		truefalse
                                                                                        		unknown
                                                                                        cdn.quantummetric.com
                                                                                        		104.18.11.213
                                                                                        		truefalse
                                                                                          		unknown
                                                                                          adgcp.tpmn.co.kr
                                                                                          		34.102.166.132
                                                                                          		truefalse
                                                                                            		unknown
                                                                                            user-data-eu.bidswitch.net
                                                                                            		35.214.136.108
                                                                                            		truefalse
                                                                                              		unknown
                                                                                              adservice.google.com
                                                                                              		216.58.206.34
                                                                                              		truefalse
                                                                                                		unknown
                                                                                                collector-px16ud0kof.cl6.px-cloud.net
                                                                                                		35.190.10.96
                                                                                                		truefalse
                                                                                                  		unknown
                                                                                                  fledge.us5.vip.prod.criteo.com
                                                                                                  		74.119.117.20
                                                                                                  		truefalse
                                                                                                    		unknown
                                                                                                    contextual.media.net
                                                                                                    		88.221.168.23
                                                                                                    		truefalse
                                                                                                      		unknown
                                                                                                      k8s-gateways-gwlh2-8b9819a160-1697331022.us-east-1.elb.amazonaws.com
                                                                                                      		52.0.94.40
                                                                                                      		truefalse
                                                                                                        		unknown
                                                                                                        scontent.xx.fbcdn.net
                                                                                                        		157.240.0.6
                                                                                                        		truefalse
                                                                                                          		unknown
                                                                                                          widget.nl3.vip.prod.criteo.com
                                                                                                          		178.250.1.9
                                                                                                          		truefalse
                                                                                                            		unknown
                                                                                                            ara.paa-reporting-advertising.amazon
                                                                                                            		18.245.46.13
                                                                                                            		truefalse
                                                                                                              		unknown
                                                                                                              tapestry.tapad.com
                                                                                                              		34.111.113.62
                                                                                                              		truefalse
                                                                                                                		unknown
                                                                                                                images.stockx.com
                                                                                                                		104.16.110.9
                                                                                                                		truefalse
                                                                                                                  		unknown
                                                                                                                  dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
                                                                                                                  		52.18.245.132
                                                                                                                  		truefalse
                                                                                                                    		unknown
                                                                                                                    sync.srv.stackadapt.com
                                                                                                                    		3.210.235.75
                                                                                                                    		truefalse
                                                                                                                      		unknown
                                                                                                                      browser-intake-datadoghq.com
                                                                                                                      		3.233.158.24
                                                                                                                      		truefalse
                                                                                                                        		unknown
                                                                                                                        am-vip001.taboola.com
                                                                                                                        		141.226.228.48
                                                                                                                        		truefalse
                                                                                                                          		unknown
                                                                                                                          rtb-csync-euw2.smartadserver.com
                                                                                                                          		5.135.209.105
                                                                                                                          		truefalse
                                                                                                                            		unknown
                                                                                                                            tinyurl.com
                                                                                                                            		104.18.111.161
                                                                                                                            		truefalse
                                                                                                                              		unknown
                                                                                                                              a.nel.cloudflare.com
                                                                                                                              		35.190.80.1
                                                                                                                              		truefalse
                                                                                                                                		unknown
                                                                                                                                cloudflareinsights.com
                                                                                                                                		104.16.79.73
                                                                                                                                		truefalse
                                                                                                                                  		unknown
                                                                                                                                  ax-0001.ax-dc-msedge.net
                                                                                                                                  		150.171.29.10
                                                                                                                                  		truefalse
                                                                                                                                    		unknown
                                                                                                                                    evs.cdp.stockx.com
                                                                                                                                    		18.66.147.110
                                                                                                                                    		truefalse
                                                                                                                                      		unknown
                                                                                                                                      ad.tpmn.io
                                                                                                                                      		34.102.166.132
                                                                                                                                      		truefalse
                                                                                                                                        		unknown
                                                                                                                                        s.amazon-adsystem.com
                                                                                                                                        		98.82.156.207
                                                                                                                                        		truefalse
                                                                                                                                          		unknown
                                                                                                                                          ad.doubleclick.net
                                                                                                                                          		172.217.18.6
                                                                                                                                          		truefalse
                                                                                                                                            		unknown
                                                                                                                                            imgsync-amsfpairbc.pubmnet.com
                                                                                                                                            		198.47.127.18
                                                                                                                                            		truefalse
                                                                                                                                              		unknown
                                                                                                                                              ax-0001.ax-msedge.net
                                                                                                                                              		150.171.28.10
                                                                                                                                              		truefalse
