Windows Analysis Report http://covid19response.lc/

Overview

General Information

Sample URL: http://covid19response.lc/
Analysis ID: 464480
Infos:

Most interesting Screenshot:

Detection

Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

No high impact signatures.

Classification

There are no high impact signatures.

Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
Source: unknown HTTPS traffic detected: 192.185.73.90:443 -> 192.168.2.3:49776 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.185.73.90:443 -> 192.168.2.3:49775 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.226.145.2:443 -> 192.168.2.3:49836 version: TLS 1.2
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: covid19response.lcConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: 000003.log3.1.dr String found in binary or memory: -_https://www.youtube.com equals www.youtube.com (Youtube)
Source: 000003.log3.1.dr String found in binary or memory: ._https://www.youtube.com equals www.youtube.com (Youtube)
Source: 000003.log3.1.dr String found in binary or memory: 0_https://www.youtube.com equals www.youtube.com (Youtube)
Source: 000003.log3.1.dr String found in binary or memory: 5_https://www.youtube.com equals www.youtube.com (Youtube)
Source: 9763f2044ebb415c_0.1.dr String found in binary or memory: ;~]_keyhttps://www.youtube.com/s/player/a081deec/player_ias.vflset/en_US/embed.js equals www.youtube.com (Youtube)
Source: 000003.log0.1.dr String found in binary or memory: Gnamespace-b83fe6fa_853d_4823_91da_eb7a70645490-https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: 54abfa9a2964c89f_0.1.dr String found in binary or memory: M(j_keyhttps://www.youtube.com/s/player/a081deec/player_ias.vflset/en_US/base.js equals www.youtube.com (Youtube)
Source: 000003.log3.1.dr String found in binary or memory: META:https://www.youtube.com equals www.youtube.com (Youtube)
Source: Current Session.1.dr String found in binary or memory: Thttps://www.youtube.com/embed/75SBK3bs-dM?rel=0&controls=1&autoplay=0&mute=0&start=0 equals www.youtube.com (Youtube)
Source: Current Session.1.dr String found in binary or memory: Thttps://www.youtube.com/embed/N_sTXJnMk0I?rel=0&controls=1&autoplay=0&mute=0&start=0 equals www.youtube.com (Youtube)
Source: Current Session.1.dr String found in binary or memory: Thttps://www.youtube.com/embed/eFZ38sUE7_U?rel=0&controls=1&autoplay=0&mute=0&start=0 equals www.youtube.com (Youtube)
Source: Current Session.1.dr String found in binary or memory: Thttps://www.youtube.com/embed/uRwrwmu3l1A?rel=0&controls=1&autoplay=0&mute=0&start=0 equals www.youtube.com (Youtube)
Source: 399580c71f9e279d_0.1.dr String found in binary or memory: W_keyhttps://www.youtube.com/s/player/a081deec/www-embed-player.vflset/www-embed-player.js equals www.youtube.com (Youtube)
Source: 000003.log3.1.dr String found in binary or memory: _https://www.youtube.com equals www.youtube.com (Youtube)
Source: c740d5a6270d7d3d_0.1.dr String found in binary or memory: _keyhttps://www.youtube.com/s/player/a081deec/fetch-polyfill.vflset/fetch-polyfill.js equals www.youtube.com (Youtube)
Source: 54abfa9a2964c89f_0.1.dr String found in binary or memory: _keyhttps://www.youtube.com/s/player/a081deec/player_ias.vflset/en_US/base.js equals www.youtube.com (Youtube)
Source: 9763f2044ebb415c_0.1.dr String found in binary or memory: _keyhttps://www.youtube.com/s/player/a081deec/player_ias.vflset/en_US/embed.js equals www.youtube.com (Youtube)
Source: e9605736811a0770_0.1.dr String found in binary or memory: _keyhttps://www.youtube.com/s/player/a081deec/player_ias.vflset/en_US/remote.js equals www.youtube.com (Youtube)
Source: 399580c71f9e279d_0.1.dr String found in binary or memory: _keyhttps://www.youtube.com/s/player/a081deec/www-embed-player.vflset/www-embed-player.js equals www.youtube.com (Youtube)
Source: Current Session.1.dr String found in binary or memory: https://www.youtube.com equals www.youtube.com (Youtube)
Source: Current Session.1.dr String found in binary or memory: https://www.youtube.com" equals www.youtube.com (Youtube)
Source: e9605736811a0770_0.1.dr String found in binary or memory: m_keyhttps://www.youtube.com/s/player/a081deec/player_ias.vflset/en_US/remote.js equals www.youtube.com (Youtube)
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: {"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://play.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895868689013","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895868719748","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://redirector.gvt1.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895868929179","port":443,"protocol_str":"quic"},{"advertised_versions":[50],"expiration":"13275895868929184","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://r5---sn-4g5e6nss.gvt1.com"},{"isolation":[],"server":"https://cdnjs.cloudflare.com","supports_spdy":true},{"isolation":[],"server":"https://d3e54v103j8qbb.cloudfront.net","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895902866390","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://static.doubleclick.net","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895903350898","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://googleads.g.doubleclick.net","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895903417121","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://yt3.ggpht.