Analysis Report http://keeplaffingwemake99383tyiwye.net/

Overview

General Information

Sample URL:	http://keeplaffingwemake99383tyiwye.net/
Analysis ID:	412519
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	68
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Yara detected HtmlPhish10

Yara detected obfuscated html page

Phishing site detected (based on logo template match)

HTML body contains low number of good links

HTML title does not match URL

Invalid 'forgot password' link found

Classification

Signatures

AV Detection:

Antivirus detection for URL or domain

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish10

Source: Yara match

File source: 965543.0.links.csv, type: HTML

Yara detected obfuscated html page

Source: Yara match

File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\______mexico_iwcbew297279929_92727297_nunueun[1].htm, type: DROPPED

Phishing site detected (based on logo template match)

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html

Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Number of links: 0
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Title: Sign in to your Microsoft account does not match URL
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Title: Sign in to your Microsoft account does not match URL

Invalid 'forgot password' link found

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Invalid link: Forgot my password
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Invalid link: Forgot my password

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: No <meta name="author".. found
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: No <meta name="author".. found

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: No <meta name="copyright".. found
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49779 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.229.221.185:443 -> 192.168.2.4:49790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.229.221.185:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.32.55.155:443 -> 192.168.2.4:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.32.55.155:443 -> 192.168.2.4:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49800 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 87.98.141.83:443 -> 192.168.2.4:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.60.216.35:443 -> 192.168.2.4:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.60.216.35:443 -> 192.168.2.4:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.42:443 -> 192.168.2.4:49811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.42:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.154.107.128:443 -> 192.168.2.4:49814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.154.107.128:443 -> 192.168.2.4:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.34:443 -> 192.168.2.4:49816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.34:443 -> 192.168.2.4:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.67:443 -> 192.168.2.4:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.67:443 -> 192.168.2.4:49820 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.114.109:443 -> 192.168.2.4:49824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.114.109:443 -> 192.168.2.4:49823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.195:443 -> 192.168.2.4:49825 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.195:443 -> 192.168.2.4:49826 version: TLS 1.2

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: keeplaffingwemake99383tyiwye.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateConnection: Keep-AliveHost: www.keeplaffingwemake99383tyiwye.net
Source: global traffic	HTTP traffic detected: GET /fs/Root/large/etwk0-new-remittance.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: mfs0.cdnsw.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/button/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/button/2.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/textbox/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/textbox/2.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/link/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/link/2.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/searchbox/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/backdrop/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/backdrop/2.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/backdrop/3.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/backdrop/4.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/buttonsgroup/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /json/site_owner/?callback=jQuery11240627140223264869_1620837913434&site=www.keeplaffingwemake99383tyiwye.net&_=1620837913435 HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.sitew.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Accept: /Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb

Source: HC9WYB3E.htm.3.dr	String found in binary or memory: <a target="_blank" class="sn" href="https://www.facebook.com/Sitew.com.Create.a.website"><span class="fonticon">F</span> equals www.facebook.com (Facebook)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: <a target="_blank" class="sn" href="https://www.linkedin.com/company/sitew"><span class="fonticon">ʅ</span> equals www.linkedin.com (Linkedin)
Source: gtm[1].js.3.dr	String found in binary or memory: "vtp_url":"https:\/\/www.facebook.com\/tr?id=272472559623550\u0026ev=Lead\u0026cd[value]=0\u0026cd[currency]=EUR", equals www.facebook.com (Facebook)
Source: gtm[1].js.3.dr	String found in binary or memory: "vtp_url":"https:\/\/www.facebook.com\/tr?id=272472559623550\u0026ev=PageView\u0026noscript=1", equals www.facebook.com (Facebook)
Source: gtm[1].js.3.dr	String found in binary or memory: "vtp_url":["template","https:\/\/www.facebook.com\/tr?id=272472559623550\u0026ev=Purchase\u0026cd[value]=",["escape",["macro",19],12],"\u0026cd[currency]=EUR"], equals www.facebook.com (Facebook)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: "sameAs": ["https://www.facebook.com/Sitew.com.Create.a.website","https://twitter.com/SiteW_com","https://www.youtube.com/user/sitew","https://www.linkedin.com/company/sitew","https://www.viadeo.com/fr/company/sitew","https://en.wikipedia.org/wiki/SiteW"], equals www.facebook.com (Facebook)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: "sameAs": ["https://www.facebook.com/Sitew.com.Create.a.website","https://twitter.com/SiteW_com","https://www.youtube.com/user/sitew","https://www.linkedin.com/company/sitew","https://www.viadeo.com/fr/company/sitew","https://en.wikipedia.org/wiki/SiteW"], equals www.linkedin.com (Linkedin)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: "sameAs": ["https://www.facebook.com/Sitew.com.Create.a.website","https://twitter.com/SiteW_com","https://www.youtube.com/user/sitew","https://www.linkedin.com/company/sitew","https://www.viadeo.com/fr/company/sitew","https://en.wikipedia.org/wiki/SiteW"], equals www.twitter.com (Twitter)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: "sameAs": ["https://www.facebook.com/Sitew.com.Create.a.website","https://twitter.com/SiteW_com","https://www.youtube.com/user/sitew","https://www.linkedin.com/company/sitew","https://www.viadeo.com/fr/company/sitew","https://en.wikipedia.org/wiki/SiteW"], equals www.youtube.com (Youtube)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: ;r='<iframe class="lg-video-object lg-youtube '+i+'" width="560" height="315" src="//www.youtube.com/embed/'+c.youtube[1]+l+'" frameborder="0" allowfullscreen></iframe>' equals www.youtube.com (Youtube)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: ;this._create_script(i,"https://www.youtube.com/iframe_api")} equals www.youtube.com (Youtube)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: ;var c='<iframe src="https://www.facebook.com/plugins/video.php?href=https%3A%2F%2Fwww.facebook.com'+e.permalink_url+"&width="+t+"&show_text=true&height="+i+'&appId" width="'+t+'" height="'+i+'" style="border:none;overflow:hidden;" scrolling="no" frameborder="0" allowTransparency="true" allowFullScreen="true"></iframe>' equals www.facebook.com (Facebook)
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: ;var c='<iframe src="https://www.facebook.com/plugins/video.php?href=https%3A%2F%2Fwww.facebook.com'+e.permalink_url+"&width="+t+"&show_text=true&height="+n+'&appId" width="'+t+'" height="'+n+'" style="border:none;overflow:hidden;" scrolling="no" frameborder="0" allowTransparency="true" allowFullScreen="true"></iframe>' equals www.facebook.com (Facebook)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: ;var n="https://www.facebook.com/plugins/page.php?"+$.param(o) equals www.facebook.com (Facebook)
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: ;var o="https://www.facebook.com/plugins/page.php?"+$.param(i) equals www.facebook.com (Facebook)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: discoveryDocs:t.discovery_docs\|\|["https://www.googleapis.com/discovery/v1/apis/calendar/v3/rest","https://www.googleapis.com/discovery/v1/apis/drive/v3/rest","https://www.googleapis.com/discovery/v1/apis/youtube/v3/rest"], equals www.youtube.com (Youtube)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: e("#lg-share-facebook").attr("href","https://www.facebook.com/sharer/sharer.php?u="+encodeURIComponent(t.getSahreProps(n,"facebookShareUrl")\|\|window.location.href)) equals www.facebook.com (Facebook)
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: window.open("https://www.facebook.com/sharer/sharer.php?u="+encodeURIComponent(site_url),"_blank","scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=600,height=500,left="+($(window).width()-600)/2+",top="+($(window).height()-500)/2) equals www.facebook.com (Facebook)
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: window.open("https://www.linkedin.com/sharing/share-offsite/?url="+site_url,"_blank","scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=600,height=500,left="+($(window).width()-600)/2+",top="+($(window).height()-500)/2) equals www.linkedin.com (Linkedin)

