Windows Analysis Report
https://in.xero.com/538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY?utm_source=invoiceEmailPayNowButton&utm_campaign=classicInvoicesEmailV2PaymentServiceAttached#paynow

Overview

General Information

Sample URL:	https://in.xero.com/538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY?utm_source=invoiceEmailPayNowButton&utm_campaign=classicInvoicesEmailV2PaymentServiceAttached#paynow
Analysis ID:	1430558

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Stores files to the Windows start menu directory

Classification

Signatures

Source: https://m.stripe.network/inner.html#url=https%3A%2F%2Fin.xero.com%2Fm%2F538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY%3Futm_source%3DinvoiceEmailPayNowButton%26utm_campaign%3DclassicInvoicesEmailV2PaymentServiceAttached%23paynow&title=Invoice%20INV-83563%20-%20HelloSelf%20(UK)%20Limited&referrer=&muid=NA&sid=NA&version=6&preview=false	HTTP Parser: No favicon
Source: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fin.xero.com%2Fm%2F538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY%3Futm_source%3DinvoiceEmailPayNowButton%26utm_campaign%3DclassicInvoicesEmailV2PaymentServiceAttached%23paynow&title=Invoice%20INV-83563%20-%20HelloSelf%20(UK)%20Limited&referrer=&muid=NA&sid=NA&version=6&preview=false	HTTP Parser: No favicon
Source: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.25/HCaptchaInvisible.html?id=221e024c-4494-4f55-aeea-7c188f7b254a&origin=https%3A%2F%2Fjs.stripe.com	HTTP Parser: No favicon
Source: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.25/HCaptchaInvisible.html?id=221e024c-4494-4f55-aeea-7c188f7b254a&origin=https%3A%2F%2Fjs.stripe.com	HTTP Parser: No favicon
Source: https://js.stripe.com/v3/hcaptcha-invisible-5c57cdf6a837850398ee7d5222b205c1.html#debugMode=false&parentOrigin=https%3A%2F%2Fin.xero.com	HTTP Parser: No favicon
Source: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0e6zzusridhr&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com	HTTP Parser: No favicon
Source: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0e6zzusridhr&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49818 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: unknown

DNS traffic detected: queries for: in.xero.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49818 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@17/61@66/194

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://in.xero.com/538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY?utm_source=invoiceEmailPayNowButton&utm_campaign=classicInvoicesEmailV2PaymentServiceAttached#paynow
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1972,i,18444751312920158574,14448086482904008040,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1972,i,18444751312920158574,14448086482904008040,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.244.202.101	widget.intercom.io	United States	16509	AMAZON-02US	false
142.250.105.84	unknown	United States	15169	GOOGLEUS	false
151.101.0.176	unknown	United States	54113	FASTLYUS	false
74.125.136.106	www.google.com	United States	15169	GOOGLEUS	false
23.202.153.232	unknown	United States	20940	AKAMAI-ASN1EU	false
54.162.198.104	unknown	United States	14618	AMAZON-AESUS	false
35.174.127.31	nexus-websocket-a.intercom.io	United States	14618	AMAZON-AESUS	false
198.137.150.81	unknown	United States	3356	LEVEL3US	false
104.18.124.91	hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
142.251.15.95	unknown	United States	15169	GOOGLEUS	false
142.250.9.94	unknown	United States	15169	GOOGLEUS	false
162.247.243.39	js-agent.newrelic.com	United States	13335	CLOUDFLARENETUS	false
3.163.101.21	js.intercomcdn.com	United States	16509	AMAZON-02US	false
3.210.68.90	api-iam.intercom.io	United States	14618	AMAZON-AESUS	false
74.125.138.94	unknown	United States	15169	GOOGLEUS	false
198.137.150.201	stripe.com	United States	3356	LEVEL3US	false
64.233.177.95	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
23.197.109.242	unknown	United States	20940	AKAMAI-ASN1EU	false
52.85.132.96	dexeqbeb7giwr.cloudfront.net	United States	16509	AMAZON-02US	false
44.237.131.121	unknown	United States	16509	AMAZON-02US	false
54.187.159.182	unknown	United States	16509	AMAZON-02US	false
172.253.124.139	unknown	United States	15169	GOOGLEUS	false
23.197.110.27	unknown	United States	20940	AKAMAI-ASN1EU	false
34.237.201.68	api.stripe.com	United States	14618	AMAZON-AESUS	false
54.186.23.98	r.stripe.com	United States	16509	AMAZON-02US	false
151.101.128.176	unknown	United States	54113	FASTLYUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
198.202.176.81	merchant-ui-api.stripe.com	United States	22182	AS22182US	false
162.247.243.29	fastly-tls12-bam.nr-data.net	United States	13335	CLOUDFLARENETUS	false
104.18.125.91	api.hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
23.222.193.8	unknown	United States	16625	AKAMAI-ASUS	false
44.240.235.135	m.stripe.com	United States	16509	AMAZON-02US	false
23.202.153.8	unknown	United States	20940	AKAMAI-ASN1EU	false
151.101.192.176	stripecdn.map.fastly.net	United States	54113	FASTLYUS	false

Private

IP
192.168.2.17
192.168.2.16

Contacted Domains

Name	IP	Active
fastly-tls12-bam.nr-data.net	162.247.243.29	true
api.hcaptcha.com	104.18.125.91	true
widget.intercom.io	18.244.202.101	true
js-agent.newrelic.com	162.247.243.39	true
api-iam.intercom.io	3.210.68.90	true
stripecdn.map.fastly.net	151.101.192.176	true
r.stripe.com	54.186.23.98	true
hcaptcha.com	104.18.124.91	true
m.stripe.com	44.240.235.135	true
dexeqbeb7giwr.cloudfront.net	52.85.132.96	true
stripe.com	198.137.150.201	true
www.google.com	74.125.136.106	true
nexus-websocket-a.intercom.io	35.174.127.31	true
api2.hcaptcha.com	104.18.124.91	true
merchant-ui-api.stripe.com	198.202.176.81	true
newassets.hcaptcha.com	104.18.125.91	true
api.stripe.com	34.237.201.68	true
js.intercomcdn.com	3.163.101.21	true
in.xero.com	unknown	unknown
b.stripecdn.com	unknown	unknown
m.stripe.network	unknown	unknown
bam.nr-data.net	unknown	unknown
product-analytics-bff.xero.com	unknown	unknown
edge.xero.com	unknown	unknown
js.stripe.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://js.stripe.com/v3/hcaptcha-invisible-5c57cdf6a837850398ee7d5222b205c1.html#debugMode=false&parentOrigin=https%3A%2F%2Fin.xero.com	false		high
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0e6zzusridhr&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com	false		unknown
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.25/HCaptchaInvisible.html?id=221e024c-4494-4f55-aeea-7c188f7b254a&origin=https%3A%2F%2Fjs.stripe.com	false		unknown
about:blank	false	Avira URL Cloud: safe	low
https://m.stripe.network/inner.html#url=https%3A%2F%2Fin.xero.com%2Fm%2F538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY%3Futm_source%3DinvoiceEmailPayNowButton%26utm_campaign%3DclassicInvoicesEmailV2PaymentServiceAttached%23paynow&title=Invoice%20INV-83563%20-%20HelloSelf%20(UK)%20Limited&referrer=&muid=NA&sid=NA&version=6&preview=false	false		high
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fin.xero.com%2Fm%2F538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY%3Futm_source%3DinvoiceEmailPayNowButton%26utm_campaign%3DclassicInvoicesEmailV2PaymentServiceAttached%23paynow&title=Invoice%20INV-83563%20-%20HelloSelf%20(UK)%20Limited&referrer=&muid=NA&sid=NA&version=6&preview=false	false		high
https://in.xero.com/m/538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY?utm_source=invoiceEmailPayNowButton&utm_campaign=classicInvoicesEmailV2PaymentServiceAttached#paynow	false		high