                                                                                                                                                		unknown
                                                                                                                                                exchange.mediavine.com
                                                                                                                                                		35.156.173.51
                                                                                                                                                		truefalse
                                                                                                                                                  		unknown
                                                                                                                                                  p.sardine.ai
                                                                                                                                                  		34.67.241.53
                                                                                                                                                  		truefalse
                                                                                                                                                    		unknown
                                                                                                                                                    getrockerbox.com
                                                                                                                                                    		104.26.8.177
                                                                                                                                                    		truefalse
                                                                                                                                                      		unknown
                                                                                                                                                      img.riskified.com
                                                                                                                                                      		107.23.175.192
                                                                                                                                                      		truefalse
                                                                                                                                                        		unknown
                                                                                                                                                        gum.nl3.vip.prod.criteo.com
                                                                                                                                                        		178.250.1.11
                                                                                                                                                        		truefalse
                                                                                                                                                          		unknown
                                                                                                                                                          s.ad.smaato.net
                                                                                                                                                          		13.32.27.23
                                                                                                                                                          		truefalse
                                                                                                                                                            		unknown
                                                                                                                                                            images-cs.stockx.com
                                                                                                                                                            		104.16.110.9
                                                                                                                                                            		truefalse
                                                                                                                                                              		unknown
                                                                                                                                                              pug-ams-bc.pubmnet.com
                                                                                                                                                              		198.47.127.205
                                                                                                                                                              		truefalse
                                                                                                                                                                		unknown
                                                                                                                                                                ib.anycast.adnxs.com
                                                                                                                                                                		185.89.210.82
                                                                                                                                                                		truefalse
                                                                                                                                                                  		unknown
                                                                                                                                                                  visitor-fra02.omnitagjs.com
                                                                                                                                                                  		185.255.84.153
                                                                                                                                                                  		truefalse
                                                                                                                                                                    		unknown
                                                                                                                                                                    geolocation.onetrust.com
                                                                                                                                                                    		104.18.32.137
                                                                                                                                                                    		truefalse
                                                                                                                                                                      		unknown
                                                                                                                                                                      rbidsna5.stockx.com
                                                                                                                                                                      		104.16.109.9
                                                                                                                                                                      		truefalse
                                                                                                                                                                        		unknown
                                                                                                                                                                        mw-emptypixel.eba-vdzmhv2f.eu-west-1.elasticbeanstalk.com
                                                                                                                                                                        		52.18.91.21
                                                                                                                                                                        		truefalse
                                                                                                                                                                          		unknown
                                                                                                                                                                          match-eu-central-1-ecs.sharethrough.com
                                                                                                                                                                          		18.184.119.72
                                                                                                                                                                          		truefalse
                                                                                                                                                                            		unknown
                                                                                                                                                                            siteintercept.qualtrics.com
                                                                                                                                                                            		unknown
                                                                                                                                                                            		unknownfalse
                                                                                                                                                                              		unknown
                                                                                                                                                                              ads.stickyadstv.com
                                                                                                                                                                              		unknown
                                                                                                                                                                              		unknownfalse
                                                                                                                                                                                		unknown
                                                                                                                                                                                dynamic.criteo.com
                                                                                                                                                                                		unknown
                                                                                                                                                                                		unknownfalse
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  ad.tpmn.co.kr
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  		unknownfalse
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    jadserve.postrelease.com
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    		unknownfalse
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      sslwidget.criteo.com
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      		unknownfalse
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        dis.criteo.com
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        		unknownfalse
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          widget.us.criteo.com
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          		unknownfalse
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            zn4tqdz21wlnz4zv8-stockxcustomerres.siteintercept.qualtrics.com
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            		unknownfalse
                                                                                                                                                                                              		unknown
                                                                                                                                                                                              static.criteo.net
                                                                                                                                                                                              		unknown
                                                                                                                                                                                              		unknownfalse
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                measurement-api.criteo.com
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                		unknownfalse
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  pixel.rubiconproject.com
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  		unknownfalse
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    collector-40161.us.tvsquared.com
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    		unknownfalse
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      connect.facebook.net
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      		unknownfalse
                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                        1f2e7.v.fwmrm.net
                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                        		unknownfalse
                                                                                                                                                                                                          		unknown