Source: unknown

DNS traffic detected: queries for: keeplaffingwemake99383tyiwye.net

Source: jquery.mousewheel.min[1].js.3.dr	String found in binary or memory: http://brandon.aaron.sh)
Source: font-awesome[1].css.3.dr	String found in binary or memory: http://fontawesome.io
Source: font-awesome[1].css.3.dr	String found in binary or memory: http://fontawesome.io/license
Source: mtc[1].js.3.dr	String found in binary or memory: http://j.hn)
Source: mtc[1].js.3.dr	String found in binary or memory: http://j.hn/)
Source: mtc[1].js.3.dr	String found in binary or memory: http://mediaelementjs.com/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://sachinchoolur.github.io/lightGallery/demos/html-markup.html
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://schema.org
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: http://schema.org/
Source: 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g[1].ttf.3.dr, NaPecZTIAOhVxoMyOr9n_E7fdMPmCA[1].ttf.3.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jow[1].ttf.3.dr	String found in binary or memory: http://scripts.sil.org/OFLWeightRomanItalic
Source: webfont[1].js.3.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/265cgilogon.s3.us-east.cloud-obje
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/2Root
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/2om/ilogon.s3.us-east.cloud-obje
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/2remittnce
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/2wemake99383tyiwye.net/Root
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/Root
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/TMEOW
Source: imagestore.dat.3.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/favicon.ico
Source: imagestore.dat.3.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/favicon.ico~
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/fb.jpg?t=1620830584
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/z
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://www.pinterest.com/pin/create/button/?url=
Source: imagestore.dat.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Source: imagestore.dat.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
Source: imagestore.dat.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
Source: gtm[1].js.3.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://api.dmcdn.net/all.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://apis.google.com/js/platform.js
Source: f[1].txt.3.dr	String found in binary or memory: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Source: gtm[1].js.3.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://connect.facebook.net/en_US/all.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://connect.soundcloud.com/sdk.js
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://de.sitew.com/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://drive.google.com/thumbnail?authuser=0&id=
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://es.sitew.com/
Source: mtc[1].js.3.dr	String found in binary or memory: https://f.vimeocdn.com/js/froogaloop2.min.js
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Montserrat:ital
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZFgrD-w.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZOg3D-w.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZcgvD-w.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm459Wxhzg.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC7g4.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF7g4.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE7g4.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm45xW4.ttf)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDQ.woff)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7j.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18I.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18I.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdo.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdo.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xQ.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzZQ.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzZQ.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPFcZTIAOhVxoMyOr9n_E7fdMbepI5DYZya.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPFcZTIAOhVxoMyOr9n_E7fdMbetIlDYZya.woff)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPecZTIAOhVxoMyOr9n_E7fdMPmCA.ttf)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPecZTIAOhVxoMyOr9n_E7fdMPmCw.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGU3ms5pIfe.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGUOWw5pIfe.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGUgGs5pIfe.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoA.woff)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jow.ttf)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoA.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32KxfXBi8JoA.woff)
Source: QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jow[1].ttf.3.dr	String found in binary or memory: https://github.com/weiweihuanghuang/Work-Sans)Work
Source: ae-v3.2[1].js.3.dr	String found in binary or memory: https://lb.affilae.com
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://maps.google.com/?q=Paris
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://maps.google.com/maps?daddr=
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/app/bundles/CoreBundle/Assets/js/libraries/2.jquery.js
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/dwc/slotNamePlaceholder
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/form/embed/
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/form/submit/ajax?formId=
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/media/css/mediaelementplayer.min.css
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/media/js/mautic-form.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://mfs0.cdnsw.com
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/Root
Source: ~DFE49EA245F4FFB57B.TMP.1.dr, TXMZ4AWB.htm.3.dr	String found in binary or memory: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com/
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr, TXMZ4AWB.htm.3.dr	String found in binary or memory: https://platform.twitter.com/embed/index.html?
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://player.twitch.tv/js/embed/v1.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://player.vimeo.com/api/player.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://plus.google.com/share?url=
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ra0.cdnsw.com/cc0/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ra0.cdnsw.com/site_logos/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://rb.bp.cdnsw.com
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://schema.org
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/editor_icons/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/editor_icons/design_panel/gt_icon_
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/flags_lang/en.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/animation_en.mp4
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/browser_multiBloc.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/clients/home-typo-clients-asso.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/clients/home-typo-clients-indiv.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/clients/home-typo-clients-institution.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/clients/home-typo-clients-pro.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-accompagnement-efficace.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-accompagnement-humains.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-accompagnement-rapide.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-engagements-illu.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-fonctionnalites-photo.png
Source: HC9WYB3E.htm.3.dr, en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-google-argent.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-google-creativite.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-google-serein.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-google-simple.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-green-illu.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-1-accompagnement.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-1-intuitif.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-1-rapidite.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-2-anniversaire.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-2-gratuit.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-2-sites.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/mascotte_pos_1_s2.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/numberBackgroundArrow.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_background_front3.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_blog.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_email.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_ndd.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_store.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_vitrine.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/reassurance-photo-fanny.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/reinssurance_trustpilot.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/support_team.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_asso_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_blog_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_institution_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_perso_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_portfolio_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_pro_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/en/browser_1.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/en/person_1_mobile.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/leaf_1.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/leaf_2.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/leaf_3.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/leaf_4.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/person_2.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/logos/2021_square.svg
Source: HC9WYB3E.htm.3.dr, TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/logos/2021_wide.svg
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/ntnw5.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/12_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/12_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/21_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/21_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/24_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/24_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/27_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/27_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/28_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/28_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/29_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/29_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/31_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/31_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/32_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/32_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/33_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/33_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/38_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/38_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/45_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/45_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/49_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/49_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/4_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/4_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/50_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/50_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/51_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/51_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/52_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/52_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/53_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/53_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/54_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/54_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/about.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/apis.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/blog.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/contact.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/faq.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/features.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/help_center.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/news.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/press.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/review.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/templates.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/work.png
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://st0.bp.cdnsw.com
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://st0.bp.cdnsw.com/assets/loadingAnimation-2633500e0e4d17aeb2207ae274b71ca8.gif
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-bold-13ecf8e363c8931c26fd0293ace721ff.woff
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-bold-ac29cc5f7f52afedb005f9e0f4bf616b.woff2
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-extrabold-3e6195e4601e83e8af2d30ec96832330.woff2
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-extrabold-75ff75de39edface89e23ac94b5cc0e4.woff
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-medium-31b466a996548760e5ed85b12e182bc9.woff2
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-medium-efd2197a6d1a674e9d4a876cbac69785.woff
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-regular-2574ec89d9fd02ee8503459b281d2e80.woff2
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-regular-f1ecb849891a09cae3f3d560b7ed2e08.woff
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/icons/flags/de-ba3b57e12f3d6ff8ca5bd5b7e8900e04.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/icons/flags/es-a364c12c10093399dcb38f0a8989cc61.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/icons/flags/fr-51dfbf8dee8670e6c6170f392d571b45.svg
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/precompile/cpts/common/icons-7d2d8846fab8b0d98519a12a90295eb6.css
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/precompile/en-landing-ec980e52dfd088a76959023999079f96.js
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/precompile/landing-eb0fec1eb5b22a2adda6f271bc920201.css
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://st0.cdnsw.com/images/blog/editor_icons/edit_image.svg
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://st0.cdnsw.com/images/blog/editor_icons/edit_text.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/logo/MtxgY0xq7ZaF%7CDUvJtZIe53rcKjBFj1eQJPNWVo5Jw754tHoCVffmfcn4wJuaxIE.png
Source: analytics[1].js.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: f[1].txt.3.dr, analytics[1].js.3.dr	String found in binary or memory: https://tagassistant.google.com/
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://twitter.com/SiteW_com
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://twitter.com/intent/tweet?text=
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://twitter.com/intent/tweet?url=
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://unpkg.com/dropbox/dist/Dropbox-sdk.min.js
Source: webfont[1].js.3.dr	String found in binary or memory: https://use.typekit.net
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://w.soundcloud.com/player/api.js
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.en.sitew.c
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.en.sitew.com
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.en.sitew.com#uca=
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.en.sitew.com/
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.en.sitew.com/Create-showcase-page
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.en.sitew.com/Starting-a-blog
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.en.sitew.com/Starting-an-online-business
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: https://www.en.sitew.com/ilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew2
Source: imagestore.dat.3.dr	String found in binary or memory: https://www.en.sitew.com/images/blog/favicon/favicon-32x32.png?3
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: https://www.en.sitew.com/tCreate
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com/pagead/conversion_async.js
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=6LcLSHkUAAAAAFqal39Kv63hluXO8c8P9pPj1Kw4
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=explicit
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.googleapis.com/discovery/v1/apis/calendar/v3/rest
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.googleapis.com/discovery/v1/apis/drive/v3/rest
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.googleapis.com/discovery/v1/apis/youtube/v3/rest
Source: gtm[1].js.3.dr, f[1].txt.3.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.instagram.com/p/
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.linkedin.com/company/sitew
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.linkedin.com/sharing/share-offsite/?url=
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.pinterest.fr/pin/create/link/?url=
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.sitew.com
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.sitew.com/#fr
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.sitew.com/Inscription-pour-creer-un-site
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.sitew.com/Sign-in-to-edit-my-website
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.sitew.com/Sign-up-to-create-a-website
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr, TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.sitew.com/file/check_pixabay/
Source: ~DFE49EA245F4FFB57B.TMP.1.dr, HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.sitew.com/log/save_session?split=iH1lO3nn22XnmA
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: https://www.sitew.com/log/save_session?split=iH1lO3nn22XnmA%7CGd3gbyVWnBgnQWGZkhl4dy40muLDCWPWhI
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49779 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.229.221.185:443 -> 192.168.2.4:49790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.229.221.185:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.32.55.155:443 -> 192.168.2.4:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.32.55.155:443 -> 192.168.2.4:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49800 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 87.98.141.83:443 -> 192.168.2.4:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.60.216.35:443 -> 192.168.2.4:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.60.216.35:443 -> 192.168.2.4:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.42:443 -> 192.168.2.4:49811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.42:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.154.107.128:443 -> 192.168.2.4:49814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.154.107.128:443 -> 192.168.2.4:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.34:443 -> 192.168.2.4:49816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.34:443 -> 192.168.2.4:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.67:443 -> 192.168.2.4:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.67:443 -> 192.168.2.4:49820 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.114.109:443 -> 192.168.2.4:49824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.114.109:443 -> 192.168.2.4:49823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.195:443 -> 192.168.2.4:49825 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.195:443 -> 192.168.2.4:49826 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@3/211@26/16