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:46:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	56324F867439B020B6883AADEB72470D	9EB5C2C36BE1DAF0CADDF333F5677285C5443D4B	815BC2E7E466D7C41CB586A6C0A18BFCF795D56B55C901B7D629D6CD6194D069
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:46:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	13A12223F87C92F9B85B47D9B0747F8D	F92F59831491B546E441FBFCA92087902AA80A46	6204AAC3CEDF310EFD62CEB968E37319F6694AA20C0C2F86CE9D462A2F8033D6
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	C7196DDA85837B9E1CFFC465D0C2AED5	35C56781561D5166B2B308F4EE9FA7170517F78E	37AAA41523B9904AB1E4EC5D41BF5DF1BB68DA4A2D2655A089FC2D34D4BB7103
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:46:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	CAA3742BB60F229C57A98C5799F5B4AA	525EE40B7EB68288E50E03BD13E414C9E72B3C4F	EE0CC5931642B52592ABBB852B28ED147B1EEF23CCD350506D47D706970DBD8E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:46:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	65CB40E0FAB070F3DA587986D2EA7463	5B5116A0206F6A44649D2769B586B5DC0C2724BD	3325B76DA5DA180ED921DDE7B25B544D3EE201B0AC17A9FB2CD307F10CE1D353
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:46:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	627AA08A2FF988C6045E69C795F3BD18	91E5D2CBDF186F10F44EEB7D25A1109F298B550E	959522B0CCC33E26DEF0E4DAE927B4B4FB2A4F7D63841FB42C35249DE5CA1240
Chrome Cache Entry: 112	HTML document, Unicode text, UTF-8 text, with very long lines (65439)	5C57CDF6A837850398EE7D5222B205C1	63C9F93E14EE566E311D22E07EC98B61CE3D25E0	2E00C971E9745C7D69766032AF00DAFC5063AF270212E8EFAC0C8E6915036593
Chrome Cache Entry: 113	ASCII text, with very long lines (945)	64141792105EA4861F9F33294D65AB81	506D9100CAA070005A890BD496DE64C437D6D008	21758ED084CD0E37E735722EE4F3957EA960628A29DFA6C3CE1A1D47A2D6E4F7
Chrome Cache Entry: 114	PNG image data, 400 x 77, 8-bit/color RGBA, non-interlaced	787B8DCD925A7B9F731FF39863AB27DA	2F893C42FBA6EC8993A7171A9FBC32AE106620AF	3A52CB468D70267EA6F8790F81061D2FFBB4F0AE2EB2EC403FFA5EA6CCDC7325
Chrome Cache Entry: 115	ASCII text, with no line terminators	0CEF85A06BA488876294077160628616	85ED668F4B9369F661F9F5D07AF7FA56F568471D	E7196C74A5271AB14B6DB5B0D9F1BD22622CB7FD9F5E426F2A4BB578EC268ABE
Chrome Cache Entry: 116	ASCII text, with very long lines (65536), with no line terminators	31E53CC3A804A6014ED05D318D4310CE	121269CE2829A0E0C9909EBD5E04C04F86BB0A8B	45DFAD3151CC1F748916DFB060584BB603AE394DA35752E689D2BAFEA19841A1
Chrome Cache Entry: 117	ASCII text, with very long lines (4706)	8F464F6B465E1BD7C723319B980B0A94	485EA8FC56E26ECFF4BB20354C3998CEB64D6766	462EC91DA5F13557F7035D0BEB94E88EA21E41DD1576F1A5E1CA66CCE7FC6989
Chrome Cache Entry: 118	Unicode text, UTF-8 text, with very long lines (65529), with no line terminators	69CB7809B5011312E716F29B3D19DCE6	833DABFB546D57065AEBA7190B5EE5A2428DFA47	E039E607C78306C7E029A7FD0ECDB14F86456F16E1A5CE65AA26B4FDF1D38A3C
Chrome Cache Entry: 119	HTML document, ASCII text, with very long lines (930), with no line terminators	06BFCD88AF438673A8BF9B845A11AA6E	D024A745032CBE115526ABE648D9FA0F0A10A681	947AC0903521F5ECEEFC90637C066306A8CA67466CCC188BB0107FB7CFB532D1