                                                                                                                                                                                                          Contacted URLs

                                                                                                                                                                                                          NameMaliciousAntivirus DetectionReputation
                                                                                                                                                                                                          https://stockx.com/false
                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                            http://gov.winterpaymenko.top/?_k=vPtuGfalse
                                                                                                                                                                                                              		unknown

                                                                                                                                                                                                              World Map of Contacted IPs

                                                                                                                                                                                                              • No. of IPs < 25%
                                                                                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                                                                                              • 75% < No. of IPs

                                                                                                                                                                                                              Public IPs

                                                                                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                              142.250.186.67
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              3.221.253.204
                                                                                                                                                                                                              		public.fbot.meUnited States
                                                                                                                                                                                                              		14618AMAZON-AESUSfalse
                                                                                                                                                                                                              3.137.102.166
                                                                                                                                                                                                              		collectorv.us.tvsquared.comUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              52.89.99.220
                                                                                                                                                                                                              		px.mountain.comUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              104.18.111.161
                                                                                                                                                                                                              		tinyurl.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              98.82.156.207
                                                                                                                                                                                                              		s.amazon-adsystem.comUnited States
                                                                                                                                                                                                              		11351TWC-11351-NORTHEASTUSfalse
                                                                                                                                                                                                              104.16.80.73
                                                                                                                                                                                                              		static.cloudflareinsights.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              178.250.1.24
                                                                                                                                                                                                              		measurement-api.nl3.vip.prod.criteo.comFrance
                                                                                                                                                                                                              		44788ASN-CRITEO-EUROPEFRfalse
                                                                                                                                                                                                              178.250.1.25
                                                                                                                                                                                                              		csm.nl3.vip.prod.criteo.netFrance
                                                                                                                                                                                                              		44788ASN-CRITEO-EUROPEFRfalse
                                                                                                                                                                                                              99.84.9.13
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              35.190.80.1
                                                                                                                                                                                                              		a.nel.cloudflare.comUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              198.47.127.205
                                                                                                                                                                                                              		pug-ams-bc.pubmnet.comUnited States
                                                                                                                                                                                                              		62713AS-PUBMATICUSfalse
                                                                                                                                                                                                              104.16.109.9
                                                                                                                                                                                                              		web-assets.stockx.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              204.79.197.237
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                              52.37.218.4
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              104.18.87.42
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              34.104.35.123
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              1.1.1.1
                                                                                                                                                                                                              		unknownAustralia
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              52.18.245.132
                                                                                                                                                                                                              		dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.comUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              216.58.206.40
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              3.208.147.210
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		14618AMAZON-AESUSfalse
                                                                                                                                                                                                              172.67.161.241
                                                                                                                                                                                                              		gov.winterpaymenko.topUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              54.186.203.89
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              172.217.18.6
                                                                                                                                                                                                              		ad.doubleclick.netUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              108.138.6.136
                                                                                                                                                                                                              		d1ykf07e75w7ss.cloudfront.netUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              239.255.255.250
                                                                                                                                                                                                              		unknownReserved
                                                                                                                                                                                                              		unknownunknownfalse
                                                                                                                                                                                                              51.178.195.217
                                                                                                                                                                                                              		unknownFrance
                                                                                                                                                                                                              		16276OVHFRfalse
                                                                                                                                                                                                              178.250.1.11
                                                                                                                                                                                                              		gum.nl3.vip.prod.criteo.comFrance
                                                                                                                                                                                                              		44788ASN-CRITEO-EUROPEFRfalse
                                                                                                                                                                                                              23.22.188.59
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		14618AMAZON-AESUSfalse
                                                                                                                                                                                                              5.135.209.105
                                                                                                                                                                                                              		rtb-csync-euw2.smartadserver.comFrance
                                                                                                                                                                                                              		16276OVHFRfalse
                                                                                                                                                                                                              34.67.241.53
                                                                                                                                                                                                              		p.sardine.aiUnited States
                                                                                                                                                                                                              		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                              154.57.158.116
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		26558FREEWHEELUSfalse
                                                                                                                                                                                                              18.235.24.39
                                                                                                                                                                                                              		idaas-ext.cph.liveintent.comUnited States
                                                                                                                                                                                                              		14618AMAZON-AESUSfalse
                                                                                                                                                                                                              185.255.84.153
                                                                                                                                                                                                              		visitor-fra02.omnitagjs.comFrance
                                                                                                                                                                                                              		200271IGUANE-FRfalse
                                                                                                                                                                                                              216.58.206.34
                                                                                                                                                                                                              		td.doubleclick.netUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              142.250.185.168
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              142.250.181.230
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              52.0.94.40
                                                                                                                                                                                                              		k8s-gateways-gwlh2-8b9819a160-1697331022.us-east-1.elb.amazonaws.comUnited States
                                                                                                                                                                                                              		14618AMAZON-AESUSfalse
                                                                                                                                                                                                              3.69.181.183
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              157.240.0.6
                                                                                                                                                                                                              		scontent.xx.fbcdn.netUnited States
                                                                                                                                                                                                              		32934FACEBOOKUSfalse
                                                                                                                                                                                                              185.89.210.180
                                                                                                                                                                                                              		unknownGermany
                                                                                                                                                                                                              		29990ASN-APPNEXUSfalse
                                                                                                                                                                                                              142.250.181.238
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              52.18.91.21
                                                                                                                                                                                                              		mw-emptypixel.eba-vdzmhv2f.eu-west-1.elasticbeanstalk.comUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              142.250.185.164
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              23.96.207.177
                                                                                                                                                                                                              		mapixl.comUnited States
