Windows Analysis Report
https://lokicollective.org/project/

Overview

General Information

Sample URL: https://lokicollective.org/project/
Analysis ID: 1430847
Infos:

Detection

Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

No high impact signatures.

Classification

There are no high impact signatures.

Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dlokicollective.org%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301437%252C17301439%252C17301442%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D421713945521519%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713945521522%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26referer%3Dhttps%253A%252F%252Flokicollective.org%252Fproject%252F&q=EgSaEGkkGLT3orEGIjASKWvf3s_h17mP-Uc4UVzAQloNiIqRSy-JFjke5NIPT7PON1RaNAY9q1P-D0LQKt8yAXJKGVNPU... HTTP Parser: No favicon
Source: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dlokicollective.org%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301437%252C17301439%252C17301442%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D421713945521519%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713945521522%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26referer%3Dhttps%253A%252F%252Flokicollective.org%252Fproject%252F&q=EgSaEGkkGLT3orEGIjASKWvf3s_h17mP-Uc4UVzAQloNiIqRSy-JFjke5NIPT7PON1RaNAY9q1P-D0LQKt8yAXJKGVNPU... HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&s=HvyRYTb8JCTIQsjTBmWcfxZwavGlIxZBHYwtWjX603zvKXD_wY85wI_xUZJ9bvr2ySTHHyI_Fj41ha_HbTru4FzDvb6nUcXBIfrGjGh8LOa3GvsH9_G6KGNjRTqL1xJiA4k6bcgCRnxnXJbZWqQLvVTDG-p5hbGniG2FrKKtcxLpMtSjvZJypIG1HN8uuezkjA8Ij7MezmHUz52odH3bTqfkXDX4Lh6V7IWFJs9TCYucM5RVoK768hM9FZIzLNcHZvuKQOn_k4gB6OCLx8sbJ7TzXaY5nAE&cb=o8d72n2u6tuf HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b HTTP Parser: No favicon
Source: https://www.godaddy.com/domainfind/v1/redirect?key=parkweb&utm_source=godaddy&utm_medium=parkedpages&utm_campaign=x_dom-broker_parkedpages_x_x_invest_001&tmskey=dpp_dbs&domainToCheck=lokicollective.org&isc=GPPTCOM&itc=parkedpage_landers HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 23.206.6.29:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.206.6.29:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.6.29
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET /project/ HTTP/1.1Host: lokicollective.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /lander HTTP/1.1Host: lokicollective.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://lokicollective.org/project/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&gdabp=true HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tag?o=5097926782615552&upapi=true HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /tag?o=5097926782615552&upapi=true HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: W/"99d9767dcb7d8390d77625c402e08999"If-Modified-Since: Wed, 24 Apr 2024 07:21:18 GMT
Source: global traffic HTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /px.gif?ch=1&e=0.6066674524460127 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /mw/state?bt_env=prod HTTP/1.1Host: api.btloader.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://lokicollective.orgSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /px.gif?ch=1&e=0.6066674524460127 HTTP/1.1Host: ad-delivery.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1Host: ad.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /v1/parking/landers/lokicollective.org?trafficTarget=reseller&abp=1&gdabp=true HTTP/1.1Host: api.aws.parking.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-Request-Id: 56d7852b-2394-475c-af04-42543a818fbcsec-ch-ua-platform: "Windows"Accept: */*Origin: https://lokicollective.orgSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /v1/parking/landers/lokicollective.org?trafficTarget=reseller&abp=1&gdabp=true HTTP/1.1Host: api.aws.parking.godaddy.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /afs/ads?adsafe=low&adtest=off&psid=7949183650&pcsa=false&channel=non-expiry&domain_name=lokicollective.org&client=dp-godaddy1_xml&r=m&rpbu=https%3A%2F%2Flokicollective.org%2Flander&type=3&uiopt=true&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442&client_gdprApplies=0&format=r3&nocache=421713945521519&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=1&u_tz=120&dt=1713945521522&u_w=1280&u_h=1024&biw=1280&bih=907&psw=1280&psh=907&frm=0&uio=-&cont=relatedLinks&drt=0&jsid=caf&nfp=1&jsv=625314022&rurl=https%3A%2F%2Flokicollective.org%2Flander&referer=https%3A%2F%2Flokicollective.org%2Fproject%2F HTTP/1.1Host: www.adsensecustomsearchads.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dlokicollective.org%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301437%252C17301439%252C17301442%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D421713945521519%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713945521522%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26referer%3Dhttps%253A%252F%252Flokicollective.org%252Fproject%252F&q=EgSaEGkkGLT3orEGIjASKWvf3s_h17mP-Uc4UVzAQloNiIqRSy-JFjke5NIPT7PON1RaNAY9q1P-D0LQKt8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://lokicollective.org/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dlokicollective.org%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301437%252C17301439%252C17301442%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D421713945521519%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713945521522%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26referer%3Dhttps%253A%252F%252Flokicollective.org%252Fproject%252F&q=EgSaEGkkGLT3orEGIjASKWvf3s_h17mP-Uc4UVzAQloNiIqRSy-JFjke5NIPT7PON1RaNAY9q1P-D0LQKt8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&s=HvyRYTb8JCTIQsjTBmWcfxZwavGlIxZBHYwtWjX603zvKXD_wY85wI_xUZJ9bvr2ySTHHyI_Fj41ha_HbTru4FzDvb6nUcXBIfrGjGh8LOa3GvsH9_G6KGNjRTqL1xJiA4k6bcgCRnxnXJbZWqQLvVTDG-p5hbGniG2FrKKtcxLpMtSjvZJypIG1HN8uuezkjA8Ij7MezmHUz52odH3bTqfkXDX4Lh6V7IWFJs9TCYucM5RVoK768hM9FZIzLNcHZvuKQOn_k4gB6OCLx8sbJ7TzXaY5nAE&cb=o8d72n2u6tuf HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dlokicollective.org%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301437%252C17301439%252C17301442%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D421713945521519%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713945521522%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26referer%3Dhttps%253A%252F%252Flokicollective.org%252Fproject%252F&q=EgSaEGkkGLT3orEGIjASKWvf3s_h17mP-Uc4UVzAQloNiIqRSy-JFjke5NIPT7PON1RaNAY9q1P-D0LQKt8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&s=HvyRYTb8JCTIQsjTBmWcfxZwavGlIxZBHYwtWjX603zvKXD_wY85wI_xUZJ9bvr2ySTHHyI_Fj41ha_HbTru4FzDvb6nUcXBIfrGjGh8LOa3GvsH9_G6KGNjRTqL1xJiA4k6bcgCRnxnXJbZWqQLvVTDG-p5hbGniG2FrKKtcxLpMtSjvZJypIG1HN8uuezkjA8Ij7MezmHUz52odH3bTqfkXDX4Lh6V7IWFJs9TCYucM5RVoK768hM9FZIzLNcHZvuKQOn_k4gB6OCLx8sbJ7TzXaY5nAE&cb=o8d72n2u6tufAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /js/bg/6JK7PkhQPjgGeBZqyHKCSWuJKD5ZJmF_kzmP9QlV1DY.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&s=HvyRYTb8JCTIQsjTBmWcfxZwavGlIxZBHYwtWjX603zvKXD_wY85wI_xUZJ9bvr2ySTHHyI_Fj41ha_HbTru4FzDvb6nUcXBIfrGjGh8LOa3GvsH9_G6KGNjRTqL1xJiA4k6bcgCRnxnXJbZWqQLvVTDG-p5hbGniG2FrKKtcxLpMtSjvZJypIG1HN8uuezkjA8Ij7MezmHUz52odH3bTqfkXDX4Lh6V7IWFJs9TCYucM5RVoK768hM9FZIzLNcHZvuKQOn_k4gB6OCLx8sbJ7TzXaY5nAE&cb=o8d72n2u6tufAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dlokicollective.org%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301437%252C17301439%252C17301442%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D421713945521519%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713945521522%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26referer%3Dhttps%253A%252F%252Flokicollective.org%252Fproject%252F&q=EgSaEGkkGLT3orEGIjASKWvf3s_h17mP-Uc4UVzAQloNiIqRSy-JFjke5NIPT7PON1RaNAY9q1P-D0LQKt8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUMAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: unknown DNS traffic detected: queries for: lokicollective.org
Source: chromecache_74.2.dr String found in binary or memory: https://btloader.com/tag?o=5097926782615552&upapi=true
Source: chromecache_67.2.dr String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_67.2.dr String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_67.2.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_67.2.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_67.2.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_60.2.dr String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_74.2.dr String found in binary or memory: https://img1.wsimg.com/parking-lander/static/css/main.8a1d19af.css
Source: chromecache_74.2.dr String found in binary or memory: https://img1.wsimg.com/parking-lander/static/js/main.93aa74bd.js
Source: chromecache_60.2.dr String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_60.2.dr String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_67.2.dr String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_67.2.dr String found in binary or memory: https://recaptcha.net
Source: chromecache_67.2.dr String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_67.2.dr String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_67.2.dr String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_67.2.dr String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_60.2.dr String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_67.2.dr String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_78.2.dr, chromecache_66.2.dr String found in binary or memory: https://www.godaddy.com/domainfind/v1/redirect?key=parkweb
Source: chromecache_74.2.dr String found in binary or memory: https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
Source: chromecache_59.2.dr, chromecache_67.2.dr String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_67.2.dr String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__.
Source: chromecache_59.2.dr, chromecache_76.2.dr String found in binary or memory: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js
Source: unknown Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown HTTPS traffic detected: 23.206.6.29:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.206.6.29:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: classification engine Classification label: clean0.win@19/47@36/13
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=2168,i,13060034692085098184,4281837526702625336,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://lokicollective.org/project/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=2168,i,13060034692085098184,4281837526702625336,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1430847 URL: https://lokicollective.org/... Startdate: 24/04/2024 Architecture: WINDOWS Score: 0 5 chrome.exe 1 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.6, 443, 49168, 49698 unknown unknown 5->13 15 239.255.255.250 unknown Reserved 5->15 10 chrome.exe 5->10         started        process4 dnsIp5 17 api.btloader.com 130.211.23.194, 443, 49717 GOOGLEUS United States 10->17 19 142.250.141.105, 443, 49736, 49737 GOOGLEUS United States 10->19 21 13 other IPs or domains 10->21
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
76.223.67.189
 lokicollective.org United States
16509 AMAZON-02US false
142.250.141.99
 unknown United States
15169 GOOGLEUS false
172.67.69.19
 ad-delivery.net United States
13335 CLOUDFLARENETUS false
52.32.46.203
 gddomainparking.com United States
16509 AMAZON-02US false
74.125.137.100
 www3.l.google.com United States
15169 GOOGLEUS false
130.211.23.194
 api.btloader.com United States
15169 GOOGLEUS false
142.251.2.149
 unknown United States
15169 GOOGLEUS false
142.251.2.148
 ad.doubleclick.net United States
15169 GOOGLEUS false
239.255.255.250
 unknown Reserved
unknown unknown false
104.22.74.216
 btloader.com United States
13335 CLOUDFLARENETUS false
142.250.141.105
 unknown United States
15169 GOOGLEUS false
142.250.141.106
 www.google.com United States
15169 GOOGLEUS false

