Click to jump to signature section
| Source: https://micr.tech-arnericas.com | LLM: Score: 8 brands: Microsoft Reasons: The URL 'https://micr.tech-arnericas.com' is suspicious because it does not match the legitimate domain 'microsoft.com' associated with the brand Microsoft. The domain uses a common phishing technique of slightly altering the brand name (e.g., 'micr' instead of 'microsoft') and adding a subdomain ('tech-arnericas') to mislead users. The presence of a CAPTCHA alone does not indicate legitimacy, and there is no prominent login form visible in the image. The combination of these factors strongly suggests that this is a phishing site. DOM: 0.0.pages.csv |
| Source: https://micr.tech-arnericas.com | LLM: Score: 9 brands: Microsoft Reasons: The URL 'https://micr.tech-arnericas.com' is suspicious because it does not match the legitimate domain 'microsoft.com'. The use of 'micr' instead of 'microsoft' is a common social engineering technique to mislead users. The page prominently displays a login form, which is typical for phishing sites attempting to harvest credentials. Additionally, the link 'Create one!' and 'Can't access your account?' are often used in phishing sites to appear legitimate. There is no captcha present, which is not necessarily indicative of phishing but is worth noting. Overall, the combination of a suspicious domain, prominent login form, and social engineering techniques strongly suggests that this is a phishing site. DOM: 2.5.pages.csv |
| Source: https://tech-arnericas.com | Matcher: Template: microsoft matched with high similarity |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | Matcher: Template: microsoft matched with high similarity |
| Source: Yara match | File source: 0.0.pages.csv, type: HTML |
| Source: Yara match | File source: 0.1.pages.csv, type: HTML |
| Source: Yara match | File source: 1.3.id.script.csv, type: HTML |
| Source: Yara match | File source: 2.14.i.script.csv, type: HTML |
| Source: Yara match | File source: 2.4.pages.csv, type: HTML |
| Source: Yara match | File source: 2.5.pages.csv, type: HTML |
| Source: Yara match | File source: 1.2.pages.csv, type: HTML |
| Source: Yara match | File source: 2.3.pages.csv, type: HTML |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | Matcher: Found strong image similarity, brand: MICROSOFT |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-a | Matcher: Template: microsoft matched |
| Source: https://micr.tech-arnericas.com/ | Matcher: Template: captcha matched |
| Source: https://micr.tech-arnericas.com/ | Matcher: Template: captcha matched |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | HTTP Parser: Number of links: 0 |
| Source: https://micr.tech-arnericas.com/ | HTTP Parser: Base64 decoded: a[href="http://www.salidzini.lv/"][style="display: block; width: 120px; height: 40px; overflow: hidden; position: relative;"] |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | HTTP Parser: Title: Sign in to your account does not match URL |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | HTTP Parser: <input type="password" .../> found |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0 | HTTP Parser: No favicon |
| Source: https://7f5d37dd-e3b309ea.tech-arnericas.com/?session_id=0853e4491dc04151a3843791d98eff72&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU | HTTP Parser: No favicon |
| Source: https://f82580a6-e3b309ea.tech-arnericas.com/index.html | HTTP Parser: No favicon |
| Source: https://f82580a6-e3b309ea.tech-arnericas.com/index.html | HTTP Parser: No favicon |
| Source: https://f82580a6-e3b309ea.tech-arnericas.com/index.html | HTTP Parser: No favicon |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | HTTP Parser: No <meta name="author".. found |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | HTTP Parser: No <meta name="author".. found |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | HTTP Parser: No <meta name="author".. found |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | HTTP Parser: No <meta name="copyright".. found |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | HTTP Parser: No <meta name="copyright".. found |