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895903444505","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://i.ytimg.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895912509613","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895912729149","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895914194859","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://www.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://assets.website-files.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895924968054","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://www.youtube.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275895870035105","port":443,"protocol_str"
Source: unknown DNS traffic detected: queries for: clients2.google.com
Source: Favicons.1.dr, Current Session.1.dr String found in binary or memory: http://covid19response.lc/
Source: History Provider Cache.1.dr String found in binary or memory: http://covid19response.lc/2
Source: Favicons-journal.1.dr String found in binary or memory: http://covid19response.lc/?
Source: History.1.dr String found in binary or memory: http://covid19response.lc/Home
Source: History-journal.1.dr String found in binary or memory: http://covid19response.lc/Y8
Source: Favicons-journal.1.dr String found in binary or memory: http://covid19response.lc/c
Source: History-journal.1.dr String found in binary or memory: http://covid19response.lc/p
Source: 77EC63BDA74BD0D0E0426DC8F8008506.2.dr String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: Reporting and NEL.2.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=CZjQqGTGweNE1%2FZbmzB3usRaGDWi4jwpdqqOQr8z9jTQO0K5X2lziOStf
Source: manifest.json0.1.dr, 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://accounts.google.com
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://ajax.googleapis.com
Source: Network Action Predictor.1.dr String found in binary or memory: https://ajax.googleapis.com/
Source: 6bb717c12090b85d_0.1.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Source: 6bb717c12090b85d_0.1.dr String found in binary or memory: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.jsaD
Source: manifest.json0.1.dr, 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://apis.google.com
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://assets.website-files.com
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://cdnjs.cloudflare.com
Source: c455117895c6c058_0.1.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.4/Chart.min.js
Source: 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://clients2.google.com
Source: manifest.json0.1.dr String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://clients2.googleusercontent.com
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://code.jquery.com
Source: Network Action Predictor.1.dr String found in binary or memory: https://code.jquery.com/
Source: 497a7e1bc3db0603_0.1.dr, 7381ed0a80a8aac1_0.1.dr String found in binary or memory: https://code.jquery.com/jquery-3.5.1.min.js
Source: 7381ed0a80a8aac1_0.1.dr String found in binary or memory: https://code.jquery.com/jquery-3.5.1.min.jsaD
Source: manifest.json0.1.dr String found in binary or memory: https://content.googleapis.com
Source: Current Session.1.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://covid19response.lc
Source: e74a6130792a0b32_0.1.dr, 6bb717c12090b85d_0.1.dr String found in binary or memory: https://covid19response.lc/
Source: 8fe0d458ce653d40_0.1.dr String found in binary or memory: https://covid19response.lc/$
Source: ab07337c48d4f6bb_0.1.dr String found in binary or memory: https://covid19response.lc/(w
Source: 53cd2d79662bb6ef_0.1.dr, History Provider Cache.1.dr String found in binary or memory: https://covid19response.lc/2
Source: ab07337c48d4f6bb_0.1.dr String found in binary or memory: https://covid19response.lc/6
Source: 53cd2d79662bb6ef_0.1.dr String found in binary or memory: https://covid19response.lc/;
Source: ab07337c48d4f6bb_0.1.dr String found in binary or memory: https://covid19response.lc/C
Source: History.1.dr String found in binary or memory: https://covid19response.lc/Home
Source: e74a6130792a0b32_0.1.dr String found in binary or memory: https://covid19response.lc/K
Source: ab07337c48d4f6bb_0.1.dr String found in binary or memory: https://covid19response.lc/Zx:
Source: b92cbfab11a11b40_0.1.dr String found in binary or memory: https://covid19response.lc/admin_l_t_e/plugins/jvectormap/jquery-jvectormap-1.2.2.min.js
Source: b92cbfab11a11b40_0.1.dr String found in binary or memory: https://covid19response.lc/admin_l_t_e/plugins/jvectormap/jquery-jvectormap-1.2.2.min.jsa
Source: b92cbfab11a11b40_0.1.dr String found in binary or memory: https://covid19response.lc/admin_l_t_e/plugins/jvectormap/jquery-jvectormap-1.2.2.min.jsaD
Source: 096cdef9805de772_0.1.dr String found in binary or memory: https://covid19response.lc/admin_l_t_e/plugins/jvectormap/jquery-jvectormap-saint-lucia.js
Source: 096cdef9805de772_0.1.dr String found in binary or memory: https://covid19response.lc/admin_l_t_e/plugins/jvectormap/jquery-jvectormap-saint-lucia.jsaD