Private

IP
192.168.2.6

Contacted Domains

Name IP Active
gddomainparking.com 52.32.46.203 true
www3.l.google.com 74.125.137.100 true
api.btloader.com 130.211.23.194 true
lokicollective.org 76.223.67.189 true
ad.doubleclick.net 142.251.2.148 true
www.google.com 142.250.141.106 true
btloader.com 104.22.74.216 true
fp2e7a.wpc.phicdn.net 192.229.211.108 true
ad-delivery.net 172.67.69.19 true
img1.wsimg.com unknown unknown
api.aws.parking.godaddy.com unknown unknown
www.godaddy.com unknown unknown
www.adsensecustomsearchads.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://btloader.com/tag?o=5097926782615552&upapi=true false
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
 unknown
https://api.btloader.com/mw/state?bt_env=prod false
  • URL Reputation: safe
 unknown
https://lokicollective.org/project/ false
    		unknown
    https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&s=HvyRYTb8JCTIQsjTBmWcfxZwavGlIxZBHYwtWjX603zvKXD_wY85wI_xUZJ9bvr2ySTHHyI_Fj41ha_HbTru4FzDvb6nUcXBIfrGjGh8LOa3GvsH9_G6KGNjRTqL1xJiA4k6bcgCRnxnXJbZWqQLvVTDG-p5hbGniG2FrKKtcxLpMtSjvZJypIG1HN8uuezkjA8Ij7MezmHUz52odH3bTqfkXDX4Lh6V7IWFJs9TCYucM5RVoK768hM9FZIzLNcHZvuKQOn_k4gB6OCLx8sbJ7TzXaY5nAE&cb=o8d72n2u6tuf false
      		high
      https://www.godaddy.com/domainfind/v1/redirect?key=parkweb&utm_source=godaddy&utm_medium=parkedpages&utm_campaign=x_dom-broker_parkedpages_x_x_invest_001&tmskey=dpp_dbs&domainToCheck=lokicollective.org&isc=GPPTCOM&itc=parkedpage_landers false
        		high
        https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC false
          		high
          about:blank false
          • Avira URL Cloud: safe
          		 low
          https://www.google.com/js/bg/6JK7PkhQPjgGeBZqyHKCSWuJKD5ZJmF_kzmP9QlV1DY.js false
            		high
            https://ad-delivery.net/px.gif?ch=1&e=0.6066674524460127 false
            • Avira URL Cloud: safe
            		 unknown
            https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 false
              		high
              https://ad-delivery.net/px.gif?ch=2 false
              • URL Reputation: safe
              		 unknown
              https://lokicollective.org/lander false
                		unknown
                https://www.google.com/recaptcha/api.js false
                  		high
                  https://www.google.com/recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b false
                    		high
                    https://api.aws.parking.godaddy.com/v1/parking/landers/lokicollective.org?trafficTarget=reseller&abp=1&gdabp=true false
                      		high
                      https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true false
                        		high