Source: Yara match |
File source: 0.0.pages.csv, type: HTML |
Source: Yara match |
File source: 0.1.pages.csv, type: HTML |
Source: Yara match |
File source: dropped/chromecache_64, type: DROPPED |
Source: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d |
HTTP Parser: Number of links: 0 |
Source: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d |
HTTP Parser: Title: Sharing Link Validation does not match URL |
Source: Chrome DOM: 0.0 |
ML Model on OCR Text: Matched 95.2% probability on "SharePoint Microsoft Verify Your Identity You've received a secure link to: novobanco_Guia de Utilizaqo do Campus_Pasta Partilhada To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next By clicking Next you allow JLL to use your email address in accordance with their privacy statement. 2017 Microsoft Privacy & Cookies " |
Source: Chrome DOM: 0.1 |
ML Model on OCR Text: Matched 97.0% probability on "SharePoint Microsoft Verify Your Identity You've received a secure link to: novobanco_Guia de Utilizaqo do Campus_Pasta Partilhada To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Your email address is required Next By clicking Next you allow JLL to use your email address in accordance with their privacy statement. 2017 Microsoft Privacy & Cookies " |
Source: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d |
HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true)) |
Source: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d |
HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true)) |
Source: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d |
HTTP Parser: No <meta name="author".. found |
Source: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d |
HTTP Parser: No <meta name="author".. found |
Source: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d |
HTTP Parser: No <meta name="copyright".. found |
Source: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d |
HTTP Parser: No <meta name="copyright".. found |
Source: unknown |
HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.4:49756 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.4:49758 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.46.162.224 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.55.253.34 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.40.205.81 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.40.205.81 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.40.205.81 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.40.205.81 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
HTTP traffic detected: GET /:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d HTTP/1.1Host: jll2.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /WebResource.axd?d=ycHivovJo1IuKk-tzRJ8ufQQ-iuwfP1ezGTy8BG_qsbyQ7m85kJF662PJDnxcTalLQpQhNNol9FH5EXa_s1HUh_x-MhZGY8UowqnTM8hA1w1&t=638449966421100877 HTTP/1.1Host: jll2.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ScriptResource.axd?d=dSOB5QLW4iDr5SkrwcwcbHnQzJ6q2z4iZGg9UM7Gd6n5LEQmqo_pdgO7Hn-2VwenIzSKVhLbd1eYR0JBwuZEO_Sx2kCmsu-sDB-NQJepVGWgysvVvGhtPKwXQuwZlD9XGtQkgoXLVXOylnwHkYKZhTGy_Kntf7Hs4kS5ZvStdOw1&t=fffffffff37b5a97 HTTP/1.1Host: jll2.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ScriptResource.axd?d=67ZbPPrvp9FatQKPpo_wd8dEBfrpVfEkOuEw6CarcEOY8j3-e-HU8qAHqD-vPnyVfbyDTrlBFzUyRDdMpJOwjO2qcHnX542t84-lzGr60bAXhIRNrts52JcSMQ938UvPDTAKYPVayGDBXAYb6KNrQxhjZaFClWDAhtW9eJzMEbvAAP1NnDdHVU3nVMvcWoEI0&t=722fe453 HTTP/1.1Host: jll2.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /ScriptResource.axd?d=r4BQmYn_Fo39zB3ho7PLjifUHBAA8DUHJmV1req5BQ37v_OeYKDPejvq2zkH9GxyxW2JAEQ_TewPv31vItS4rQ0l2BiIIL8xtY8RWhM72w6nK5MmhaXVocTRR3KXCn_5JeuO6Ck0Gh7zCDwGcxnAeqnmneguE-7YqpZcWGXHJWvcUdU2qJv5GwtwndFSfi0t0&t=722fe453 HTTP/1.1Host: jll2.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: jll2.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: jll2.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: jll2.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: jll2.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: unknown |
DNS traffic detected: queries for: jll2.sharepoint.com |
Source: chromecache_65.2.dr |
String found in binary or memory: http://github.com/jrburke/requirejs |
Source: chromecache_64.2.dr |
String found in binary or memory: https://jll2.sharepoint.com/teams/WorkplaceStrategy274/_layouts/15/images/folder.png |
Source: chromecache_66.2.dr |
String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant= |
Source: chromecache_64.2.dr |
String found in binary or memory: https://res-1.cdn.office.net |
Source: chromecache_64.2.dr |
String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.24803.12007/require.js |
Source: chromecache_64.2.dr |
String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-04-05.013/ |
Source: chromecache_64.2.dr |
String found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-04-05.013/ |
Source: chromecache_64.2.dr |
String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js |
Source: chromecache_64.2.dr |
String found in binary or memory: https://www.jll.com/privacy-statement |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49744 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49743 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49758 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49742 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49678 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49748 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49743 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49745 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49751 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49739 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49738 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49758 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49755 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49738 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49756 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49755 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49675 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49751 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49742 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49767 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49749 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49744 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49749 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49748 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49756 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49745 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49739 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49767 |
Source: unknown |
HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.4:49756 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.4:49758 version: TLS 1.2 |
Source: classification engine |
Classification label: mal48.phis.win@16/24@10/4 |
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2000,i,2649959660875642474,11769306728732929291,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
|
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://jll2.sharepoint.com/:f:/t/WorkplaceStrategy274/EqyxzpLxD8lEhSn1hXMNtKMBbmoik8-xeuIbHrYk7cgngA?e=5%3a2wyFQq&at=9&xsdata=MDV8MDJ8cGF0cmljaWEucmliZWlyb0Bub3ZvYmFuY28ucHR8NjlmMTdkMWU5YzBjNDFkN2UwZmIwOGRjNTNjN2YwZTV8MTAzMzgwNDgxOTNhNDI5OGFiZWEzNTk2YWU4OGIwNWV8MHwwfDYzODQ3NzM2NTQwMjI0OTQwNXxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=T2RkZHdHdHpwUXkxSG5Kd2Noc1RHVUc3YVNLVE1sOWZUTXdVZitYYXh6Yz0%3d" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2000,i,2649959660875642474,11769306728732929291,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Automated click: Next |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Automated click: Next |
Source: Window Recorder |
Window detected: More than 3 window changes detected |