Source: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1 |
SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
SlashNext: Label: Fake Login Page type: Phishing & Social Engineering |
Source: Yara match |
File source: 60060.pages.csv, type: HTML |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
Matcher: Found strong image similarity, brand: Microsoft image: 60060.img.1.gfk.csv EF884BDEDEF280DF97A4C5604058D8DB |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
Matcher: Template: microsoft matched |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html |
Source: https://www.paperturn.com/login |
HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html |
Source: https://www.paperturn.com/login |
HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: Number of links: 0 |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: Number of links: 0 |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: Title: Flipbook: 10 reasons to convert your PDF into a flipbook does not match URL |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: Title: Flipbook: 10 reasons to convert your PDF into a flipbook does not match URL |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: Title: Sharing Link Validation does not match URL |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: Title: Sharing Link Validation does not match URL |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: Title: Flipbook: 10 reasons to convert your PDF into a flipbook does not match URL |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: Title: Flipbook: 10 reasons to convert your PDF into a flipbook does not match URL |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true)) |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true)) |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: Form action: securepassword.php?4K5CL816269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851 |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: Form action: securepassword.php?4K5CL816269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851 |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: No <meta name="author".. found |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: No <meta name="author".. found |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: No <meta name="author".. found |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: No <meta name="author".. found |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: No <meta name="author".. found |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: No <meta name="author".. found |
Source: https://www.paperturn.com/login |
HTTP Parser: No <meta name="author".. found |
Source: https://www.paperturn.com/login |
HTTP Parser: No <meta name="author".. found |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: No <meta name="copyright".. found |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: No <meta name="copyright".. found |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: No <meta name="copyright".. found |
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error= |
HTTP Parser: No <meta name="copyright".. found |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: No <meta name="copyright".. found |
Source: https://www.paperturn.com/flipbook |
HTTP Parser: No <meta name="copyright".. found |
Source: https://www.paperturn.com/login |
HTTP Parser: No <meta name="copyright".. found |
Source: https://www.paperturn.com/login |
HTTP Parser: No <meta name="copyright".. found |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic |
Jump to behavior |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49726 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49740 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 143.204.225.123:443 -> 192.168.2.5:49748 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 143.204.225.93:443 -> 192.168.2.5:49750 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49757 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49760 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 104.16.106.139:443 -> 192.168.2.5:49823 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49842 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49841 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 104.16.106.139:443 -> 192.168.2.5:49863 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 144.91.89.225:443 -> 192.168.2.5:49865 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 144.91.89.225:443 -> 192.168.2.5:49864 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:49871 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 104.18.204.90:443 -> 192.168.2.5:49872 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49922 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49923 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49922 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:49983 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49995 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49998 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:50029 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:50056 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:50078 version: TLS 1.2 |
Source: 000003.log4.0.dr |
String found in binary or memory: -_https://www.youtube.com equals www.youtube.com (Youtube) |
Source: 000003.log4.0.dr |
String found in binary or memory: ._https://www.youtube.com equals www.youtube.com (Youtube) |
Source: 000003.log4.0.dr |
String found in binary or memory: 0_https://www.youtube.com equals www.youtube.com (Youtube) |
Source: 000003.log4.0.dr |
String found in binary or memory: 5_https://www.youtube.com equals www.youtube.com (Youtube) |
Source: 000003.log0.0.dr |
String found in binary or memory: Gnamespace-79d3313a_90a9_4eca_bc4a_615fe95f4398-https://www.youtube.com/ equals www.youtube.com (Youtube) |
Source: 000003.log4.0.dr |
String found in binary or memory: META:https://www.youtube.com equals www.youtube.com (Youtube) |
Source: 75c880fe196c95da_0.0.dr |
String found in binary or memory: T2_keyhttps://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/embed.js equals www.youtube.com (Youtube) |
Source: Current Session.0.dr |
String found in binary or memory: X(https://www.facebook.com/tr/ [id ev ] #0 equals www.facebook.com (Facebook) |
Source: 000003.log4.0.dr |
String found in binary or memory: _https://www.youtube.com equals www.youtube.com (Youtube) |
Source: d2b8a8d9a2d95859_0.0.dr |
String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/fetch-polyfill.vflset/fetch-polyfill.js equals www.youtube.com (Youtube) |
Source: 95fee99bab72dc0f_0.0.dr |
String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/base.js equals www.youtube.com (Youtube) |
Source: 75c880fe196c95da_0.0.dr |
String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/embed.js equals www.youtube.com (Youtube) |
Source: 3ee3277df70d5d32_0.0.dr |
String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/remote.js equals www.youtube.com (Youtube) |
Source: 4a93ae2abbf51303_0.0.dr |
String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/www-embed-player.vflset/www-embed-player.js equals www.youtube.com (Youtube) |
Source: Reporting and NEL.1.dr |
String found in binary or memory: coop_reporthttps://www.facebook.com/browser_reporting/ equals www.facebook.com (Facebook) |
Source: Current Session.0.dr |
String found in binary or memory: f/https://www.youtube.com/embed/q0nkrcMDCmc?rel=0 equals www.youtube.com (Youtube) |
Source: Current Session.0.dr |
String found in binary or memory: https://www.facebook.com/tr/ equals www.facebook.com (Facebook) |
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr |
String found in binary or memory: {"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071232260245","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://redirector.gvt1.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071232279667","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071232549869","port":443,"protocol_str":"quic"},{"advertised_versions":[50],"expiration":"13274071232549872","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://r2---sn-h0jeener.gvt1.com"},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071232987782","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://www.googletagmanager.com","supports_spdy":true},{"isolation":[],"server":"https://d3euuwqpqlzvic.cloudfront.net","supports_spdy":true},{"isolation":[],"server":"https://assets.paperturn-view.com","supports_spdy":true},{"isolation":[],"server":"https://translations.paperturn.com","supports_spdy":true},{"isolation":[],"server":"https://www.paperturn-view.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071235537569","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://assets.calendly.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071239711465","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":69227},"server":"https://fonts.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://use.fontawesome.com","supports_spdy":true},{"isolation":[],"server":"https://consentcdn.cookiebot.com","supports_spdy":true},{"isolation":[],"server":"https://acsbapp.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071271542770","port":443,"protocol_str":"quic"}],"isola |