Chrome Cache Entry: 120	ASCII text, with very long lines (630)	D86DCDBFED4C273C4742744941259902	98089A33D0CF2FA4B3E1BA9B7EEB9B8BA0AC82A7	4B4969FA4EF3594324DA2C6D78CE8766FBBC2FD121FFF395AEDF997DB0A99A06
Chrome Cache Entry: 121	gzip compressed data, from Unix, original size modulo 2^32 6952	9D14FC18A381C31EC40B46E504F00F2A	8F3BAEDAE6869A7F23AC6ABCA77EFC7A6CA610F6	5FC82CB0F0F6AE96F56D660176866866F37B8B81DD740E914FAAF24ED052C26F
Chrome Cache Entry: 122	RIFF (little-endian) data, Web/P image	032A0E2CAC13DFCA4A5AB55BDA676D7D	BAA4EAE01777B7EF91ECBE4DF00CE211976E8FCB	7BCE0A5C00B7A985D2D4DDDE3578D9D03F521DE9176D63DD6C5338428E7F7D8D
Chrome Cache Entry: 123	HTML document, ASCII text, with no line terminators	3437AADDCDF6922D623E172C2D6F9278	F69066CF20141AC93418102D3EEE7C0225B8A623	35DCC382EB69D00369D708708CDC545F3968B68FA5BBE3E728D11FEDD04F93BB
Chrome Cache Entry: 125	ASCII text, with very long lines (65536), with no line terminators	6C2E6D8372562C55AF2CD8F27CCE78DB	528ED4B6C1552FCC5F54B471C513862333FCC6E6	76E5A843C672DEED891886A4FE377D4213485B6D06CBBEF073207C67152213F7
Chrome Cache Entry: 127	JSON data	6FF4CB311970127BC2384CAE5DF38E46	0ACC787DC99B2E0B8410652A121725E85D58E92E	9607AE35CA24B3DAED73E7D42CB1496328F8866DF45449FA9A4CF78AFCE88D83
Chrome Cache Entry: 128	HTML document, ASCII text, with very long lines (7698)	E14A7BD79268B13D573D87EC4F4A827E	A0E92663BBDA5FB39621A69684729250634F74C2	EF47A5817CDC32EC4E1FE80C31483BB4559105B63770B390A5F4889EE941FDD1
Chrome Cache Entry: 130	ASCII text, with no line terminators	5C0D2F592924CF8640BCC49B50E28E3E	430B6AC0493DEFEB5207AD1E2A8B25F14DD5363F	A1245B1CDD24538FA2E4B17EC76D2AD453F0073A1E958368AEE3D63AE399B518
Chrome Cache Entry: 131	gzip compressed data, from Unix, original size modulo 2^32 493458	B27B573E6B04DAED0B4144A6E206BA93	026B3BC8B3F967D7096191718F9B999C06A090AF	70371467412BCA4624E5589F75D4A2BB10581E6C4C9CE9F2520AC9DA5A60DECF
Chrome Cache Entry: 132	JSON data	F447C440ABF2B8AF203938329FE494F8	3E071AE6400D84FB2EBE38EAEE60E1161D9F4556	11BBA994684E05187E8CB291F03254CE7810FB3EABBC900299F078F2E584550F
Chrome Cache Entry: 134	HTML document, ASCII text, with very long lines (391), with no line terminators	BEECCCFC8D2D565628A0AC8E67601C4A	186FFC872ED3B2B4FCE883EEFAAEE2708C3F75C9	E4AD504BFE2CA3811BC2426DF6314C97676314A42226CA21872D3AADFA579856
Chrome Cache Entry: 135	HTML document, ASCII text, with very long lines (419), with no line terminators	4C0D839A05613B0F5D6F591F2FF1422C	0B14D4DB020F70EBE4F618E557DA36565BE13089	7046E325BEE6E4FFD4581616A2B76772F5749FBD45EB77998A1B5810ED476D2E
Chrome Cache Entry: 136	ASCII text, with very long lines (29919), with no line terminators	930AC9802BF439125EF5999945F2C2DA	3EC7B1E7155CA9C8F9F9ABD56D25B1D997590D54	5F1A7A24206F089ADCD2F4FABA07E77E075C85FF88ABEE9465CCCA2C2AF3686F
Chrome Cache Entry: 138	ASCII text, with no line terminators	A43C7AC772122FE4D977D94876437F2A	CA7B2EF2734369BB815A7CFA49FFFA5C55BE8635	029918E68AAC864A6F19969163941C2F437015C3ABC4A448CF35D7F2A0452955
Chrome Cache Entry: 139	ASCII text, with no line terminators	89BE93E81169A3478F5B92F3C91AF580	C62E2852B394952919463742831CB4C66CCA1C8B	77C5F518D3925E0083F47A20572ADB178B2204D07FAA396A2E3B0AFD803155B9
Chrome Cache Entry: 140	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 141	ASCII text, with very long lines (36028), with no line terminators	7682536729AD9EA1A4DC8E24F4C7568A	52E6D0BBA139CEAF735A3A328F3A458B1450DFC9	40F537631A8EA71038827C57D604891F13938A49F5208B495D587FCB48AE6B4E
Chrome Cache Entry: 142	JSON data	7758BD88BB4C7D2E2BF13EF8BD74EAF1	1A154470FF44DB6D4AE749425E492D78D0BEF796	3E43D8BE8C818708C2B2363D9FE387C71B3FB4C86308BDAA0C28818DA363E037
Chrome Cache Entry: 143	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators	F1293D9665CF5713B80B2FB0FAB4A84E	A8C21E2D2531F842F02B75A141B2123DF17C6A9D	573C961FFC4C9ED4FFD7693640512ABCD9A31736CFD49B3EAE812DFBDB3060DB
Chrome Cache Entry: 144	gzip compressed data, from Unix, original size modulo 2^32 35428	549D63DC73C5770CA6C7ACD1ABDEAAA1	FB9655A72C0F8CEA5DAB9693F1BF14048023AAE2	53BCEF9ED6F1D7D241585FF81D0B45E4251C7962EAE0E847088C21F9FA1C24CD
Chrome Cache Entry: 145	ASCII text, with no line terminators	96F5B26D366F47393B3FF36FE7471474	6CAA14FF7E3692BEB752734C28CBEA160C113B7A	07B6B3D899DD69C0E9EB463E23E10E30E82588EDDF95D15D45BB505C6703A813
Chrome Cache Entry: 146	Unicode text, UTF-8 text, with very long lines (65530), with no line terminators	0909739FC5EED96F5F374478E42F3AA6	0D05EC145BF2F6670D10BEC629D379F87D4FF973	6E04C6B3BBC03B3BB9C2D9ECB538DA8CCBADCD8DB5DDEE48997BCFBA912450EB
Chrome Cache Entry: 147	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators	AA506978B16DC4EEABE7C31473ED8DAA	9999C9B4B9FB0369F7E5C337D8DDE3F229271AD3	FBB7940C873CED91C1146BFA2821132025D4F4D91F5F66ABF190925860DBCE62
Chrome Cache Entry: 149	PNG image data, 16 x 16, 8-bit colormap, non-interlaced	B42CB6EDE27D2B5BE4F43C79AB30B9F3	152DE95E673E17E835D94B714555C76F91FD8F16	6F59F3FEDCC6D879B48025E6ABCCCCC0934818DBE3148419DBD8D62C7C744E75
Chrome Cache Entry: 151	Unicode text, UTF-8 text, with very long lines (41625)	052BF4ABB4128EF78B68C418F7D94678	2B6C44A8CC009017A2909C7AFD71E371E82B7D27	01908359050DA30C842F89D13AF0447BE961B00B67B46EB61114D1FA48F1BDC9
Chrome Cache Entry: 153	gzip compressed data, from Unix, original size modulo 2^32 210938	E3F42890FD479DD5F9E7CE2B13595746	BF417574CEF96258C8B80637AFD7C4C843288653	3EF5E13ABA749410B0144B37E79C5D8475E2BB565F7D92671490A5036AB81C5A
Chrome Cache Entry: 154	ASCII text, with very long lines (65536), with no line terminators	2D6E56E859C536646B2F1A76684E2227	374864AE4D33D9F9CA6941DF489A4CEDC4A572F4	BAFADF9C618FB3D866385426D8AABCBDE2E9983CDC3961CCC2A676A7D1EE438A
Chrome Cache Entry: 155	PNG image data, 729 x 733, 8-bit colormap, non-interlaced	4B2AB93362B5F9558F994FDF12E3CA7C	F74E8BE1B8F85457ECDB8BDD8C9646D497257D4E	786ECD2A5D662201E7F7C7F829763E5B39166453C1C33B253CBF9FE306EE24D9
Chrome Cache Entry: 157	ASCII text, with very long lines (65536), with no line terminators	74E21B04FC13EFE6E788FCA7016AE74C	3C5E9F21E9403DE9F59A6339DA92C41289E44ED4	FA38EEBB1ECA7C94241152AE35CEC12209D942905DC49F6D00DBE50636441258
Chrome Cache Entry: 158	ASCII text, with very long lines (526), with no line terminators	D96C709017743C0759CF3853D1806BA5	72E21587610C49C8305A55E71F73FA88ED618205	BA2338AA6670580269C762F51C4291DAEF913201AA8F4D4FD166C1A878262652
Chrome Cache Entry: 159	ASCII text, with very long lines (583), with no line terminators	A8CCD32EEAE2573B015B4AAC7604ED0E	8C9C97BEF485EDEA6E7752BEFFD4F3D8D51AA19E	29108B508F3E3A2258B5FF26CD876D31B87D7861DCD999190E083D25228C8AB7
Chrome Cache Entry: 160	gzip compressed data, from Unix, original size modulo 2^32 13299	1B65C0FE701D4C16A04AE5403AC1C290	0CAF71F5B2167089C84AB7056E73231EACBE5BAF	6336D7E7231FB0E8FC185004FA4D4D5DE619FC69BA22195BDF49A07AF701C340
Chrome Cache Entry: 161	ASCII text, with very long lines (34055), with no line terminators	ED99E2C2B7E432BF1B01B17E26FEA4F1	31B19A9F34FEF2D8C779585F4477CD05A6784FAA	C64B612E535BAE0B630160E4B0054682C16C475EE18FB18CB2ACF0E92ED99A84
Chrome Cache Entry: 162	ASCII text, with very long lines (18812), with no line terminators	09EC813B4574067AB37E81D05F9C25C4	0FB792104D812BD0376C9DC05E6D234A2589AC1F	FBB1DBAE387EBE6836838EBEA3B64BDD7723B60617B80FCCDA795D555A526C31
Chrome Cache Entry: 164	JSON data	69CB34BB24259E111A77A9B5CCFB2CFE	575ABBD10BC2014E1F812C8206CF5B835E85A632	4F53ECEB4C539FBD76C7960BAAC9C3CF0AC238811C007444BD9016F81EB5EA5B
Chrome Cache Entry: 165	ASCII text, with very long lines (26008), with no line terminators	83C0A3AE20BDB338DE5F1C32594E8A28	1BB16A48E3C00715C03F6DCCFDF886543F8C28AD	24C6667BF50AF02C957012F598C561091A1C690B70C154762B8116BA887081B4
Chrome Cache Entry: 166	MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel	C169AEE3C6F710672AE66CDB0AE20879	CAA44FB392A6427C7E5C22437137CB771E717C53	B5107D80D618E1824D266984E1673710D3A6D766E8B3997C52E1E271FB57FA49
Chrome Cache Entry: 167	HTML document, ASCII text, with very long lines (30711)	FF2E3BF25D34969239CEA277B666302B	B80AA464141C6DA1A6A3C7B1A69BE833980B2F1B	95F4D3871468A9CF835156C273861A08830324BCD2B98D72CD89F6158602883C
Chrome Cache Entry: 168	HTML document, ASCII text, with very long lines (1165)	3D1F28CAF6C2BAB68E6F70FA0952E46B	626164A4B3EF5DA55C2D6C2B6F89E271DD622767	E1308539D9AE9C8C04A21CABD5BC4FFBA8436C143B32C4FCD6329BEB38D25118
Chrome Cache Entry: 169	ASCII text, with very long lines (18233)	B2C9E79BB9D0B77EB9EAEDCF701AF07A	CE16CB6C1B659E32A550E800EBE9403F40ADFC0F	3132461EC63AA7D365E4C13C9A089825675B0FA7D3AA071B96A06E393950022A
Chrome Cache Entry: 170	gzip compressed data, from Unix, original size modulo 2^32 529834	6AF2B93C09D4A214AD436BCD3568E36D	AB743215BEE82D6E35B33D2BEF7AB704B8FA0A59	80EA006D3B4945D70023F9C7DB7D256830EFD317A26020B50B49D4185F8D7CFF
Chrome Cache Entry: 171	ASCII text, with very long lines (65441)	1D0212A390F1E5B2D0AB12D5BC075BC4	4AE9211C0696BD1817935258B22216B499349E39	579E5C009E0E62843C2D6891C17B15A7728640E34BB69BBC3BC084E43A672BD3
Chrome Cache Entry: 172	ASCII text, with very long lines (32010)	63E2DF852D15AB21D7FF8FC4363222E8	7EE401BA652DB0A4EC960350E17216CDA01E22FB	545156ADEAE44DADC82B98D504F805EBE77FB79C928EF34EED1057BB9D4CB8FE
Chrome Cache Entry: 173	ASCII text, with very long lines (65453)	217249B467829E20EDCB9CE529FF53FE	6B86B9A52C4C9D7102B518F3AF5C5D118983E463	9CCCCBCEDFF99C9FBCFD728C83B1789E024132544A390A84EA4719756F63718B
Chrome Cache Entry: 174	ASCII text, with very long lines (65536), with no line terminators	4342B00F906EEA1D05B94293D52AA8B3	BA41F9126678214599E77D71D64BDBDE14CF65E6	A2A6E347030A794CA08AF4A84555D466FFEB098D7C09ABE76851F5BE84A5DA08
Chrome Cache Entry: 175	ASCII text, with no line terminators	708FD37768AAAC4FAC6B11B43BC538A3	A47D5B07394D4447EAFE830DBC6A4ACBCB40CF33	F2205C30AB0D0A86CD0D715CF483BAFD550C0EA9D4DDB24E2C182F1D7F024144
Chrome Cache Entry: 176	gzip compressed data, from Unix, original size modulo 2^32 705897	D625DB79DB383FDAEF04243566C4AFCE	602DD72D8ACE3CAF67935FADFA7DBB2F8124AC80	7F3046C46346778BB29417C58A123A51E6B192997660E5AA4315B84D5ECBC5C6

