Click to jump to signature section
Source: https://gopowerssolutions.com/?abnhljlk&email=jradke@gpalab.com | LLM: Score: 7 Reasons: The URL in question shows signs of typosquatting, with the domain name 'gopowerssolutions.com' differing slightly from the legitimate domain 'gopowertools.com'. Additionally, the presence of a suspicious parameter 'abnhljlk' in the URL may indicate an attempt to obfuscate the true intent of the site. The email address 'jradke@gpalab.com' may also be a target of phishing or other malicious activities. It is recommended to exercise caution when accessing this URL. DOM: 1.1.pages.csv |
Source: https://gopowerssolutions.com/?abnhljlk&email=jradke@gpalab.com | LLM: Score: 7 Reasons: The text contains indicators of a potential phishing site. The text mentions the need for email address verification and the modification of contact details, which is a common tactic used by phishers to trick users into providing sensitive information. The URL provided also has suspicious parameters and does not match the name of the company mentioned in the text. DOM: 1.2.pages.csv |
Source: unknown | HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49738 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.190.151.7:443 -> 192.168.2.17:49740 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49741 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.107.21.200:443 -> 192.168.2.17:49742 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 23.192.208.109:443 -> 192.168.2.17:49746 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 23.192.208.109:443 -> 192.168.2.17:49747 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.17:49748 version: TLS 1.2 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.222.123 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.206.222.123 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.30.122.249 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.30.122.249 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.200 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.68.123.157 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.190.151.7 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.190.151.7 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.190.151.7 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.5.88 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.5.88 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.5.88 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.190.151.7 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.190.151.7 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.190.151.7 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.190.151.7 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.5.88 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.5.88 |
Source: global traffic | DNS traffic detected: DNS query: m.exactag.com |
Source: global traffic | DNS traffic detected: DNS query: empireglass.ae |
Source: global traffic | DNS traffic detected: DNS query: gopowerssolutions.com |
Source: global traffic | DNS traffic detected: DNS query: static.nc-img.com |
Source: global traffic | DNS traffic detected: DNS query: www.google.com |
Source: global traffic | DNS traffic detected: DNS query: www.namecheap.com |
Source: unknown | Network traffic detected: HTTP traffic on port 49708 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49674 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49710 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49720 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49742 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49741 |
Source: unknown | Network traffic detected: HTTP traffic on port 49712 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49740 |
Source: unknown | Network traffic detected: HTTP traffic on port 49676 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49678 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49704 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49691 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49741 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49748 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49746 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49720 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49713 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49738 |
Source: unknown | Network traffic detected: HTTP traffic on port 49680 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49713 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49712 |
Source: unknown | Network traffic detected: HTTP traffic on port 49738 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49711 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49710 |
Source: unknown | Network traffic detected: HTTP traffic on port 49675 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49673 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49705 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49711 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49750 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49691 |
Source: unknown | Network traffic detected: HTTP traffic on port 49740 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49742 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49747 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49708 |
Source: unknown | Network traffic detected: HTTP traffic on port 49750 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49705 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49704 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49748 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49747 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49746 |
Source: unknown | HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49738 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.190.151.7:443 -> 192.168.2.17:49740 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49741 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.107.21.200:443 -> 192.168.2.17:49742 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 23.192.208.109:443 -> 192.168.2.17:49746 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 23.192.208.109:443 -> 192.168.2.17:49747 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.17:49748 version: TLS 1.2 |
Source: classification engine | Classification label: mal48.phis.win@16/22@16/148 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps |
Source: unknown | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://m.exactag.com/ai.aspx?tc=d9886728bc40b07205bbd26a23a8d2e6b6b4f9&url=http%253Aempireglass.ae/real/60920//anJhZGtlQGdwYWxhYi5jb20= |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1872,i,16412441582020803288,5321101291447823665,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1872,i,16412441582020803288,5321101291447823665,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | Process created: unknown unknown |
Source: Window Recorder | Window detected: More than 3 window changes detected |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe | File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk |