Windows Analysis Report
http://www.cataxe.com/

Overview

General Information

Sample URL:	http://www.cataxe.com/
Analysis ID:	1428970
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	HTTP Parser: No favicon
Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=c95XiB53U-_Y0eoaiQPBpjZcEJ5coSlEXmXGK28Fy47VPPdXzs8hgw8WmP47ZhEUaYEzj57k3TtdziMcdozqSF_u_QV9zekXnnb1XnaOPKZEolOF8KVtdsGIC3cxc2HIS8kAf8BdEvoohZhd79Nbd-K1PODqowlQhNOar9kxBqXrAs5j_Y66Vdwq7bZve-DBXXhTZqRMEz750OB_aVFPEsk0v0wn7jjx1meAe3UP6VIYNcWUWbDb9-RAMoOHUJ5SRwHh39pS9I9lCH27auNtjq6qy0K7JUk&cb=xs9wuenu2hfm	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b	HTTP Parser: No favicon
Source: https://www.godaddy.com/domainfind/v1/redirect?key=parkweb&utm_source=godaddy&utm_medium=parkedpages&utm_campaign=x_dom-broker_parkedpages_x_x_invest_001&tmskey=dpp_dbs&domainToCheck=cataxe.com&isc=GPPTCOM&itc=parkedpage_landers	HTTP Parser: No favicon

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49754 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.216.69.213:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.216.69.213:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49776 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49754 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&gdabp=true HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag?o=5097926782615552&upapi=true HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag?o=5097926782615552&upapi=true HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: W/"de24038dfd66aa2a4286651c710a79eb"If-Modified-Since: Fri, 19 Apr 2024 21:12:10 GMT
Source: global traffic	HTTP traffic detected: GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mw/state?bt_env=prod HTTP/1.1Host: api.btloader.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: http://www.cataxe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px.gif?ch=1&e=0.6532143484236457 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1Host: ad.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px.gif?ch=1&e=0.6532143484236457 HTTP/1.1Host: ad-delivery.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/parking/landers/www.cataxe.com?trafficTarget=gd&abp=1&gdabp=true HTTP/1.1Host: api.aws.parking.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-Request-Id: 4593cd44-0465-42ee-a767-a7308ea86c56sec-ch-ua-platform: "Windows"Accept: /Origin: http://www.cataxe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/parking/landers/www.cataxe.com?trafficTarget=gd&abp=1&gdabp=true HTTP/1.1Host: api.aws.parking.godaddy.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=c95XiB53U-_Y0eoaiQPBpjZcEJ5coSlEXmXGK28Fy47VPPdXzs8hgw8WmP47ZhEUaYEzj57k3TtdziMcdozqSF_u_QV9zekXnnb1XnaOPKZEolOF8KVtdsGIC3cxc2HIS8kAf8BdEvoohZhd79Nbd-K1PODqowlQhNOar9kxBqXrAs5j_Y66Vdwq7bZve-DBXXhTZqRMEz750OB_aVFPEsk0v0wn7jjx1meAe3UP6VIYNcWUWbDb9-RAMoOHUJ5SRwHh39pS9I9lCH27auNtjq6qy0K7JUk&cb=xs9wuenu2hfm HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm- HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=c95XiB53U-_Y0eoaiQPBpjZcEJ5coSlEXmXGK28Fy47VPPdXzs8hgw8WmP47ZhEUaYEzj57k3TtdziMcdozqSF_u_QV9zekXnnb1XnaOPKZEolOF8KVtdsGIC3cxc2HIS8kAf8BdEvoohZhd79Nbd-K1PODqowlQhNOar9kxBqXrAs5j_Y66Vdwq7bZve-DBXXhTZqRMEz750OB_aVFPEsk0v0wn7jjx1meAe3UP6VIYNcWUWbDb9-RAMoOHUJ5SRwHh39pS9I9lCH27auNtjq6qy0K7JUk&cb=xs9wuenu2hfmAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/rIjZlM8ZNfOeVQTojtt5OPuY9YnE0CAT82tG0V-YUX0.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=c95XiB53U-_Y0eoaiQPBpjZcEJ5coSlEXmXGK28Fy47VPPdXzs8hgw8WmP47ZhEUaYEzj57k3TtdziMcdozqSF_u_QV9zekXnnb1XnaOPKZEolOF8KVtdsGIC3cxc2HIS8kAf8BdEvoohZhd79Nbd-K1PODqowlQhNOar9kxBqXrAs5j_Y66Vdwq7bZve-DBXXhTZqRMEz750OB_aVFPEsk0v0wn7jjx1meAe3UP6VIYNcWUWbDb9-RAMoOHUJ5SRwHh39pS9I9lCH27auNtjq6qy0K7JUk&cb=xs9wuenu2hfmAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.cataxe.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander HTTP/1.1Host: www.cataxe.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://www.cataxe.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: www.cataxe.com

Source: unknown

HTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHContent-type: text/xmlX-Agent-DeviceId: 01000A410900C4F3X-BM-CBT: 1696488253X-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x984X-BM-DeviceDimensionsLogical: 784x984X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Device-ClientSession: 1D6F504B5A5A465DBDB84F31C63A581DX-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A410900C4F3X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshldspcl40,msbdsborgv2co,msbwdsbi920cf,optfsth3,premsbdsbchtupcf,wsbfixcachec,wsbqfasmsall_c,wsbqfminiserp_c,wsbref-cX-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comContent-Length: 516Connection: Keep-AliveCache-Control: no-cacheCookie: SRCHUID=V=2&GUID=CE2BE0509FF742BD822F50D98AD10391&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231005; SRCHHPGUSR=SRCHLANG=en&HV=1696488191&IPMH=5767d621&IPMID=1696488252989&LUT=1696487541024; CortanaAppUID=2020E25DAB158E420BA06F1C8DEF7959; MUID=81C61E09498D41CC97CDBBA354824ED1; _SS=SID=1D9FAF807E686D422B86BC217FC66C71&CPID=1696488253968&AC=1&CPH=071f2185; _EDGE_S=SID=1D9FAF807E686D422B86BC217FC66C71; MUIDB=81C61E09498D41CC97CDBBA354824ED1

Source: chromecache_71.2.dr	String found in binary or memory: https://btloader.com/tag?o=5097926782615552&upapi=true
Source: chromecache_69.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_69.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_69.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_69.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_69.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_60.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_71.2.dr	String found in binary or memory: https://img1.wsimg.com/parking-lander/static/css/main.8a1d19af.css
Source: chromecache_71.2.dr	String found in binary or memory: https://img1.wsimg.com/parking-lander/static/js/main.93aa74bd.js
Source: chromecache_60.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_60.2.dr	String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_69.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_69.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_69.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_69.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_69.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_69.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_60.2.dr	String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_58.2.dr, chromecache_75.2.dr	String found in binary or memory: https://www.godaddy.com/domainfind/v1/redirect?key=parkweb
Source: chromecache_71.2.dr	String found in binary or memory: https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
Source: chromecache_69.2.dr, chromecache_52.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_69.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__.
Source: chromecache_52.2.dr, chromecache_61.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443

Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.216.69.213:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.216.69.213:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49776 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@19/47@34/14

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1884,i,9792551897781359410,12110252184249234793,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.cataxe.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1884,i,9792551897781359410,12110252184249234793,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.26.3.70	ad-delivery.net	United States	13335	CLOUDFLARENETUS	false
142.250.9.149	unknown	United States	15169	GOOGLEUS	false
64.233.176.99	unknown	United States	15169	GOOGLEUS	false
172.253.124.149	ad.doubleclick.net	United States	15169	GOOGLEUS	false
130.211.23.194	api.btloader.com	United States	15169	GOOGLEUS	false
142.251.15.104	www.google.com	United States	15169	GOOGLEUS	false
54.91.44.216	gddomainparking.com	United States	14618	AMAZON-AESUS	false
104.26.2.70	unknown	United States	13335	CLOUDFLARENETUS	false
172.253.124.99	unknown	United States	15169	GOOGLEUS	false
172.67.41.60	btloader.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
3.33.130.190	cataxe.com	United States	8987	AMAZONEXPANSIONGB	false
74.125.138.101	www3.l.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.6

Contacted Domains

Name	IP	Active
gddomainparking.com	54.91.44.216	true
www3.l.google.com	74.125.138.101	true
api.btloader.com	130.211.23.194	true
ad.doubleclick.net	172.253.124.149	true
www.google.com	142.251.15.104	true
btloader.com	172.67.41.60	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
cataxe.com	3.33.130.190	true
ad-delivery.net	104.26.3.70	true
img1.wsimg.com	unknown	unknown
www.cataxe.com	unknown	unknown
api.aws.parking.godaddy.com	unknown	unknown
www.godaddy.com	unknown	unknown
www.adsensecustomsearchads.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b	false		high
https://btloader.com/tag?o=5097926782615552&upapi=true	false		unknown
https://api.aws.parking.godaddy.com/v1/parking/landers/www.cataxe.com?trafficTarget=gd&abp=1&gdabp=true	false		high
https://www.google.com/js/bg/rIjZlM8ZNfOeVQTojtt5OPuY9YnE0CAT82tG0V-YUX0.js	false		high
https://api.btloader.com/mw/state?bt_env=prod	false	URL Reputation: safe	unknown
about:blank	false		low
http://www.cataxe.com/	false		unknown
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250	false		high
https://ad-delivery.net/px.gif?ch=2	false	URL Reputation: safe	unknown
http://www.cataxe.com/lander	false		unknown
https://www.google.com/recaptcha/api.js	false		high
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=c95XiB53U-_Y0eoaiQPBpjZcEJ5coSlEXmXGK28Fy47VPPdXzs8hgw8WmP47ZhEUaYEzj57k3TtdziMcdozqSF_u_QV9zekXnnb1XnaOPKZEolOF8KVtdsGIC3cxc2HIS8kAf8BdEvoohZhd79Nbd-K1PODqowlQhNOar9kxBqXrAs5j_Y66Vdwq7bZve-DBXXhTZqRMEz750OB_aVFPEsk0v0wn7jjx1meAe3UP6VIYNcWUWbDb9-RAMoOHUJ5SRwHh39pS9I9lCH27auNtjq6qy0K7JUk&cb=xs9wuenu2hfm	false		high
https://www.godaddy.com/domainfind/v1/redirect?key=parkweb&utm_source=godaddy&utm_medium=parkedpages&utm_campaign=x_dom-broker_parkedpages_x_x_invest_001&tmskey=dpp_dbs&domainToCheck=cataxe.com&isc=GPPTCOM&itc=parkedpage_landers	false		high
https://ad-delivery.net/px.gif?ch=1&e=0.6532143484236457	false		unknown
https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true	false		high
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-	false		high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 52	ASCII text, with very long lines (1222), with no line terminators	3F1B1790C083261F6FD3CF02FB56F2F8	BF1B289456E260CF5C5F0AF7C1B0F4E9BA7EB97B	A58FF2DE4D6A14E055A553E83A4E67AEA6AAF589A57364305EEC36105CCE9EF3
Chrome Cache Entry: 53	GIF image data, version 89a, 1 x 1	AD4B0F606E0F8465BC4C4C170B37E1A3	50B30FD5F87C85FE5CBA2635CB83316CA71250D7	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
Chrome Cache Entry: 54	ASCII text, with very long lines (65465)	9E0C2ACC6884700DEF88042217CE0E2D	21176E4AE7B69BAF2939B14FFBDC04352281A432	9B5D7CF50FA1B5D3F15913AD67116CAD2E0760E9EFA514CE0FF6A89AF51346CB
Chrome Cache Entry: 55	C source, ASCII text, with very long lines (56156)	E803F390BDBA4EE53E7C1A9C47B77F47	CD18118392F711FE80D0DE8A3A783F4F065B793A	16BFE01F39954FFD77669320993B6219DEE90EC2B9D407CAA4DA21425955E509
Chrome Cache Entry: 56	HTML document, ASCII text	8CBB07149DF5EB70A5AC753C71FFE2D9	42119B9E5AE4D1DE3AB1E26E643F08D9ECB7B1CF	3521F98F16510535FD54FF65EFC93831B733C265685C3B42F8A453111D721073
Chrome Cache Entry: 57	GIF image data, version 89a, 1 x 1	AD4B0F606E0F8465BC4C4C170B37E1A3	50B30FD5F87C85FE5CBA2635CB83316CA71250D7	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
Chrome Cache Entry: 58	JSON data	FDAF9B0E718996F5E92997F01D5804CC	6C6203A8DF18F9CC9E50430DC12F2FE8F9A3FCAF	645AE3973C2428AB747647021B971F9632AB352B09F102A749FCA745A6EBD5EE
Chrome Cache Entry: 59	GIF image data, version 89a, 1 x 1	AD4B0F606E0F8465BC4C4C170B37E1A3	50B30FD5F87C85FE5CBA2635CB83316CA71250D7	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
Chrome Cache Entry: 60	ASCII text, with very long lines (2247)	8C9E7AED813180AC39C6B97FAAAECD9F	62CA1AF22A6AC21101B4771DE85BD6422AE36202	664FE013B597E5C0051729D303D2174B7C19DA6442E84820BF19B889AAC05E04
Chrome Cache Entry: 61	ASCII text, with no line terminators	701C50FE2F9D8CFCA61542DEE7684552	952A04F81A291E11F5D4ECD7364A3840412BA65E	9FC5DFC54DE18E9C98733BBEA6EBDCBC1F01C0B23F985556F24684EE96DC0582
Chrome Cache Entry: 62	ASCII text, with no line terminators	A3144EE887752BC84252FAACD4DFFD83	172430F70BAEDA54BB9F533293E0E80A2DA5835D	8B87CFF79D0F8142D02D4A5991C83A5D59A7733BCB0EBEDD0DE57E559C6EAEFB
Chrome Cache Entry: 63	ASCII text, with very long lines (374), with no line terminators	EF59EDDAF4F14090148296EE051CF154	66216F69739203A0BE8A61B9DE2E363E2CB290EB	BA526F9A403DFC131CE17BF877840DCC1754F6ACA4E889B8FC89BB8D0E4D8185
Chrome Cache Entry: 64	ASCII text, with very long lines (2736)	E2009D689266387017B6648142516BD9	15535120C37EAB27B129C344A9DAC737D45844BB	0FE514C7010C6D8B9E44F011EEA7497F7E482A60E1498CE324F99729948D048D
Chrome Cache Entry: 65	MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors	4123CE1E1732F202F60292941FF1487D	9F12B11BDE582DAE37CE8C160537D919C561C464	D961B08E4321250926DE6F79087594975FE20AD1518DE8F91EB711AF5D1A6EF8
Chrome Cache Entry: 66	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 67	ASCII text, with very long lines (17696)	8D120D4D5CB207E52720218A143FEF17	DAE68D4F786BDA08FE39D89AB6F3366B1199CB8B	AC88D994CF1935F39E5504E88EDB7938FB98F589C4D02013F36B46D15F98517D
Chrome Cache Entry: 68	HTML document, ASCII text, with no line terminators	E89F75F918DBDCEE28604D4E09DD71D7	F9D9055E9878723A12063B47D4A1A5F58C3EB1E9	6DC9C7FC93BB488BB0520A6C780A8D3C0FB5486A4711ACA49B4C53FAC7393023
Chrome Cache Entry: 69	ASCII text, with very long lines (554)	E9CCB3DBDE79BA5FFDF9CAD4B32D59FD	3A8CD67ADC7C885BDF683F1E7F491E6A4A50679F	8F2C6777C7CCC01AB67290FA8ACD5A4C4866BE64129F39DFAEB9197DFA15E137
Chrome Cache Entry: 70	ASCII text, with very long lines (56398), with no line terminators	EB4BC511F79F7A1573B45F5775B3A99B	D910FB51AD7316AA54F055079374574698E74B35	7859A62E04B0ACB06516EB12454DE6673883ECFAEAED6C254659BCA7CD59C050
Chrome Cache Entry: 71	HTML document, ASCII text, with very long lines (619)	259417E1F9EE538515E103E06552310A	2FC35CFAF0CEA7F5121114DF7E9D41A21A434EE3	6CE85C22DDE60FC6C6781F1495BC88DE7B906F2A2036CAF811739FDAFDE686E6
Chrome Cache Entry: 72	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 73	GIF image data, version 89a, 1 x 1	AD4B0F606E0F8465BC4C4C170B37E1A3	50B30FD5F87C85FE5CBA2635CB83316CA71250D7	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
Chrome Cache Entry: 74	ASCII text, with no line terminators	AFB69DF47958EB78B4E941270772BD6A	D9FE9A625E906FF25C1F165E7872B1D9C731E78E	874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878
Chrome Cache Entry: 75	JSON data	FDAF9B0E718996F5E92997F01D5804CC	6C6203A8DF18F9CC9E50430DC12F2FE8F9A3FCAF	645AE3973C2428AB747647021B971F9632AB352B09F102A749FCA745A6EBD5EE
Chrome Cache Entry: 76	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0	5D4AEB4E5F5EF754E307D7FFAEF688BD	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
Chrome Cache Entry: 77	MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors	4123CE1E1732F202F60292941FF1487D	9F12B11BDE582DAE37CE8C160537D919C561C464	D961B08E4321250926DE6F79087594975FE20AD1518DE8F91EB711AF5D1A6EF8

Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	HTTP Parser: No favicon
Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=c95XiB53U-_Y0eoaiQPBpjZcEJ5coSlEXmXGK28Fy47VPPdXzs8hgw8WmP47ZhEUaYEzj57k3TtdziMcdozqSF_u_QV9zekXnnb1XnaOPKZEolOF8KVtdsGIC3cxc2HIS8kAf8BdEvoohZhd79Nbd-K1PODqowlQhNOar9kxBqXrAs5j_Y66Vdwq7bZve-DBXXhTZqRMEz750OB_aVFPEsk0v0wn7jjx1meAe3UP6VIYNcWUWbDb9-RAMoOHUJ5SRwHh39pS9I9lCH27auNtjq6qy0K7JUk&cb=xs9wuenu2hfm	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b	HTTP Parser: No favicon
Source: https://www.godaddy.com/domainfind/v1/redirect?key=parkweb&utm_source=godaddy&utm_medium=parkedpages&utm_campaign=x_dom-broker_parkedpages_x_x_invest_001&tmskey=dpp_dbs&domainToCheck=cataxe.com&isc=GPPTCOM&itc=parkedpage_landers	HTTP Parser: No favicon

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49754 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.216.69.213:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.216.69.213:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49776 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49754 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 23.216.69.213
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&gdabp=true HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag?o=5097926782615552&upapi=true HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag?o=5097926782615552&upapi=true HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: W/"de24038dfd66aa2a4286651c710a79eb"If-Modified-Since: Fri, 19 Apr 2024 21:12:10 GMT
Source: global traffic	HTTP traffic detected: GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mw/state?bt_env=prod HTTP/1.1Host: api.btloader.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: http://www.cataxe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px.gif?ch=1&e=0.6532143484236457 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1Host: ad.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px.gif?ch=1&e=0.6532143484236457 HTTP/1.1Host: ad-delivery.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/parking/landers/www.cataxe.com?trafficTarget=gd&abp=1&gdabp=true HTTP/1.1Host: api.aws.parking.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-Request-Id: 4593cd44-0465-42ee-a767-a7308ea86c56sec-ch-ua-platform: "Windows"Accept: /Origin: http://www.cataxe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v1/parking/landers/www.cataxe.com?trafficTarget=gd&abp=1&gdabp=true HTTP/1.1Host: api.aws.parking.godaddy.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: http://www.cataxe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=c95XiB53U-_Y0eoaiQPBpjZcEJ5coSlEXmXGK28Fy47VPPdXzs8hgw8WmP47ZhEUaYEzj57k3TtdziMcdozqSF_u_QV9zekXnnb1XnaOPKZEolOF8KVtdsGIC3cxc2HIS8kAf8BdEvoohZhd79Nbd-K1PODqowlQhNOar9kxBqXrAs5j_Y66Vdwq7bZve-DBXXhTZqRMEz750OB_aVFPEsk0v0wn7jjx1meAe3UP6VIYNcWUWbDb9-RAMoOHUJ5SRwHh39pS9I9lCH27auNtjq6qy0K7JUk&cb=xs9wuenu2hfm HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm- HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=c95XiB53U-_Y0eoaiQPBpjZcEJ5coSlEXmXGK28Fy47VPPdXzs8hgw8WmP47ZhEUaYEzj57k3TtdziMcdozqSF_u_QV9zekXnnb1XnaOPKZEolOF8KVtdsGIC3cxc2HIS8kAf8BdEvoohZhd79Nbd-K1PODqowlQhNOar9kxBqXrAs5j_Y66Vdwq7bZve-DBXXhTZqRMEz750OB_aVFPEsk0v0wn7jjx1meAe3UP6VIYNcWUWbDb9-RAMoOHUJ5SRwHh39pS9I9lCH27auNtjq6qy0K7JUk&cb=xs9wuenu2hfmAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/rIjZlM8ZNfOeVQTojtt5OPuY9YnE0CAT82tG0V-YUX0.