Source: 8fe0d458ce653d40_0.1.dr String found in binary or memory: https://covid19response.lc/admin_l_t_e/plugins/jvectormap/jquery-jvectormap-world-mill-en.js
Source: 12d1d20bc67bb7f0_0.1.dr String found in binary or memory: https://covid19response.lc/admin_l_t_e/plugins/jvectormap/jquery-jvectormap-world-mill-en.jsa
Source: 12d1d20bc67bb7f0_0.1.dr String found in binary or memory: https://covid19response.lc/admin_l_t_e/plugins/jvectormap/jquery-jvectormap-world-mill-en.jsaD
Source: ab07337c48d4f6bb_0.1.dr String found in binary or memory: https://covid19response.lc/b
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/blog-categories/6
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blog-categories/6;
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blog-categories/6Press
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/blog/posts/index/9
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blog/posts/index/9Articles
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blog/posts/index/9S
Source: Favicons.1.dr, Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/alcohol-use-and-misuse-during-the-covid-19-pandemic
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/alcohol-use-and-misuse-during-the-covid-19-pandemicALCOHOL
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/alcohol-use-and-misuse-during-the-covid-19-pandemicV
Source: Favicons.1.dr, Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/covid-19-vaccine-and-vaccination-roll-out
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/covid-19-vaccine-and-vaccination-roll-outCOVID-19
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/covid-19-vaccine-and-vaccination-roll-outJ
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/covid-19-vaccine-and-vaccination-roll-outW
Source: Favicons.1.dr, Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/launch-of-the-contact-tracing-app-758-care-alert
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/launch-of-the-contact-tracing-app-758-care-alertLAUNCH
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/launch-of-the-contact-tracing-app-758-care-alertO
Source: Favicons.1.dr, Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/pre-registration-process-for-the-covid-19-vaccine
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/pre-registration-process-for-the-covid-19-vaccine1
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/pre-registration-process-for-the-covid-19-vaccinePRE-REGISTRATION
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-11-new-cases-of-covid-19
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-11-new-cases-of-covid-19R
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-11-new-cases-of-covid-19SAINT
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-11-new-cases-of-covid-19U
Source: Favicons.1.dr, Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-155-new-cases-of-covid-19
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-155-new-cases-of-covid-19R
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-155-new-cases-of-covid-19SAINT
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-155-new-cases-of-covid-19b
Source: Favicons.1.dr, Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-23-new-cases-of-covid-19
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-23-new-cases-of-covid-19Q
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-23-new-cases-of-covid-19SAINT
Source: Favicons.1.dr, Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-24-new-cases-of-covid-19
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-24-new-cases-of-covid-19?
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-24-new-cases-of-covid-19R
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-24-new-cases-of-covid-19SAINT
Source: Favicons.1.dr, Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-29-new-cases-of-covid-19
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-29-new-cases-of-covid-19R
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-29-new-cases-of-covid-19SAINT
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-5-new-cases-of-covid-19
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-5-new-cases-of-covid-190
Source: History.1.dr String found in binary or memory: https://covid19response.lc/blogs/saint-lucia-records-5-new-cases-of-covid-19SAINT
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/covid_ready_theme/favicon.ico
Source: 2f20dcdc949a11ee_0.1.dr String found in binary or memory: https://covid19response.lc/covid_ready_theme/js/webflow.js
Source: 4bad0bc9a2e91274_0.1.dr String found in binary or memory: https://covid19response.lc/covid_ready_theme/js/webflow.jsaD
Source: 98728657e103b989_0.1.dr String found in binary or memory: https://covid19response.lc/f
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/p/how-to-protect-yourself
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/p/how-to-protect-yourself?
Source: History.1.dr String found in binary or memory: https://covid19response.lc/p/how-to-protect-yourselfHow
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lc/p/what-to-do-if-you-are-sick
Source: Favicons.1.dr String found in binary or memory: https://covid19response.lc/p/what-to-do-if-you-are-sick8
Source: History.1.dr String found in binary or memory: https://covid19response.lc/p/what-to-do-if-you-are-sickWhat