Source: https://m.stripe.network/inner.html#url=https%3A%2F%2Fin.xero.com%2Fm%2F538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY%3Futm_source%3DinvoiceEmailPayNowButton%26utm_campaign%3DclassicInvoicesEmailV2PaymentServiceAttached%23paynow&title=Invoice%20INV-83563%20-%20HelloSelf%20(UK)%20Limited&referrer=&muid=NA&sid=NA&version=6&preview=false	HTTP Parser: No favicon
Source: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fin.xero.com%2Fm%2F538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY%3Futm_source%3DinvoiceEmailPayNowButton%26utm_campaign%3DclassicInvoicesEmailV2PaymentServiceAttached%23paynow&title=Invoice%20INV-83563%20-%20HelloSelf%20(UK)%20Limited&referrer=&muid=NA&sid=NA&version=6&preview=false	HTTP Parser: No favicon
Source: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.25/HCaptchaInvisible.html?id=221e024c-4494-4f55-aeea-7c188f7b254a&origin=https%3A%2F%2Fjs.stripe.com	HTTP Parser: No favicon
Source: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.25/HCaptchaInvisible.html?id=221e024c-4494-4f55-aeea-7c188f7b254a&origin=https%3A%2F%2Fjs.stripe.com	HTTP Parser: No favicon
Source: https://js.stripe.com/v3/hcaptcha-invisible-5c57cdf6a837850398ee7d5222b205c1.html#debugMode=false&parentOrigin=https%3A%2F%2Fin.xero.com	HTTP Parser: No favicon
Source: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0e6zzusridhr&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com	HTTP Parser: No favicon
Source: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0e6zzusridhr&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49818 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: unknown

DNS traffic detected: queries for: in.xero.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49818 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@17/61@66/194

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://in.xero.com/538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY?utm_source=invoiceEmailPayNowButton&utm_campaign=classicInvoicesEmailV2PaymentServiceAttached#paynow
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1972,i,18444751312920158574,14448086482904008040,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1972,i,18444751312920158574,14448086482904008040,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

ID:	1430558
Product:	CloudBasic
Start time:	21:46:00
Start date:	23.04.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://in.xero.com/538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY?utm_source=invoiceEmailPayNowButton&utm_campaign=classicInvoicesEmailV2PaymentServiceAttached#paynow

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://in.xero.com/538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY?utm_source=invoiceEmailPayNowButton&utm_campaign=classicInvoicesEmailV2PaymentServiceAttached#paynow

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://in.xero.com/538xzi7jR6vpCOoeVZX9FI8QyXA91hfWBxTy9jvY?utm_source=invoiceEmailPayNowButton&utm_campaign=classicInvoicesEmailV2PaymentServiceAttached#paynow