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=c95XiB53U-_Y0eoaiQPBpjZcEJ5coSlEXmXGK28Fy47VPPdXzs8hgw8WmP47ZhEUaYEzj57k3TtdziMcdozqSF_u_QV9zekXnnb1XnaOPKZEolOF8KVtdsGIC3cxc2HIS8kAf8BdEvoohZhd79Nbd-K1PODqowlQhNOar9kxBqXrAs5j_Y66Vdwq7bZve-DBXXhTZqRMEz750OB_aVFPEsk0v0wn7jjx1meAe3UP6VIYNcWUWbDb9-RAMoOHUJ5SRwHh39pS9I9lCH27auNtjq6qy0K7JUk&cb=xs9wuenu2hfmAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlaHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dcataxe.com%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301431%252C17301433%252C17301436%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D2921713563519117%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713563519120%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttp%253A%252F%252Fwww.cataxe.com%252Flander%26referer%3Dhttp%253A%252F%252Fwww.cataxe.com%252F&q=EgRRtTk0GIDPi7EGIjDGc8CFvNIij74Yy2rbRuaWJhB-lAdPFA_J-39lfbjJTLzG5M6E_U9fSHqzMk9glxcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.cataxe.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander HTTP/1.1Host: www.cataxe.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://www.cataxe.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: www.cataxe.com

Source: unknown

Source: chromecache_71.2.dr	String found in binary or memory: https://btloader.com/tag?o=5097926782615552&upapi=true
Source: chromecache_69.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_69.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_69.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_69.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_69.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_60.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_71.2.dr	String found in binary or memory: https://img1.wsimg.com/parking-lander/static/css/main.8a1d19af.css
Source: chromecache_71.2.dr	String found in binary or memory: https://img1.wsimg.com/parking-lander/static/js/main.93aa74bd.js
Source: chromecache_60.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_60.2.dr	String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_69.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_69.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_69.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_69.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_69.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_69.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_60.2.dr	String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_58.2.dr, chromecache_75.2.dr	String found in binary or memory: https://www.godaddy.com/domainfind/v1/redirect?key=parkweb
Source: chromecache_71.2.dr	String found in binary or memory: https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
Source: chromecache_69.2.dr, chromecache_52.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_69.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__.
Source: chromecache_52.2.dr, chromecache_61.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443

Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.216.69.213:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.216.69.213:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49776 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@19/47@34/14

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1884,i,9792551897781359410,12110252184249234793,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.cataxe.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1884,i,9792551897781359410,12110252184249234793,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1428970
Product:	CloudBasic
Start time:	23:50:55
Start date:	19.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://www.cataxe.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://www.cataxe.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://www.cataxe.com/