Source: e74a6130792a0b32_0.1.dr String found in binary or memory: https://covid19response.lc/s
Source: Current Session.1.dr String found in binary or memory: https://covid19response.lch
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://d3e54v103j8qbb.cloudfront.net
Source: 4d85d983-20a9-4558-b7b4-3c3d6e90ceac.tmp.2.dr, 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, f418c010-8c42-4646-9cd5-0bd3163e4bb4.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://dns.google
Source: manifest.json0.1.dr String found in binary or memory: https://feedback.googleusercontent.com
Source: 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://fonts.googleapis.com
Source: Network Action Predictor.1.dr String found in binary or memory: https://fonts.googleapis.com/
Source: manifest.json0.1.dr String found in binary or memory: https://fonts.googleapis.com;
Source: 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://fonts.gstatic.com
Source: Network Action Predictor.1.dr String found in binary or memory: https://fonts.gstatic.com/
Source: manifest.json0.1.dr String found in binary or memory: https://fonts.gstatic.com;
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://googleads.g.doubleclick.net
Source: manifest.json0.1.dr String found in binary or memory: https://hangouts.google.com/
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://i.ytimg.com
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://maciejsawicki.com
Source: e74a6130792a0b32_0.1.dr String found in binary or memory: https://maciejsawicki.com/tooltipster-for-webflow/tooltipster-for-webflow.js
Source: 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://ogs.google.com
Source: manifest.json.1.dr String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://play.google.com
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://r5---sn-4g5e6nss.gvt1.com
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.1.dr String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://ssl.gstatic.com
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://static.doubleclick.net
Source: messages.json83.1.dr String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json83.1.dr String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 61d4a76808c82a37_0.1.dr String found in binary or memory: https://support.google.com/recaptcha
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://www.google-analytics.com
Source: 53cd2d79662bb6ef_0.1.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: manifest.json0.1.dr, 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://www.google.com
Source: manifest.json.1.dr, Network Action Predictor.1.dr String found in binary or memory: https://www.google.com/
Source: 29d3038881de33b4_0.1.dr String found in binary or memory: https://www.google.com/js/th/vJ8tIrz-gTB0vokfxcLZt2_KaJ_dmdc0dMZBJXrrXQg.js
Source: manifest.json0.1.dr String found in binary or memory: https://www.google.com;
Source: 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://www.googleapis.com
Source: manifest.json.1.dr String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.1.dr String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.1.dr String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.1.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.1.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.1.dr String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.1.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.1.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.1.dr String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.1.dr String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.1.dr String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.1.dr String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.1.dr String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://www.googletagmanager.com
Source: ab07337c48d4f6bb_0.1.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-163330439-1
Source: 1707ae17-9742-47fa-9a4d-054a6c07af39.tmp.2.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://www.gstatic.com
Source: 335e69ddec2b9ac6_0.1.dr String found in binary or memory: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Source: 98728657e103b989_0.1.dr String found in binary or memory: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Source: 61d4a76808c82a37_0.1.dr String found in binary or memory: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.jsa
Source: 61d4a76808c82a37_0.1.dr String found in binary or memory: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.jsaD
Source: manifest.json0.1.dr String found in binary or memory: https://www.gstatic.com;
Source: 000003.log3.1.dr, 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://www.youtube.com
Source: 000003.log0.1.dr String found in binary or memory: https://www.youtube.com/
Source: Current Session.1.dr String found in binary or memory: https://www.youtube.com/embed/75SBK3bs-dM?rel=0&controls=1&autoplay=0&mute=0&start=0
Source: Current Session.1.dr String found in binary or memory: https://www.youtube.com/embed/N_sTXJnMk0I?rel=0&controls=1&autoplay=0&mute=0&start=0
Source: Current Session.1.dr String found in binary or memory: https://www.youtube.com/embed/eFZ38sUE7_U?rel=0&controls=1&autoplay=0&mute=0&start=0