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{69FDE9A3-B341-11EB-90EB-ECF4BBEA1588}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF3A32BAC37590D272.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6396 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6396 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.184.195	www.google.de	United States	15169	GOOGLEUS	false
142.250.186.34	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.186.67	www.google.ch	United States	15169	GOOGLEUS	false
46.105.199.115	st0.cdnsw.com	France	16276	OVHFR	false
64.233.167.157	stats.l.doubleclick.net	United States	15169	GOOGLEUS	false
87.98.141.83	www.sitew.com	France	16276	OVHFR	false
151.101.114.109	vimeo-video.map.fastly.net	United States	54113	FASTLYUS	false
188.165.33.133	ssl.sitew.org	France	16276	OVHFR	false
13.225.74.42	d1r3aid9v9xqmp.cloudfront.net	United States	16509	AMAZON-02US	false
185.60.216.35	star-mini.c10r.facebook.com	Ireland	32934	FACEBOOKUS	false
178.32.55.155	keeplaffingwemake99383tyiwye.net	France	16276	OVHFR	false
169.63.118.98	s3.us-east.cloud-object-storage.appdomain.cloud	United States	36351	SOFTLAYERUS	false
192.229.221.185	cs1227.wpc.alphacdn.net	United States	15133	EDGECASTUS	false
195.154.107.128	mautic.pikock.com	France	12876	OnlineSASFR	false
152.199.23.37	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false
104.16.18.94	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Contacted Domains

Name	IP	Active
star-mini.c10r.facebook.com	185.60.216.35	true
www.google.de	142.250.184.195	true
d1r3aid9v9xqmp.cloudfront.net	13.225.74.42	true
cs1100.wpc.omegacdn.net	152.199.23.37	true
ssl.sitew.org	188.165.33.133	true
stats.l.doubleclick.net	64.233.167.157	true
rb.bp.cdnsw.com	188.165.156.234	true
www.sitew.com	87.98.141.83	true
st0.cdnsw.com	46.105.199.115	true
mautic.pikock.com	195.154.107.128	true
keeplaffingwemake99383tyiwye.net	178.32.55.155	true
s3.us-east.cloud-object-storage.appdomain.cloud	169.63.118.98	true
st0.bp.cdnsw.com	188.165.33.133	true
mfs0.cdnsw.com	46.105.199.115	true
www.en.sitew.com	178.32.55.155	true
googleads.g.doubleclick.net	142.250.186.34	true
cdnjs.cloudflare.com	104.16.18.94	true
cs1227.wpc.alphacdn.net	192.229.221.185	true
www.keeplaffingwemake99383tyiwye.net	178.32.55.155	true
www.google.ch	142.250.186.67	true
vimeo-video.map.fastly.net	151.101.114.109	true
logincdn.msauth.net	unknown	unknown
www.facebook.com	unknown	unknown
static.affilae.com	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
stats.g.doubleclick.net	unknown	unknown
code.jquery.com	unknown	unknown
f.vimeocdn.com	unknown	unknown
outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://www.keeplaffingwemake99383tyiwye.net/	false		unknown
http://keeplaffingwemake99383tyiwye.net/	false		unknown
http://mfs0.cdnsw.com/fs/Root/large/etwk0-new-remittance.png	false	Avira URL Cloud: safe	unknown
http://www.sitew.com/json/site_owner/?callback=jQuery11240627140223264869_1620837913434&site=www.keeplaffingwemake99383tyiwye.net&_=1620837913435	false		high
http://www.keeplaffingwemake99383tyiwye.net/assets/precompile/gt/button/1.css?clearcache=5	false	Avira URL Cloud: safe	unknown
https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown
http://www.keeplaffingwemake99383tyiwye.net/assets/precompile/gt/button/2.css?clearcache=5	false	Avira URL Cloud: safe	unknown
http://www.keeplaffingwemake99383tyiwye.net/assets/precompile/gt/link/1.css?clearcache=5	false	Avira URL Cloud: safe	unknown

AV Detection:

Antivirus detection for URL or domain

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish10

Source: Yara match

File source: 965543.0.links.csv, type: HTML

Yara detected obfuscated html page

Source: Yara match

File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\______mexico_iwcbew297279929_92727297_nunueun[1].htm, type: DROPPED

Phishing site detected (based on logo template match)

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html

Matcher: Template: microsoft matched

HTML body contains low number of good links

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Number of links: 0
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Title: Sign in to your Microsoft account does not match URL
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Title: Sign in to your Microsoft account does not match URL

Invalid 'forgot password' link found

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Invalid link: Forgot my password
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: Invalid link: Forgot my password

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: No <meta name="author".. found
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: No <meta name="author".. found

Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: No <meta name="copyright".. found
Source: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew297279929_92727297_nunueun.html	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49779 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.229.221.185:443 -> 192.168.2.4:49790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.229.221.185:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.32.55.155:443 -> 192.168.2.4:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.32.55.155:443 -> 192.168.2.4:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49800 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 87.98.141.83:443 -> 192.168.2.4:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.60.216.35:443 -> 192.168.2.4:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.60.216.35:443 -> 192.168.2.4:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.42:443 -> 192.168.2.4:49811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.42:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.154.107.128:443 -> 192.168.2.4:49814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.154.107.128:443 -> 192.168.2.4:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.34:443 -> 192.168.2.4:49816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.34:443 -> 192.168.2.4:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.67:443 -> 192.168.2.4:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.67:443 -> 192.168.2.4:49820 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.114.109:443 -> 192.168.2.4:49824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.114.109:443 -> 192.168.2.4:49823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.195:443 -> 192.168.2.4:49825 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.195:443 -> 192.168.2.4:49826 version: TLS 1.2

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: keeplaffingwemake99383tyiwye.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateConnection: Keep-AliveHost: www.keeplaffingwemake99383tyiwye.net
Source: global traffic	HTTP traffic detected: GET /fs/Root/large/etwk0-new-remittance.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: mfs0.cdnsw.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/button/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/button/2.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/textbox/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/textbox/2.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/link/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/link/2.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/searchbox/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/backdrop/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/backdrop/2.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/backdrop/3.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/backdrop/4.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /assets/precompile/gt/buttonsgroup/1.css?clearcache=5 HTTP/1.1Accept: text/plain, /; q=0.01X-CSRF-Token: 7Q4BI7bXbaq0VIZkh3ISn8EhYAuwZ0dSkI0DGI8w/hhbbmC9S7Ep6x8ViFXTOGqu+P7p1aXPSs+fk/GJYVIzVw==X-Requested-With: XMLHttpRequestReferer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb
Source: global traffic	HTTP traffic detected: GET /json/site_owner/?callback=jQuery11240627140223264869_1620837913434&site=www.keeplaffingwemake99383tyiwye.net&_=1620837913435 HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://www.keeplaffingwemake99383tyiwye.net/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.sitew.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Accept: /Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.keeplaffingwemake99383tyiwye.netConnection: Keep-AliveCookie: _sw_session=bEtrdHZRRU1zMXB2aW5hUjZtMFdkL3FDU0NxdnRpL2M5T0FFcDVSNmdNYmNLOXFmeWc3UEs2dHBER2tXWTNyYnN1bFVyRkM5SUVEV0FuVGVJYUVuWXBWcmttalVIektPQkFBL3gxTG9jUEk3UHk4cjdFL2xYektnOWhwWkM2ZEJOTytMaXZzRFUyRlJseWdDenk0dy9VcWJiVVNQMWs4WDZFN0RoNmszZjd3MENYZzlROHF3TVJhV21JTy9sSWpNd3ExYzczbE5lb1hROS9WejlQaXNKUW1CVVhxNFlqTW1XV09LcGlTeU5WNkh4dXNWbzJOOC9Ea3JGVVQ1M29zZGpHZ2RnbGZYSENRVlJRaWNpLzkwY25GUFB1VUptUzhyZEVKNjc2eTE4eWM9LS1KeXVKTmhwOXV4UTBtVG93Vm02LzNRPT0%3D--2a136187d49a2b59a086f9a8b85a9474a1146ceb