                                                                                                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                              141.226.228.48
                                                                                                                                                                                                              		am-vip001.taboola.comIsrael
                                                                                                                                                                                                              		200478TABOOLA-ASILfalse
                                                                                                                                                                                                              54.186.34.49
                                                                                                                                                                                                              		api.cdp.stockx.comUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              142.250.186.134
                                                                                                                                                                                                              		dart.l.doubleclick.netUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              52.12.117.226
                                                                                                                                                                                                              		gs.mountain.comUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              104.16.79.73
                                                                                                                                                                                                              		cloudflareinsights.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              23.32.185.35
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                              178.250.1.8
                                                                                                                                                                                                              		in-ftd-109.nl3.vip.prod.criteo.comFrance
                                                                                                                                                                                                              		44788ASN-CRITEO-EUROPEFRfalse
                                                                                                                                                                                                              178.250.1.9
                                                                                                                                                                                                              		widget.nl3.vip.prod.criteo.comFrance
                                                                                                                                                                                                              		44788ASN-CRITEO-EUROPEFRfalse
                                                                                                                                                                                                              13.225.78.75
                                                                                                                                                                                                              		campaign.fbot.meUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              13.32.27.23
                                                                                                                                                                                                              		s.ad.smaato.netUnited States
                                                                                                                                                                                                              		7018ATT-INTERNET4USfalse
                                                                                                                                                                                                              178.250.1.3
                                                                                                                                                                                                              		static.nl3.vip.prod.criteo.netFrance
                                                                                                                                                                                                              		44788ASN-CRITEO-EUROPEFRfalse
                                                                                                                                                                                                              151.101.2.208
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		54113FASTLYUSfalse
                                                                                                                                                                                                              34.243.94.39
                                                                                                                                                                                                              		ds-pr-bh.ybp.gysm.yahoodns.netUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              18.66.147.67
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                              70.42.32.159
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		22075AS-OUTBRAINUSfalse
                                                                                                                                                                                                              142.250.186.66
                                                                                                                                                                                                              		googleads.g.doubleclick.netUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              3.233.158.24
                                                                                                                                                                                                              		browser-intake-datadoghq.comUnited States
                                                                                                                                                                                                              		14618AMAZON-AESUSfalse
                                                                                                                                                                                                              104.26.8.177
                                                                                                                                                                                                              		getrockerbox.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              52.71.121.170
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		14618AMAZON-AESUSfalse
                                                                                                                                                                                                              23.38.98.201
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                              35.156.173.51
                                                                                                                                                                                                              		exchange.mediavine.comUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              18.184.119.72
                                                                                                                                                                                                              		match-eu-central-1-ecs.sharethrough.comUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              104.18.32.137
                                                                                                                                                                                                              		geolocation.onetrust.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              34.120.14.251
                                                                                                                                                                                                              		api.sardine.aiUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              154.54.250.80
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		26558FREEWHEELUSfalse
                                                                                                                                                                                                              44.227.136.144
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              142.250.184.226
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              104.16.110.9
                                                                                                                                                                                                              		stockx.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              142.250.186.35
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              142.250.185.66
                                                                                                                                                                                                              		cm.g.doubleclick.netUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              54.173.249.172
                                                                                                                                                                                                              		k8s-gateways-gwlh3-73da476369-1123590489.us-east-1.elb.amazonaws.comUnited States
                                                                                                                                                                                                              		14618AMAZON-AESUSfalse
                                                                                                                                                                                                              69.173.144.165
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		26667RUBICONPROJECTUSfalse
                                                                                                                                                                                                              18.66.112.126
                                                                                                                                                                                                              		static.fbot.meUnited States
                                                                                                                                                                                                              		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                              34.241.19.39
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              13.107.21.237
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                              20.190.159.71
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                              104.18.95.41
                                                                                                                                                                                                              		challenges.cloudflare.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              35.81.162.201
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		237MERIT-AS-14USfalse
                                                                                                                                                                                                              172.64.155.119
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              142.250.186.106
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              34.243.99.253
                                                                                                                                                                                                              		trends.revcontent.comUnited States
                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                              150.171.29.10
                                                                                                                                                                                                              		ax-0001.ax-dc-msedge.netUnited States
                                                                                                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                              198.47.127.18
                                                                                                                                                                                                              		imgsync-amsfpairbc.pubmnet.comUnited States
                                                                                                                                                                                                              		62713AS-PUBMATICUSfalse
                                                                                                                                                                                                              142.250.186.40
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              52.223.40.198
                                                                                                                                                                                                              		match.adsrvr.orgUnited States
                                                                                                                                                                                                              		8987AMAZONEXPANSIONGBfalse
                                                                                                                                                                                                              104.17.208.240
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              35.214.136.108
                                                                                                                                                                                                              		user-data-eu.bidswitch.netUnited States
                                                                                                                                                                                                              		19527GOOGLE-2USfalse
                                                                                                                                                                                                              18.66.112.116
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                              35.190.10.96
                                                                                                                                                                                                              		collector-px16ud0kof.cl6.px-cloud.netUnited States
                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                              104.17.209.240
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              69.173.144.139
                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                              		26667RUBICONPROJECTUSfalse
                                                                                                                                                                                                              185.64.191.210
                                                                                                                                                                                                              		pug-lhr-bc.pubmnet.comUnited Kingdom
                                                                                                                                                                                                              		62713AS-PUBMATICUSfalse
                                                                                                                                                                                                              172.64.151.101
                                                                                                                                                                                                              		r.casalemedia.comUnited States
                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                              70.42.32.191
                                                                                                                                                                                                              		nydc1.outbrain.orgUnited States
                                                                                                                                                                                                              		22075AS-OUTBRAINUSfalse