Source: Current Session.1.dr String found in binary or memory: https://www.youtube.com/embed/uRwrwmu3l1A?rel=0&controls=1&autoplay=0&mute=0&start=0
Source: c740d5a6270d7d3d_0.1.dr String found in binary or memory: https://www.youtube.com/s/player/a081deec/fetch-polyfill.vflset/fetch-polyfill.js
Source: 54abfa9a2964c89f_0.1.dr String found in binary or memory: https://www.youtube.com/s/player/a081deec/player_ias.vflset/en_US/base.js
Source: 9763f2044ebb415c_0.1.dr String found in binary or memory: https://www.youtube.com/s/player/a081deec/player_ias.vflset/en_US/embed.js
Source: e9605736811a0770_0.1.dr String found in binary or memory: https://www.youtube.com/s/player/a081deec/player_ias.vflset/en_US/remote.js
Source: 399580c71f9e279d_0.1.dr String found in binary or memory: https://www.youtube.com/s/player/a081deec/www-embed-player.vflset/www-embed-player.js
Source: 54abfa9a2964c89f_0.1.dr, 29d3038881de33b4_0.1.dr String found in binary or memory: https://youtube.com/
Source: 335e69ddec2b9ac6_0.1.dr String found in binary or memory: https://youtube.com/1
Source: 9763f2044ebb415c_0.1.dr String found in binary or memory: https://youtube.com/U=#
Source: 399580c71f9e279d_0.1.dr String found in binary or memory: https://youtube.com/xd
Source: 33936995-cbc4-439b-afe2-a57b04438586.tmp.2.dr String found in binary or memory: https://yt3.ggpht.com
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50030 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49888 -> 443
Source: unknown HTTPS traffic detected: 192.185.73.90:443 -> 192.168.2.3:49776 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.185.73.90:443 -> 192.168.2.3:49775 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.226.145.2:443 -> 192.168.2.3:49836 version: TLS 1.2
Source: classification engine Classification label: clean0.win@55/300@20/20
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-6115FA38-1648.pma Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Temp\3fa1bc4d-1c5d-4065-84a9-6ca07dac1888.tmp Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://covid19response.lc/'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1564,7631868385698929996,4303393363900616784,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1724 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1564,7631868385698929996,4303393363900616784,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5852 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1564,7631868385698929996,4303393363900616784,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=5860 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1564,7631868385698929996,4303393363900616784,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1724 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1564,7631868385698929996,4303393363900616784,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5852 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1564,7631868385698929996,4303393363900616784,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=5860 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 464480 URL: http://covid19response.lc/ Startdate: 12/08/2021 Architecture: WINDOWS Score: 0 16 d1r5qv5z4elg7c.cloudfront.net 2->16 18 covid19response.lc 2->18 20 assets.website-files.com 2->20 6 chrome.exe 15 501 2->6         started        process3 dnsIp4 22 192.168.2.1 unknown unknown 6->22 24 239.255.255.250 unknown Reserved 6->24 9 chrome.exe 84 6->9         started        12 chrome.exe 6->12         started        14 chrome.exe 1 6 6->14         started        process5 dnsIp6 26 covid19response.lc 192.185.73.90, 443, 49720, 49721 UNIFIEDLAYER-AS-1US United States 9->26 28 clients.l.google.com 142.250.203.110, 443, 49717 GOOGLEUS United States 9->28 30 23 other IPs or domains 9->30
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
216.58.215.238
 www-google-analytics.l.google.com United States
15169 GOOGLEUS false
13.226.145.2
 d1r5qv5z4elg7c.cloudfront.net United States
16509 AMAZON-02US false
142.250.203.110
 clients.l.google.com United States
15169 GOOGLEUS false
172.217.168.46
 youtube-ui.l.google.com United States
15169 GOOGLEUS false
172.217.168.68
 www.google.com United States
15169 GOOGLEUS false
172.217.168.45
 accounts.google.com United States
15169 GOOGLEUS false
172.217.168.8
 www-googletagmanager.l.google.com United States
15169 GOOGLEUS false
142.250.203.97
 googlehosted.l.googleusercontent.com United States
15169 GOOGLEUS false
172.217.168.3
 gstaticadssl.l.google.com United States
15169 GOOGLEUS false
172.217.168.86
 i.ytimg.com United States
15169 GOOGLEUS false
104.16.18.94
 cdnjs.cloudflare.com United States
13335 CLOUDFLARENETUS false
142.250.203.98
 googleads.g.doubleclick.net United States
15169 GOOGLEUS false
192.185.73.90
 covid19response.lc United States
46606 UNIFIEDLAYER-AS-1US false
172.217.168.70
 static-doubleclick-net.l.google.com United States
15169 GOOGLEUS false
172.217.168.1
 photos-ugc.l.googleusercontent.com United States
15169 GOOGLEUS false
185.199.109.153
 maciejsawicki.com Netherlands
54113 FASTLYUS false
239.255.255.250
 unknown Reserved
unknown unknown false
13.226.156.95
 d3e54v103j8qbb.cloudfront.net United States
16509 AMAZON-02US false

Private
IP
192.168.2.1
127.0.0.1

Contacted Domains

Name IP Active
gstaticadssl.l.google.com 172.217.168.3 true
accounts.google.com 172.217.168.45 true
www-google-analytics.l.google.com 216.58.215.238 true
www-googletagmanager.l.google.com 172.217.168.8 true
i.ytimg.com 172.217.168.86 true
covid19response.lc 192.185.73.90 true
static-doubleclick-net.l.google.com 172.217.168.70 true
d3e54v103j8qbb.cloudfront.net 13.226.156.95 true
youtube-ui.l.google.com 172.217.168.46 true
googleads.g.doubleclick.net 142.250.203.98 true
cdnjs.cloudflare.com 104.16.18.94 true
maciejsawicki.com 185.199.109.153 true
photos-ugc.l.googleusercontent.com 172.217.168.1 true
www.google.com 172.217.168.68 true
clients.l.google.com 142.250.203.110 true
googlehosted.l.googleusercontent.com 142.250.203.97 true
d1r5qv5z4elg7c.cloudfront.net 13.226.145.2 true
yt3.ggpht.com unknown unknown
assets.website-files.com unknown unknown
static.doubleclick.net unknown unknown
clients2.googleusercontent.com unknown unknown
clients2.google.com unknown unknown
code.jquery.com unknown unknown
www.youtube.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://covid19response.lc/blogs/covid-19-vaccine-and-vaccination-roll-out false
    		unknown
    https://covid19response.lc/blogs/saint-lucia-records-23-new-cases-of-covid-19 false
      		unknown
      https://covid19response.lc/blogs/alcohol-use-and-misuse-during-the-covid-19-pandemic false
        		unknown
        https://www.youtube.com/embed/75SBK3bs-dM?rel=0&controls=1&autoplay=0&mute=0&start=0 false
          		high
          https://www.youtube.com/embed/eFZ38sUE7_U?rel=0&controls=1&autoplay=0&mute=0&start=0 false
            		high
            https://covid19response.lc/p/what-to-do-if-you-are-sick false
              		unknown
              https://covid19response.lc/blog/posts/index/9 false
                		unknown
                http://covid19response.lc/ false
                  		unknown
                  https://www.youtube.com/embed/N_sTXJnMk0I?rel=0&controls=1&autoplay=0&mute=0&start=0 false
                    		high
                    https://covid19response.lc/blogs/saint-lucia-records-24-new-cases-of-covid-19 false
                      		unknown
                      https://covid19response.lc/blogs/saint-lucia-records-5-new-cases-of-covid-19 false
                        		unknown
                        https://covid19response.lc/blogs/launch-of-the-contact-tracing-app-758-care-alert false
                          		unknown
                          https://covid19response.lc/blogs/saint-lucia-records-155-new-cases-of-covid-19 false
                            		unknown
                            https://covid19response.lc/blogs/saint-lucia-records-11-new-cases-of-covid-19 false
                              		unknown