Source: HC9WYB3E.htm.3.dr	String found in binary or memory: <a target="_blank" class="sn" href="https://www.facebook.com/Sitew.com.Create.a.website"><span class="fonticon">F</span> equals www.facebook.com (Facebook)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: <a target="_blank" class="sn" href="https://www.linkedin.com/company/sitew"><span class="fonticon">ʅ</span> equals www.linkedin.com (Linkedin)
Source: gtm[1].js.3.dr	String found in binary or memory: "vtp_url":"https:\/\/www.facebook.com\/tr?id=272472559623550\u0026ev=Lead\u0026cd[value]=0\u0026cd[currency]=EUR", equals www.facebook.com (Facebook)
Source: gtm[1].js.3.dr	String found in binary or memory: "vtp_url":"https:\/\/www.facebook.com\/tr?id=272472559623550\u0026ev=PageView\u0026noscript=1", equals www.facebook.com (Facebook)
Source: gtm[1].js.3.dr	String found in binary or memory: "vtp_url":["template","https:\/\/www.facebook.com\/tr?id=272472559623550\u0026ev=Purchase\u0026cd[value]=",["escape",["macro",19],12],"\u0026cd[currency]=EUR"], equals www.facebook.com (Facebook)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: "sameAs": ["https://www.facebook.com/Sitew.com.Create.a.website","https://twitter.com/SiteW_com","https://www.youtube.com/user/sitew","https://www.linkedin.com/company/sitew","https://www.viadeo.com/fr/company/sitew","https://en.wikipedia.org/wiki/SiteW"], equals www.facebook.com (Facebook)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: "sameAs": ["https://www.facebook.com/Sitew.com.Create.a.website","https://twitter.com/SiteW_com","https://www.youtube.com/user/sitew","https://www.linkedin.com/company/sitew","https://www.viadeo.com/fr/company/sitew","https://en.wikipedia.org/wiki/SiteW"], equals www.linkedin.com (Linkedin)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: "sameAs": ["https://www.facebook.com/Sitew.com.Create.a.website","https://twitter.com/SiteW_com","https://www.youtube.com/user/sitew","https://www.linkedin.com/company/sitew","https://www.viadeo.com/fr/company/sitew","https://en.wikipedia.org/wiki/SiteW"], equals www.twitter.com (Twitter)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: "sameAs": ["https://www.facebook.com/Sitew.com.Create.a.website","https://twitter.com/SiteW_com","https://www.youtube.com/user/sitew","https://www.linkedin.com/company/sitew","https://www.viadeo.com/fr/company/sitew","https://en.wikipedia.org/wiki/SiteW"], equals www.youtube.com (Youtube)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: ;r='<iframe class="lg-video-object lg-youtube '+i+'" width="560" height="315" src="//www.youtube.com/embed/'+c.youtube[1]+l+'" frameborder="0" allowfullscreen></iframe>' equals www.youtube.com (Youtube)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: ;this._create_script(i,"https://www.youtube.com/iframe_api")} equals www.youtube.com (Youtube)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: ;var c='<iframe src="https://www.facebook.com/plugins/video.php?href=https%3A%2F%2Fwww.facebook.com'+e.permalink_url+"&width="+t+"&show_text=true&height="+i+'&appId" width="'+t+'" height="'+i+'" style="border:none;overflow:hidden;" scrolling="no" frameborder="0" allowTransparency="true" allowFullScreen="true"></iframe>' equals www.facebook.com (Facebook)
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: ;var c='<iframe src="https://www.facebook.com/plugins/video.php?href=https%3A%2F%2Fwww.facebook.com'+e.permalink_url+"&width="+t+"&show_text=true&height="+n+'&appId" width="'+t+'" height="'+n+'" style="border:none;overflow:hidden;" scrolling="no" frameborder="0" allowTransparency="true" allowFullScreen="true"></iframe>' equals www.facebook.com (Facebook)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: ;var n="https://www.facebook.com/plugins/page.php?"+$.param(o) equals www.facebook.com (Facebook)
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: ;var o="https://www.facebook.com/plugins/page.php?"+$.param(i) equals www.facebook.com (Facebook)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: discoveryDocs:t.discovery_docs\|\|["https://www.googleapis.com/discovery/v1/apis/calendar/v3/rest","https://www.googleapis.com/discovery/v1/apis/drive/v3/rest","https://www.googleapis.com/discovery/v1/apis/youtube/v3/rest"], equals www.youtube.com (Youtube)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: e("#lg-share-facebook").attr("href","https://www.facebook.com/sharer/sharer.php?u="+encodeURIComponent(t.getSahreProps(n,"facebookShareUrl")\|\|window.location.href)) equals www.facebook.com (Facebook)
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: window.open("https://www.facebook.com/sharer/sharer.php?u="+encodeURIComponent(site_url),"_blank","scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=600,height=500,left="+($(window).width()-600)/2+",top="+($(window).height()-500)/2) equals www.facebook.com (Facebook)
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: window.open("https://www.linkedin.com/sharing/share-offsite/?url="+site_url,"_blank","scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=600,height=500,left="+($(window).width()-600)/2+",top="+($(window).height()-500)/2) equals www.linkedin.com (Linkedin)