                                                                                                                                                                                                              Private

                                                                                                                                                                                                              IP
                                                                                                                                                                                                              192.168.2.17

                                                                                                                                                                                                              General Information

                                                                                                                                                                                                              Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                              Analysis ID:1544494
                                                                                                                                                                                                              Start date and time:2024-10-29 14:02:51 +01:00
                                                                                                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                                                                                                              Overall analysis duration:
                                                                                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                                                                                              Report type:full
                                                                                                                                                                                                              Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                                                                                                              Sample URL:https://tinyurl.com/yhntdrax?_k=vPtuG
                                                                                                                                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                              Number of analysed new started processes analysed:24
                                                                                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                                                                                              Technologies:
                                                                                                                                                                                                              • EGA enabled
                                                                                                                                                                                                              Analysis Mode:stream
                                                                                                                                                                                                              Analysis stop reason:Timeout
                                                                                                                                                                                                              Detection:CLEAN
                                                                                                                                                                                                              Classification:clean1.win@37/6@327/937

                                                                                                                                                                                                              Warnings

                                                                                                                                                                                                              • Exclude process from analysis (whitelisted): TextInputHost.exe
                                                                                                                                                                                                              • Excluded IPs from analysis (whitelisted): 142.250.186.35, 142.250.181.238, 64.233.167.84, 34.104.35.123
                                                                                                                                                                                                              • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
                                                                                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                              • VT rate limit hit for: https://tinyurl.com/yhntdrax?_k=vPtuG

                                                                                                                                                                                                              LLM Input / Output

                                                                                                                                                                                                              InputOutput
                                                                                                                                                                                                              URL: Model: claude-3-5-sonnet-latest
                                                                                                                                                                                                              {
    "typosquatting": false,
    "unusual_query_string": true,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": true,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": true
}
                                                                                                                                                                                                              URL: URL: https://tinyurl.com/yhntdrax?_k=vPtuG
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Verifying you are human. This may take a few seconds.",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": true,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: Model: claude-3-5-sonnet-latest
                                                                                                                                                                                                              {
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": false
}
                                                                                                                                                                                                              URL: URL: https://stockx.com/
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "stockx.com",
    "Cloudflare"
  ]
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Verifying you are human. This may take a few seconds.",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": true,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Verify you are human by completing the action below.",
  "prominent_button_name": "Verify you are human",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": true,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Introducing StockX Returns
Return Your Latest Purchases For StockX Credit",
  "prominent_button_name": "Learn More",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "stockx.com",
    "Cloudflare"
  ]
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "stockx.com"
  ]
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "StockX"
  ]
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: gpt-4o
                                                                                                                                                                                                              ```json{  "legit_domain": "stockx.com",  "classification": "known",  "reasons": [    "The URL 'stockx.com' matches the brand name 'stockx.com' exactly.",    "StockX is a known brand associated with the domain 'stockx.com'.",    "There are no suspicious elements in the URL such as misspellings or unusual domain extensions.",    "The input fields provided do not suggest any immediate phishing attempt."  ],  "riskscore": 1}
                                                                                                                                                                                                              URL: stockx.com
            Brands: stockx.com
            Input Fields: u, n, k, n, o, w, n
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Return Your Latest Purchases For StockX Credit",
  "prominent_button_name": "Learn More",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Introducing StockX Returns
Return Your Latest Purchases For StockX Credit",
  "prominent_button_name": "Learn More",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "StockX"
  ]
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "StockX"
  ]
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": false,
  "trigger_text": "unknown",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": false,
  "trigger_text": "unknown",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": false,
  "trigger_text": "unknown",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "Stockx"
  ]
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "contains_trigger_text": false,
  "trigger_text": "unknown",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "StockX",
    "Jordan",
    "Supreme",
    "Louis Vuitton",
    "UGG",
    "UGG",
    "Fear of God Essentials",
    "Nike",
    "Travis Scott x McDonald's"
  ]
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "Stockx",
    "Kith x Tumi",
    "MSCHF x Fred Again",
    "Nike",
    "ghostwrite x NBA",
    "KAWS x Warhol",
    "New Balance"
  ]
}
                                                                                                                                                                                                              URL: https://stockx.com/ Model: claude-3-haiku-20240307
                                                                                                                                                                                                              ```json
{
  "brands": [
    "StockX",
    "Jordan",
    "Supreme",
    "Louis Vuitton",
    "UGG",
    "UGG",
    "Fear of God Essentials",
    "Nike",
    "Travis Scott"
  ]
}

                                                                                                                                                                                                              Created / dropped Files

                                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                              Download File
                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 12:03:22 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                              Size (bytes):2677
                                                                                                                                                                                                              Entropy (8bit):3.984628284383089
                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                              MD5:3EE9309E00CA4F7E86BDD1591156DA31
                                                                                                                                                                                                              SHA1:6AA74A99F2179FF638380E1FE8FE030DBAFC76B3
                                                                                                                                                                                                              SHA-256:8A0EB7F19E74B6041A83D1BD22492C83064116BE498BA38E54C85A381185EAD5
                                                                                                                                                                                                              SHA-512:A9BF91F77EB423576030D21BF813A0EECBA592E9424A0E2203961B77FBB3AB916629FD3E65DADD3C4DFD496119D7370A5138C589785ED123BE13FA1E91EA4102
                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                              Preview:L..................F.@.. ...$+.,.........*......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I]Ych....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yjh....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V]Yjh....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V]Yjh...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V]Ykh...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............G.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                              Download File
                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 12:03:22 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                              Size (bytes):2679
                                                                                                                                                                                                              Entropy (8bit):3.9986900618950036
                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                              MD5:902E404F17EFCC61326AA29D957378B8
                                                                                                                                                                                                              SHA1:23413253FA5E6345E050DE1C930916C5E77D7E96
                                                                                                                                                                                                              SHA-256:8A8DB2173D6FD398BE20BFDCD1241742415264C391EF4D5E23C94204A6298DCE
                                                                                                                                                                                                              SHA-512:97055E9A9645141D5BE314C295218C89200E2BAF80A5846BDBF0B84028F25ECF153842BD37693F0B6F4A788C4277FC363AC2FF8329C6D53C7427D51B0E6E8D67
                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                              Preview:L..................F.@.. ...$+.,........*......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I]Ych....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yjh....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V]Yjh....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V]Yjh...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V]Ykh...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............G.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                              Download File
                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                              Size (bytes):2693
                                                                                                                                                                                                              Entropy (8bit):4.010101005460901
                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                              MD5:24F67CD11A25729CE3C4C794B2446A9C
                                                                                                                                                                                                              SHA1:9394EC50B61DCAA3ADE4278539649F4BB2CD9C98
                                                                                                                                                                                                              SHA-256:E147FD7B401FFC2846DFC886A0A761B66AEC9C2FB699D1FB2C931B743E40CF43
                                                                                                                                                                                                              SHA-512:BC94016FCFEF7E5F4271E092F132DAA4FD112A9502A5193A52E81765BCF9C9C2AD0E6753C4DB6E450D42B25EC7C30874694B423BF656B23D1FDAD62E9E14EAF9
                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                              Preview:L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I]Ych....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yjh....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V]Yjh....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V]Yjh...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............G.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                              Download File
                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 12:03:22 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                              Size (bytes):2681
                                                                                                                                                                                                              Entropy (8bit):3.9969858207977333
                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                              MD5:29B631425CED5891BC25B05D73B76316
                                                                                                                                                                                                              SHA1:FC652DFABF0A7653A2E1FEA6805BF61EF55A2A36
                                                                                                                                                                                                              SHA-256:5418D628043BB6A9EDDECFC43F5CF5F2F624688FF5EE858EF32B33401DEA5D9C
                                                                                                                                                                                                              SHA-512:6C41794900976CEE0D7393C618B3A345BE6D0E5453A2F2A82C8DF5B1567178E0376806CA3FE900A06876BB2B22E04BD06D8675FD4ADBDB7CDD4A183CC03FE662
                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                              Preview:L..................F.@.. ...$+.,.....E...*......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I]Ych....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yjh....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V]Yjh....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V]Yjh...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V]Ykh...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............G.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                              Download File
                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 12:03:22 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                              Size (bytes):2681
                                                                                                                                                                                                              Entropy (8bit):3.9873989473961675
                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                              MD5:097C57F3D8A121C008E42885D96CCAB2
                                                                                                                                                                                                              SHA1:48DB2F56F03FB0CE65EEF9F7C948C78CB50D7845
                                                                                                                                                                                                              SHA-256:B530BBE32C839950AB902971040607B1E6ADC46E3F5F24F0CDE38ECCCC7895A5
                                                                                                                                                                                                              SHA-512:F7ACF5EBDD82CC3F46A1022A786653CFB1A71ABB720370024CBBE0A9C1A6FC40C46091396FEB88CF4A4D1DEE04C42786E05BA136CB22F1385BFD09B959F22974
                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                              Preview:L..................F.@.. ...$+.,.........*......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I]Ych....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yjh....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V]Yjh....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V]Yjh...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V]Ykh...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............G.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                              Download File
                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 12:03:21 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                              Size (bytes):2683
                                                                                                                                                                                                              Entropy (8bit):3.9986461875233474
                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                              MD5:8457AD25A59128F791AAA273FE6D6737
                                                                                                                                                                                                              SHA1:C105E1C8C0043D7A28CFBF0D166D2C2341AEAB02
                                                                                                                                                                                                              SHA-256:054B48DB1C5F85A6AAE0EEAC2440CC79544BC0F2373D8372F189E49C49278DCB
                                                                                                                                                                                                              SHA-512:70EC42425E4837527AD9F19351A37B4E9A7A692E74F53558DAC50A38FCAD505377C19CC6956F0DADF88E26F7CE6B1C4FF04E74C5EB1F0D6914326EDBAD896B2F
                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                              Preview:L..................F.@.. ...$+.,.........*......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I]Ych....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yjh....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V]Yjh....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V]Yjh...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V]Ykh...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............G.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                              Static File Info

                                                                                                                                                                                                              No static file info