Source: unknown |
HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.5:49732 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.5:49733 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.5:49744 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.5:49757 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49775 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49789 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49788 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.222.236.23:443 -> 192.168.2.5:49791 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49794 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49795 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49796 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49799 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49801 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49802 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49803 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49804 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49805 version: TLS 1.2 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BEDBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose, |
0_2_00BEDBBE |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BBC2A2 FindFirstFileExW, |
0_2_00BBC2A2 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BF68EE FindFirstFileW,FindClose, |
0_2_00BF68EE |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BF698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime, |
0_2_00BF698F |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BED076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose, |
0_2_00BED076 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BED3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose, |
0_2_00BED3A9 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BF9642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose, |
0_2_00BF9642 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BF979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose, |
0_2_00BF979D |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BF9B2B FindFirstFileW,Sleep,FindNextFileW,FindClose, |
0_2_00BF9B2B |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00BF5C97 FindFirstFileW,FindNextFileW,FindClose, |
0_2_00BF5C97 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.31.69 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.31.69 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.31.69 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.126.31.69 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.250.65.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.250.65.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.250.65.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.250.65.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.250.65.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.250.65.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 142.251.40.174 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.18.97.153 |
Source: global traffic |
HTTP traffic detected: GET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1Host: api.edgeoffer.microsoft.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=403473328×tamp=1725539476166 HTTP/1.1Host: accounts.youtube.comConnection: keep-alivesec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /assets/product_category_en/1.0.0/asset?assetgroup=ProductCategories HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ProductCategoriesSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1726144273&P2=404&P3=2&P4=gRzw0TlO28v3xn3M7ZJhhK0eBAMU0JhFJIg7WN8JZ5MTymrQli7NI%2bsdHZx608dhOnKfPCyJKrT9LBIEthiwCg%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: 3Al34tMPCy06pq6FBnsh7ySec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic |
HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=hdKrGKVxsOrhn2G&MD=bUKt+RBK HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=hdKrGKVxsOrhn2G&MD=bUKt+RBK HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic |
HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic |
HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic |
HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic |
HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic |
HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic |
HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: "url": "https://www.facebook.com/", equals www.facebook.com (Facebook) |
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: "url": "https://www.youtube.com/", equals www.youtube.com (Youtube) |
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.facebook.com (Facebook) |
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.twitter.com (Twitter) |
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.youtube.com (Youtube) |
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr |
String found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube) |
Source: 000003.log7.8.dr |
String found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook) |
Source: 000003.log7.8.dr |
String found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin) |
Source: 000003.log7.8.dr |
String found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube) |
Source: firefox.exe, 00000005.00000003.2951636377.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2291354489.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788760828.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: -l10n-id="newtab-menu-content-tooltip" data-l10n-args="{"title":"Wikipedia"}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.reddit.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="R"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/reddit-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Reddit<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{"title":"Reddit"}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" href="https://twitter.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="T"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/twitter-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Twitter<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{"title":"Twitter"}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li></ul><div class="edit-topsites-wrapper"> |