Source: unknown

DNS traffic detected: queries for: keeplaffingwemake99383tyiwye.net

Source: jquery.mousewheel.min[1].js.3.dr	String found in binary or memory: http://brandon.aaron.sh)
Source: font-awesome[1].css.3.dr	String found in binary or memory: http://fontawesome.io
Source: font-awesome[1].css.3.dr	String found in binary or memory: http://fontawesome.io/license
Source: mtc[1].js.3.dr	String found in binary or memory: http://j.hn)
Source: mtc[1].js.3.dr	String found in binary or memory: http://j.hn/)
Source: mtc[1].js.3.dr	String found in binary or memory: http://mediaelementjs.com/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://sachinchoolur.github.io/lightGallery/demos/html-markup.html
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://schema.org
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: http://schema.org/
Source: 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g[1].ttf.3.dr, NaPecZTIAOhVxoMyOr9n_E7fdMPmCA[1].ttf.3.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jow[1].ttf.3.dr	String found in binary or memory: http://scripts.sil.org/OFLWeightRomanItalic
Source: webfont[1].js.3.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/265cgilogon.s3.us-east.cloud-obje
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/2Root
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/2om/ilogon.s3.us-east.cloud-obje
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/2remittnce
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/2wemake99383tyiwye.net/Root
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/Root
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/TMEOW
Source: imagestore.dat.3.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/favicon.ico
Source: imagestore.dat.3.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/favicon.ico~
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/fb.jpg?t=1620830584
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: http://www.keeplaffingwemake99383tyiwye.net/z
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: http://www.pinterest.com/pin/create/button/?url=
Source: imagestore.dat.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Source: imagestore.dat.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
Source: imagestore.dat.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
Source: gtm[1].js.3.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://api.dmcdn.net/all.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://apis.google.com/js/platform.js
Source: f[1].txt.3.dr	String found in binary or memory: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Source: gtm[1].js.3.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://connect.facebook.net/en_US/all.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://connect.soundcloud.com/sdk.js
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://de.sitew.com/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://drive.google.com/thumbnail?authuser=0&id=
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://es.sitew.com/
Source: mtc[1].js.3.dr	String found in binary or memory: https://f.vimeocdn.com/js/froogaloop2.min.js
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Montserrat:ital
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZFgrD-w.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZOg3D-w.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZcgvD-w.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm459Wxhzg.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC7g4.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF7g4.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE7g4.ttf)
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm45xW4.ttf)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDQ.woff)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7j.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18I.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18I.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdo.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdo.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xQ.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzZQ.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzZQ.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPFcZTIAOhVxoMyOr9n_E7fdMbepI5DYZya.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPFcZTIAOhVxoMyOr9n_E7fdMbetIlDYZya.woff)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPecZTIAOhVxoMyOr9n_E7fdMPmCA.ttf)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/titilliumweb/v9/NaPecZTIAOhVxoMyOr9n_E7fdMPmCw.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGU3ms5pIfe.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGUOWw5pIfe.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGUgGs5pIfe.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoA.woff)
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jow.ttf)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoA.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32KxfXBi8JoA.woff)
Source: QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jow[1].ttf.3.dr	String found in binary or memory: https://github.com/weiweihuanghuang/Work-Sans)Work
Source: ae-v3.2[1].js.3.dr	String found in binary or memory: https://lb.affilae.com
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://maps.google.com/?q=Paris
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://maps.google.com/maps?daddr=
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/app/bundles/CoreBundle/Assets/js/libraries/2.jquery.js
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/dwc/slotNamePlaceholder
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/form/embed/
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/form/submit/ajax?formId=
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/media/css/mediaelementplayer.min.css
Source: mtc[1].js.3.dr	String found in binary or memory: https://mautic.pikock.com/media/js/mautic-form.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://mfs0.cdnsw.com
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/Root
Source: ~DFE49EA245F4FFB57B.TMP.1.dr, TXMZ4AWB.htm.3.dr	String found in binary or memory: https://outlook0ffice365cgilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com/
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr, TXMZ4AWB.htm.3.dr	String found in binary or memory: https://platform.twitter.com/embed/index.html?
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://player.twitch.tv/js/embed/v1.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://player.vimeo.com/api/player.js
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://plus.google.com/share?url=
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ra0.cdnsw.com/cc0/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ra0.cdnsw.com/site_logos/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://rb.bp.cdnsw.com
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://schema.org
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/editor_icons/
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/editor_icons/design_panel/gt_icon_
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/flags_lang/en.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/animation_en.mp4
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/browser_multiBloc.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/clients/home-typo-clients-asso.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/clients/home-typo-clients-indiv.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/clients/home-typo-clients-institution.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/clients/home-typo-clients-pro.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-accompagnement-efficace.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-accompagnement-humains.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-accompagnement-rapide.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-engagements-illu.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-fonctionnalites-photo.png
Source: HC9WYB3E.htm.3.dr, en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-google-argent.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-google-creativite.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-google-serein.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-google-simple.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-green-illu.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-1-accompagnement.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-1-intuitif.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-1-rapidite.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-2-anniversaire.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-2-gratuit.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/home-reassurance-2-sites.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/mascotte_pos_1_s2.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/numberBackgroundArrow.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_background_front3.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_blog.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_email.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_ndd.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_store.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/product_vitrine.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/reassurance-photo-fanny.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/reinssurance_trustpilot.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/support_team.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_asso_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_blog_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_institution_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_perso_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_portfolio_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/templates/picto_site_pro_home_sitew.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/en/browser_1.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/en/person_1_mobile.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/leaf_1.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/leaf_2.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/leaf_3.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/leaf_4.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/landing/2021/top/fr/person_2.webp
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/logos/2021_square.svg
Source: HC9WYB3E.htm.3.dr, TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/logos/2021_wide.svg