| Source: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true | HTTP Parser: No <meta name="copyright".. found |
| Source: unknown | HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49741 version: TLS 1.2 |
| Source: unknown | HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49745 version: TLS 1.2 |
| Source: Traffic | Snort IDS: 2857090 ETPRO CURRENT_EVENTS JS/PsyduckPockeball Payload Inbound 139.28.37.60:443 -> 192.168.2.4:49739 |
| Source: global traffic | TCP traffic: 192.168.2.4:59912 -> 1.1.1.1:53 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.19.244.127 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.32 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 199.232.214.172 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 199.232.214.172 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.108.147 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.108.147 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: micr.tech-arnericas.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: micr.tech-arnericas.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://micr.tech-arnericas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JijcS1="ZTNiMzA5ZWEtOWU2NC00N2VkLWE3NmItM2M3NGFhZGQ5OTUyOjBhOTk3OWJlLTI5ZjktNGFlOS1hN2VhLTQwMWFmNGZlZmMxNA==" |
| Source: global traffic | HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
| Source: global traffic | HTTP traffic detected: GET /login HTTP/1.1Host: 0ffice.tech-arnericas.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://micr.tech-arnericas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JijcS1="ZTNiMzA5ZWEtOWU2NC00N2VkLWE3NmItM2M3NGFhZGQ5OTUyOjBhOTk3OWJlLTI5ZjktNGFlOS1hN2VhLTQwMWFmNGZlZmMxNA==" |
| Source: global traffic | HTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0 HTTP/1.1Host: micr.tech-arnericas.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://micr.tech-arnericas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JijcS1="ZTNiMzA5ZWEtOWU2NC00N2VkLWE3NmItM2M3NGFhZGQ5OTUyOjBhOTk3OWJlLTI5ZjktNGFlOS1hN2VhLTQwMWFmNGZlZmMxNA=="; MUID=3878C84C7013626E2E10DCF171CB632E |
| Source: global traffic | HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js HTTP/1.1Host: 0a0de824-e3b309ea.tech-arnericas.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://micr.tech-arnericas.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://micr.tech-arnericas.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /e3b309ea9e6447eda76b3c74aadd9952/ HTTP/1.1Host: micr.tech-arnericas.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://micr.tech-arnericas.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JijcS1="ZTNiMzA5ZWEtOWU2NC00N2VkLWE3NmItM2M3NGFhZGQ5OTUyOjBhOTk3OWJlLTI5ZjktNGFlOS1hN2VhLTQwMWFmNGZlZmMxNA=="; MUID=3878C84C7013626E2E10DCF171CB632ESec-WebSocket-Key: 0h/Jfkh7+ycDufWGivUfFg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits |
| Source: global traffic | HTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0&sso_reload=true HTTP/1.1Host: micr.tech-arnericas.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://micr.tech-arnericas.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.tech-arnericas.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.tech-arnericas.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638566674701864962.ZmQ2ZjFjYmMtYTM4Yy00MTU5LWFiMjItODdkZTAwZmFjNTEzZjZiNTAyZjktMjA4NS00NWM2LWEyZTItY2MyZTNjOTkzMzJl&ui_locales=en-US&mkt=en-US&client-request-id=0853e449-1dc0-4151-a384-3791d98eff72&state=nbHbKe0jqvpcsakZZoege4mEOHus22PApE_0Bje33OD4HDuXbcPxpZbXwmOCx6_YWDo25JkhTZd0tx_0WQiI8l2-PrrT7tTtZMh7e7DeCKa7DDvYXrynOxOVCZI10VtcjOvxqzV2mKX0rWjuFTOZXTf5mQON_qvdxx3oxy8U4iipZyLoH7FXSoj6u7lpYb4FQSOpbVmdlr1bjRxurBdQAN7X0ykCLbjcZ2CP8v-HK4yq5VS-i8EgC6VVxoI_OfSpn-a2Iznjinj9NUywK5dC3g&x-client-SKU=ID_NET8_0&x-client-ver=7.3.1.0Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JijcS1="ZTNiMzA5ZWEtOWU2NC00N2VkLWE3NmItM2M3NGFhZGQ5OTUyOjBhOTk3OWJlLTI5ZjktNGFlOS1hN2VhLTQwMWFmNGZlZmMxNA=="; MUID=3878C84C7013626E2E10DCF171CB |
Edit tour
chrome.exe (PID: 3608 cmdline: 
