Edit tour

Windows Analysis Report
http://webflow.io

Overview

General Information

Sample URL:	http://webflow.io
Analysis ID:	1596783

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 5088 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 3632 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1896,i,16042634630716048726,10569157490055158183,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 7724 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3104 --field-trial-handle=1896,i,16042634630716048726,10569157490055158183,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6300 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://webflow.io" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

HTTP Parser: Base64 decoded: {"version":3,"sources":["webpack://./src/global.css"],"names":[],"mappings":"AAEA;EACE,sBAAsB;AACxB;;AAEA;;EAEE,UAAU;EACV,SAAS;EACT;;;;;;;;;;;;cAYY;EACZ,eAAe;AACjB;;AAEA;;;;;;;;;;EAUE,SAAS;EACT,UAAU;EACV,mBAAmB;AACrB;;AAEA;;CAEC;AACD;EACE,eAAe;EACf,YAAY;A...

Source: https://webflow.com/

HTTP Parser: Title: Sign In - Google Accounts does not match URL

Source: https://webflow.com/	HTTP Parser: Iframe src: https://accounts.google.com/gsi/button?theme=outline&text=signin_with&size=medium&type=standard&shape=rectangular&width=-32&logo_alignment=left&click_listener=function()%7BtrackButtonClick(n)%7D&client_id=657641920759-c7l1281jejtqqb0rr9jc03qgp9se6gms.apps.googleusercontent.com&iframe_id=gsi_25929_33878&as=rM0EU5zqB5xKwoTH6K1tkXzkuhnObZqWwBo3AG05RL8
Source: https://webflow.com/	HTTP Parser: Iframe src: https://accounts.google.com/gsi/button?theme=outline&text=signin_with&size=medium&type=standard&shape=rectangular&width=-32&logo_alignment=left&click_listener=function()%7BtrackButtonClick(n)%7D&client_id=657641920759-c7l1281jejtqqb0rr9jc03qgp9se6gms.apps.googleusercontent.com&iframe_id=gsi_25929_33878&as=rM0EU5zqB5xKwoTH6K1tkXzkuhnObZqWwBo3AG05RL8
Source: https://webflow.com/	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fwebflow.com%2Fdashboard%2Fsignup-modal&title=Sign%20up%20-%20Webflow&referrer=https%3A%2F%2Fwebflow.com%2F&muid=NA&sid=NA&version=6&preview=false
Source: https://webflow.com/	HTTP Parser: Iframe src: https://accounts.google.com/gsi/button?theme=outline&text=signin_with&size=medium&type=standard&shape=rectangular&width=-32&logo_alignment=left&click_listener=function()%7BtrackButtonClick(n)%7D&client_id=657641920759-c7l1281jejtqqb0rr9jc03qgp9se6gms.apps.googleusercontent.com&iframe_id=gsi_25929_33878&as=rM0EU5zqB5xKwoTH6K1tkXzkuhnObZqWwBo3AG05RL8
Source: https://webflow.com/	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/990123219?random=1737553033759&cv=11&fst=1737553033759&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be51l0v889784019za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067555~102067808~102081485~102123607&u_w=1280&u_h=1024&url=https%3A%2F%2Fwebflow.com%2F&ref=https%3A%2F%2Fwebflow.com%2F&hn=www.googleadservices.com&frm=1&tiba=Sign%20up%20-%20Webflow&npa=0&pscdl=noapi&auid=761307756.1737553034&fledge=1&data=event%3Dgtag.config
Source: https://webflow.com/	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/11074340254?random=1737553033777&cv=11&fst=1737553033777&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be51l0v889784019za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067555~102067808~102081485~102123607&u_w=1280&u_h=1024&url=https%3A%2F%2Fwebflow.com%2F&ref=https%3A%2F%2Fwebflow.com%2F&hn=www.googleadservices.com&frm=1&tiba=Sign%20up%20-%20Webflow&npa=0&pscdl=noapi&auid=761307756.1737553034&fledge=1&data=event%3Dgtag.config
Source: https://webflow.com/	HTTP Parser: Iframe src: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fwebflow.com%2Fdashboard%2Fsignup-modal&title=Sign%20up%20-%20Webflow&referrer=https%3A%2F%2Fwebflow.com%2F&muid=NA&sid=NA&version=6&preview=false

Source: https://webflow.com/	HTTP Parser: No favicon
Source: https://webflow.com/	HTTP Parser: No favicon
Source: https://webflow.com/	HTTP Parser: No favicon
Source: https://webflow.com/	HTTP Parser: No favicon
Source: https://webflow.com/	HTTP Parser: No favicon
Source: https://webflow.com/	HTTP Parser: No favicon
Source: https://webflow.com/	HTTP Parser: No favicon
Source: https://webflow.com/	HTTP Parser: No favicon
Source: https://webflow.com/	HTTP Parser: No favicon
Source: https://webflow.com/	HTTP Parser: No favicon

Source: https://webflow.com/	HTTP Parser: No <meta name="author".. found
Source: https://webflow.com/	HTTP Parser: No <meta name="author".. found
Source: https://webflow.com/	HTTP Parser: No <meta name="author".. found
Source: https://webflow.com/	HTTP Parser: No <meta name="author".. found
Source: https://mailzim-0fb4f9.webflow.io/	HTTP Parser: No <meta name="author".. found
Source: https://mailzim-0fb4f9.webflow.io/	HTTP Parser: No <meta name="author".. found

Source: https://webflow.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://webflow.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://webflow.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://webflow.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://mailzim-0fb4f9.webflow.io/	HTTP Parser: No <meta name="copyright".. found
Source: https://mailzim-0fb4f9.webflow.io/	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.242.39.171:443 -> 192.168.2.18:58498 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:58506 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:58542 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:58556 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:58556 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.68:443 -> 192.168.2.18:58816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.227.208:443 -> 192.168.2.18:58817 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 20MB

Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53
Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53
Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53
Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53
Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53
Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53
Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53
Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53
Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53
Source: global traffic	TCP traffic: 192.168.2.18:58494 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic

HTTP traffic detected: GET / HTTP/1.1Host: webflow.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: webflow.io
Source: global traffic	DNS traffic detected: DNS query: daks2k3a4ib2z.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: webflow.com
Source: global traffic	DNS traffic detected: DNS query: api.intellimize.co
Source: global traffic	DNS traffic detected: DNS query: 117237908.intellimizeio.com
Source: global traffic	DNS traffic detected: DNS query: log.intellimize.co
Source: global traffic	DNS traffic detected: DNS query: cdn.prod.website-files.com
Source: global traffic	DNS traffic detected: DNS query: cdn.intellimize.co
Source: global traffic	DNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: js.driftt.com
Source: global traffic	DNS traffic detected: DNS query: www.redditstatic.com
Source: global traffic	DNS traffic detected: DNS query: dhygzobemt712.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: d2hrivdxn8ekm8.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: pixel-config.reddit.com
Source: global traffic	DNS traffic detected: DNS query: alb.reddit.com
Source: global traffic	DNS traffic detected: DNS query: acdn.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: ib.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: munchkin.marketo.net
Source: global traffic	DNS traffic detected: DNS query: snippet.growsumo.com
Source: global traffic	DNS traffic detected: DNS query: ttip-ipv4-prod.telemetry.vaultdcr.com
Source: global traffic	DNS traffic detected: DNS query: ttip-ipv6-prod.telemetry.vaultdcr.com
Source: global traffic	DNS traffic detected: DNS query: tte-prod.telemetry.vaultdcr.com
Source: global traffic	DNS traffic detected: DNS query: unpkg.com
Source: global traffic	DNS traffic detected: DNS query: www.datadoghq-browser-agent.com
Source: global traffic	DNS traffic detected: DNS query: grsm.io
Source: global traffic	DNS traffic detected: DNS query: j.6sc.co
Source: global traffic	DNS traffic detected: DNS query: cdn.segment.com
Source: global traffic	DNS traffic detected: DNS query: segment.prod.bidr.io
Source: global traffic	DNS traffic detected: DNS query: partnerlinks.io
Source: global traffic	DNS traffic detected: DNS query: stk.px-cloud.net
Source: global traffic	DNS traffic detected: DNS query: collector-pxtg2vkiqj.px-cloud.net
Source: global traffic	DNS traffic detected: DNS query: 050-lkc-745.mktoresp.com
Source: global traffic	DNS traffic detected: DNS query: analytics.webflow.com
Source: global traffic	DNS traffic detected: DNS query: js.stripe.com
Source: global traffic	DNS traffic detected: DNS query: featureassets.org
Source: global traffic	DNS traffic detected: DNS query: c.6sc.co
Source: global traffic	DNS traffic detected: DNS query: ipv6.6sc.co
Source: global traffic	DNS traffic detected: DNS query: b.6sc.co
Source: global traffic	DNS traffic detected: DNS query: prodregistryv2.org
Source: global traffic	DNS traffic detected: DNS query: w3-reporting-nel.reddit.com
Source: global traffic	DNS traffic detected: DNS query: try.webflow.com
Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: 171.39.242.20.in-addr.arpa
Source: global traffic	DNS traffic detected: DNS query: cdn.sprig.com
Source: global traffic	DNS traffic detected: DNS query: analytics-api.webflow.com
Source: global traffic	DNS traffic detected: DNS query: api.sprig.com
Source: global traffic	DNS traffic detected: DNS query: m.stripe.network
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: a.quora.com
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: m.stripe.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: stripe.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: tag.clearbitscripts.com
Source: global traffic	DNS traffic detected: DNS query: customer.api.drift.com
Source: global traffic	DNS traffic detected: DNS query: conversation.api.drift.com
Source: global traffic	DNS traffic detected: DNS query: metrics.api.drift.com
Source: global traffic	DNS traffic detected: DNS query: targeting.api.drift.com
Source: global traffic	DNS traffic detected: DNS query: x.clearbitjs.com
Source: global traffic	DNS traffic detected: DNS query: app.clearbit.com
Source: global traffic	DNS traffic detected: DNS query: bootstrap.driftapi.com
Source: global traffic	DNS traffic detected: DNS query: 5045258-8.chat.api.drift.com
Source: global traffic	DNS traffic detected: DNS query: mailzim-0fb4f9.webflow.io
Source: global traffic	DNS traffic detected: DNS query: log.api.drift.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 58570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 58650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58699
Source: unknown	Network traffic detected: HTTP traffic on port 58615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 58764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 58788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 58696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 58501 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 58752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 58603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58498
Source: unknown	Network traffic detected: HTTP traffic on port 58639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58497
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58499
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58496
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58495
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 58730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 58809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 58625 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58659
Source: unknown	Network traffic detected: HTTP traffic on port 58705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58656
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58655
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58663
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58665
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58664
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58661
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58660
Source: unknown	Network traffic detected: HTTP traffic on port 58525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 58580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 58739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 58513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58666
Source: unknown	Network traffic detected: HTTP traffic on port 58686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58669
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58668
Source: unknown	Network traffic detected: HTTP traffic on port 58640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58674
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58673
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58676
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58675
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58670
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58672
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58499 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58671
Source: unknown	Network traffic detected: HTTP traffic on port 58774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 58652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58678
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58677
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58679
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58687
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58681
Source: unknown	Network traffic detected: HTTP traffic on port 58613 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58680
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 58674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 58762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58688
Source: unknown	Network traffic detected: HTTP traffic on port 58592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58698
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58692
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 58717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 58547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 58709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58617 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 58497 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58511 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58649 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58517 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58655 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58495 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58633 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58806
Source: unknown	Network traffic detected: HTTP traffic on port 58758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58803
Source: unknown	Network traffic detected: HTTP traffic on port 58645 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58802
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58804
Source: unknown	Network traffic detected: HTTP traffic on port 58702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58800
Source: unknown	Network traffic detected: HTTP traffic on port 58690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58574 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58586 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58619
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58615
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58618
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58617
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58611
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58614
Source: unknown	Network traffic detected: HTTP traffic on port 58687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58613
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58621
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58620
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58641 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58627
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58626
Source: unknown	Network traffic detected: HTTP traffic on port 58704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58629
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58623
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58622
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58625
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58630
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58632
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58631
Source: unknown	Network traffic detected: HTTP traffic on port 58503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58623 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58638
Source: unknown	Network traffic detected: HTTP traffic on port 58537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58637
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58639
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58633
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58636
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58635
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58641
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58640
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58643
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58642
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58649
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58648
Source: unknown	Network traffic detected: HTTP traffic on port 58515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58645
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58644
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58647
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58646
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58652
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58651
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58654
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58653
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58650
Source: unknown	Network traffic detected: HTTP traffic on port 58560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 58677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 58631 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58819
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58816
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58810
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58811
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 58714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 58594 -> 443

Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.242.39.171:443 -> 192.168.2.18:58498 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:58506 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:58542 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:58556 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.18:58556 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.68:443 -> 192.168.2.18:58816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.227.208:443 -> 192.168.2.18:58817 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@34/226@208/990

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1896,i,16042634630716048726,10569157490055158183,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1896,i,16042634630716048726,10569157490055158183,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://webflow.io"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3104 --field-trial-handle=1896,i,16042634630716048726,10569157490055158183,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3104 --field-trial-handle=1896,i,16042634630716048726,10569157490055158183,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	3 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Extra Window Memory Injection	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report
http://webflow.io

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Source: https://mailzim-0fb4f9.webflow.io/	Joe Sandbox AI: Score: 8 Reasons: The brand 'Zimbra' is known and typically associated with the domain 'zimbra.com'., The URL 'mailzim-0fb4f9.webflow.io' does not match the legitimate domain 'zimbra.com'., The use of 'webflow.io' suggests a site hosted on a web design platform, which is not typical for a known brand's main domain., The prefix 'mailzim-0fb4f9' is suspicious and does not clearly relate to the brand 'Zimbra'., The presence of input fields for username, email, and password is common in phishing sites attempting to capture user credentials. DOM: 3.17.pages.csv
Source: https://mailzim-0fb4f9.webflow.io/	Joe Sandbox AI: Score: 8 Reasons: The brand 'Zimbra' is known and typically associated with the domain 'zimbra.com'., The URL 'mailzim-0fb4f9.webflow.io' does not match the legitimate domain 'zimbra.com'., The use of 'webflow.io' suggests a site hosted on a web design platform, which is not typical for a well-established brand like Zimbra., The prefix 'mailzim-0fb4f9' is suspicious and does not clearly relate to the brand 'Zimbra'., The presence of input fields for username, email, and password is common in phishing sites attempting to harvest credentials. DOM: 3.19.pages.csv

Source: https://webflow.com/	HTTP Parser: Number of links: 0
Source: https://mailzim-0fb4f9.webflow.io/	HTTP Parser: Number of links: 0

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://webflow.io

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Windows Analysis Report
http://webflow.io