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/ntnw5.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/12_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/12_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/21_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/21_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/24_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/24_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/27_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/27_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/28_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/28_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/29_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/29_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/31_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/31_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/32_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/32_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/33_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/33_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/38_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/38_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/45_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/45_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/49_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/49_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/4_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/4_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/50_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/50_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/51_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/51_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/52_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/52_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/53_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/53_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/54_desktop.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/templates/v2/54_mobile.jpg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/about.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/apis.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/blog.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/contact.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/faq.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/features.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/help_center.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/news.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/press.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/review.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/templates.png
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://ssl.sitew.org/images/blog/welcome/icons_menu/2021/work.png
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://st0.bp.cdnsw.com
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://st0.bp.cdnsw.com/assets/loadingAnimation-2633500e0e4d17aeb2207ae274b71ca8.gif
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-bold-13ecf8e363c8931c26fd0293ace721ff.woff
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-bold-ac29cc5f7f52afedb005f9e0f4bf616b.woff2
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-extrabold-3e6195e4601e83e8af2d30ec96832330.woff2
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-extrabold-75ff75de39edface89e23ac94b5cc0e4.woff
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-medium-31b466a996548760e5ed85b12e182bc9.woff2
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-medium-efd2197a6d1a674e9d4a876cbac69785.woff
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-regular-2574ec89d9fd02ee8503459b281d2e80.woff2
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/gilroy/gilroy-regular-f1ecb849891a09cae3f3d560b7ed2e08.woff
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/icons/flags/de-ba3b57e12f3d6ff8ca5bd5b7e8900e04.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/icons/flags/es-a364c12c10093399dcb38f0a8989cc61.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/icons/flags/fr-51dfbf8dee8670e6c6170f392d571b45.svg
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/precompile/cpts/common/icons-7d2d8846fab8b0d98519a12a90295eb6.css
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/precompile/en-landing-ec980e52dfd088a76959023999079f96.js
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/assets/precompile/landing-eb0fec1eb5b22a2adda6f271bc920201.css
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://st0.cdnsw.com/images/blog/editor_icons/edit_image.svg
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://st0.cdnsw.com/images/blog/editor_icons/edit_text.svg
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://st0.cdnsw.com/logo/MtxgY0xq7ZaF%7CDUvJtZIe53rcKjBFj1eQJPNWVo5Jw754tHoCVffmfcn4wJuaxIE.png
Source: analytics[1].js.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: f[1].txt.3.dr, analytics[1].js.3.dr	String found in binary or memory: https://tagassistant.google.com/
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://twitter.com/SiteW_com
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://twitter.com/intent/tweet?text=
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://twitter.com/intent/tweet?url=
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://unpkg.com/dropbox/dist/Dropbox-sdk.min.js
Source: webfont[1].js.3.dr	String found in binary or memory: https://use.typekit.net
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://w.soundcloud.com/player/api.js
Source: {69FDE9A5-B341-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.en.sitew.c
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.en.sitew.com
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.en.sitew.com#uca=
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.en.sitew.com/
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.en.sitew.com/Create-showcase-page
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.en.sitew.com/Starting-a-blog
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.en.sitew.com/Starting-an-online-business
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: https://www.en.sitew.com/ilogon.s3.us-east.cloud-object-storage.appdomain.cloud/______mexico_iwcbew2
Source: imagestore.dat.3.dr	String found in binary or memory: https://www.en.sitew.com/images/blog/favicon/favicon-32x32.png?3
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: https://www.en.sitew.com/tCreate
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com/pagead/conversion_async.js
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=6LcLSHkUAAAAAFqal39Kv63hluXO8c8P9pPj1Kw4
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=explicit
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.googleapis.com/discovery/v1/apis/calendar/v3/rest
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.googleapis.com/discovery/v1/apis/drive/v3/rest
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.googleapis.com/discovery/v1/apis/youtube/v3/rest
Source: gtm[1].js.3.dr, f[1].txt.3.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.instagram.com/p/
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.linkedin.com/company/sitew
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.linkedin.com/sharing/share-offsite/?url=
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.pinterest.fr/pin/create/link/?url=
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.sitew.com
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.sitew.com/#fr
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr	String found in binary or memory: https://www.sitew.com/Inscription-pour-creer-un-site
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.sitew.com/Sign-in-to-edit-my-website
Source: HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.sitew.com/Sign-up-to-create-a-website
Source: en-landing-ec980e52dfd088a76959023999079f96[1].js.3.dr, TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.sitew.com/file/check_pixabay/
Source: ~DFE49EA245F4FFB57B.TMP.1.dr, HC9WYB3E.htm.3.dr	String found in binary or memory: https://www.sitew.com/log/save_session?split=iH1lO3nn22XnmA
Source: ~DFE49EA245F4FFB57B.TMP.1.dr	String found in binary or memory: https://www.sitew.com/log/save_session?split=iH1lO3nn22XnmA%7CGd3gbyVWnBgnQWGZkhl4dy40muLDCWPWhI
Source: TXMZ4AWB.htm.3.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.165.33.133:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49779 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.229.221.185:443 -> 192.168.2.4:49790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.229.221.185:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.32.55.155:443 -> 192.168.2.4:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.32.55.155:443 -> 192.168.2.4:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49800 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.105.199.115:443 -> 192.168.2.4:49799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 87.98.141.83:443 -> 192.168.2.4:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.60.216.35:443 -> 192.168.2.4:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.60.216.35:443 -> 192.168.2.4:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.42:443 -> 192.168.2.4:49811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.42:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.154.107.128:443 -> 192.168.2.4:49814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.154.107.128:443 -> 192.168.2.4:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.34:443 -> 192.168.2.4:49816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.34:443 -> 192.168.2.4:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.67:443 -> 192.168.2.4:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.67:443 -> 192.168.2.4:49820 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.114.109:443 -> 192.168.2.4:49824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.114.109:443 -> 192.168.2.4:49823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.195:443 -> 192.168.2.4:49825 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.195:443 -> 192.168.2.4:49826 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@3/211@26/16

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{69FDE9A3-B341-11EB-90EB-ECF4BBEA1588}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF3A32BAC37590D272.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6396 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6396 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

ID:	412519
Product:	CloudBasic
Start time:	18:44:22
Start date:	12.05.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Analysis Report http://keeplaffingwemake99383tyiwye.net/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs