Analysis Report https://doc.clickup.com/d/h/88fjm-14/9b55da9c0a2598a

Overview

General Information

Sample URL: https://doc.clickup.com/d/h/88fjm-14/9b55da9c0a2598a
Analysis ID: 358580
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score: 72
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Antivirus / Scanner detection for submitted sample
Phishing site detected (based on favicon image match)
Yara detected HtmlPhish_10
Phishing site detected (based on image similarity)
Phishing site detected (based on logo template match)
Found iframes
HTML body contains low number of good links
HTML title does not match URL

Classification

AV Detection:

barindex
Antivirus / Scanner detection for submitted sample
Source: https://doc.clickup.com/d/h/88fjm-14/9b55da9c0a2598a SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

barindex
Phishing site detected (based on favicon image match)
Source: https://pale-small-origami.glitch.me/ Matcher: Template: microsoft matched with high similarity
Yara detected HtmlPhish_10
Source: Yara match File source: 48844.pages.csv, type: HTML
Phishing site detected (based on image similarity)
Source: https://pale-small-origami.glitch.me/ Matcher: Found strong image similarity, brand: Microsoft image: 48844.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Phishing site detected (based on logo template match)
Source: https://pale-small-origami.glitch.me/ Matcher: Template: google matched
Found iframes
Source: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708 HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-W9LSCFD
Source: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708 HTTP Parser: Iframe src: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Source: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708 HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-W9LSCFD
Source: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708 HTTP Parser: Iframe src: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
HTML body contains low number of good links
Source: https://pale-small-origami.glitch.me/ HTTP Parser: Number of links: 0
Source: https://pale-small-origami.glitch.me/ HTTP Parser: Number of links: 0
HTML title does not match URL
Source: https://pale-small-origami.glitch.me/ HTTP Parser: Title: Sign in does not match URL
Source: https://pale-small-origami.glitch.me/ HTTP Parser: Title: Sign in does not match URL
Source: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708 HTTP Parser: No <meta name="author".. found
Source: https://pale-small-origami.glitch.me/ HTTP Parser: No <meta name="author".. found
Source: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708 HTTP Parser: No <meta name="author".. found
Source: https://pale-small-origami.glitch.me/ HTTP Parser: No <meta name="author".. found
Source: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708 HTTP Parser: No <meta name="copyright".. found
Source: https://pale-small-origami.glitch.me/ HTTP Parser: No <meta name="copyright".. found
Source: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708 HTTP Parser: No <meta name="copyright".. found
Source: https://pale-small-origami.glitch.me/ HTTP Parser: No <meta name="copyright".. found

Compliance:

barindex
Creates a directory in C:\Program Files
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
Uses secure TLS version for HTTPS connections
Source: unknown HTTPS traffic detected: 52.29.76.203:443 -> 192.168.2.5:49732 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.121:443 -> 192.168.2.5:49748 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.215.10.11:443 -> 192.168.2.5:49754 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.215.10.11:443 -> 192.168.2.5:49755 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.211.204:443 -> 192.168.2.5:49783 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.134.247.58:443 -> 192.168.2.5:49788 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.12.157:443 -> 192.168.2.5:49794 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.58.150.147:443 -> 192.168.2.5:49792 version: TLS 1.2
Source: unknown HTTPS traffic detected: 44.241.10.203:443 -> 192.168.2.5:49796 version: TLS 1.2
Source: unknown HTTPS traffic detected: 44.241.10.203:443 -> 192.168.2.5:49798 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.70.176:443 -> 192.168.2.5:49810 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.130.171:443 -> 192.168.2.5:49812 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.225.168.201:443 -> 192.168.2.5:49808 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.17.2.180:443 -> 192.168.2.5:49814 version: TLS 1.2
Source: unknown HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.5:49813 version: TLS 1.2
Source: unknown HTTPS traffic detected: 108.161.189.78:443 -> 192.168.2.5:49819 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.1.140:443 -> 192.168.2.5:49820 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.134.247.58:443 -> 192.168.2.5:49825 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.244.42.69:443 -> 192.168.2.5:49833 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.1.140:443 -> 192.168.2.5:49837 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.245.46.233:443 -> 192.168.2.5:49839 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.45.196.192:443 -> 192.168.2.5:49841 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.153.6.179:443 -> 192.168.2.5:49847 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.153.6.179:443 -> 192.168.2.5:49845 version: TLS 1.2
Source: unknown HTTPS traffic detected: 44.238.130.186:443 -> 192.168.2.5:49848 version: TLS 1.2
Source: unknown HTTPS traffic detected: 44.238.130.186:443 -> 192.168.2.5:49851 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.249.70.28:443 -> 192.168.2.5:49857 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.251.161.187:443 -> 192.168.2.5:49858 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.244.42.67:443 -> 192.168.2.5:49880 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.244.42.67:443 -> 192.168.2.5:49881 version: TLS 1.2
Source: unknown HTTPS traffic detected: 99.83.219.81:443 -> 192.168.2.5:49898 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.174.127.31:443 -> 192.168.2.5:49901 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.22:443 -> 192.168.2.5:49904 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.22:443 -> 192.168.2.5:49905 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.22:443 -> 192.168.2.5:49907 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.123:443 -> 192.168.2.5:49924 version: TLS 1.2
Source: Current Session.0.dr String found in binary or memory: X(https://www.facebook.com/tr/ [id ev ] #0 equals www.facebook.com (Facebook)
Source: Current Session.0.dr String found in binary or memory: [{"@context":"http://schema.org","@type":"Corporation","url":"https://clickup.com","logo":"https://clickup.com/images/schema_org/logo.png","image":"https://clickup.com/images/schema_org/image.png","address":{"@type":"PostalAddress","addressLocality":"San Diego","addressRegion":"CA","streetAddress":"363 Fifth Ave. Suite 300"},"description":"ClickUp is a project management platform with rich customization tailored to each individual project and team.","name":"ClickUp","telephone":"1-888-625-4258","sameAs":["https://www.linkedin.com/company/12949663","https://www.facebook.com/clickupprojectmanagement/","https://twitter.com/clickup"]}] equals www.facebook.com (Facebook)
Source: Current Session.0.dr String found in binary or memory: [{"@context":"http://schema.org","@type":"Corporation","url":"https://clickup.com","logo":"https://clickup.com/images/schema_org/logo.png","image":"https://clickup.com/images/schema_org/image.png","address":{"@type":"PostalAddress","addressLocality":"San Diego","addressRegion":"CA","streetAddress":"363 Fifth Ave. Suite 300"},"description":"ClickUp is a project management platform with rich customization tailored to each individual project and team.","name":"ClickUp","telephone":"1-888-625-4258","sameAs":["https://www.linkedin.com/company/12949663","https://www.facebook.com/clickupprojectmanagement/","https://twitter.com/clickup"]}] equals www.linkedin.com (Linkedin)
Source: Current Session.0.dr String found in binary or memory: [{"@context":"http://schema.org","@type":"Corporation","url":"https://clickup.com","logo":"https://clickup.com/images/schema_org/logo.png","image":"https://clickup.com/images/schema_org/image.png","address":{"@type":"PostalAddress","addressLocality":"San Diego","addressRegion":"CA","streetAddress":"363 Fifth Ave. Suite 300"},"description":"ClickUp is a project management platform with rich customization tailored to each individual project and team.","name":"ClickUp","telephone":"1-888-625-4258","sameAs":["https://www.linkedin.com/company/12949663","https://www.facebook.com/clickupprojectmanagement/","https://twitter.com/clickup"]}] equals www.twitter.com (Twitter)
Source: Reporting and NEL.1.dr String found in binary or memory: coep_reporthttps://www.facebook.com/browser_reporting/ equals www.facebook.com (Facebook)
Source: Reporting and NEL.1.dr String found in binary or memory: coep_reporthttps://www.facebook.com/browser_reporting/Y equals www.facebook.com (Facebook)
Source: Reporting and NEL.1.dr String found in binary or memory: coop_reporthttps://www.facebook.com/browser_reporting/ equals www.facebook.com (Facebook)
Source: Reporting and NEL.1.dr String found in binary or memory: coop_reporthttps://www.facebook.com/browser_reporting/Y equals www.facebook.com (Facebook)
Source: Current Session.0.dr String found in binary or memory: https://www.facebook.com/tr/ equals www.facebook.com (Facebook)
Source: Current Session.0.dr String found in binary or memory: id=124630241461844&ev=Microdata&dl=https%3A%2F%2Fclickup.com%2F%3Futm_source%3Dclickup%26utm_medium%3Ddoc%26utm_campaign%3D8666708&rl=&if=false&ts=1614318167526&cd%5BDataLayer%5D=%5B%5D&cd%5BMeta%5D=%7B%22title%22%3A%22ClickUp%E2%84%A2+%7C+One+app+to+replace+them+all%22%2C%22meta%3Adescription%22%3A%22Our+mission+is+to+make+the+world+more+productive.+To+do+this%2C+we+built+one+app+to+replace+them+all+-+Tasks%2C+Docs%2C+Goals%2C+and+Chat.%22%7D&cd%5BOpenGraph%5D=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fclickup.com%2Flanding%2Fimages%2Fclickup-logo-gradient.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fclickup.com%2Flanding%2Fimages%2Fclickup-logo-gradient.png%22%7D&cd%5BSchema.org%5D=%5B%7B%22dimensions%22%3A%7B%22h%22%3A913%2C%22w%22%3A1263%7D%2C%22properties%22%3A%7B%22image%22%3A%22https%3A%2F%2Fclickup.com%2Flanding%2Fimages%2Fclickup-logo-gradient.png%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd%5BJSON-LD%5D=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Corporation%22%2C%22url%22%3A%22https%3A%2F%2Fclickup.com%22%2C%22logo%22%3A%22https%3A%2F%2Fclickup.com%2Fimages%2Fschema_org%2Flogo.png%22%2C%22image%22%3A%22https%3A%2F%2Fclickup.com%2Fimages%2Fschema_org%2Fimage.png%22%2C%22address%22%3A%7B%22%40type%22%3A%22PostalAddress%22%2C%22addressLocality%22%3A%22San+Diego%22%2C%22addressRegion%22%3A%22CA%22%2C%22streetAddress%22%3A%22363+Fifth+Ave.+Suite+300%22%7D%2C%22description%22%3A%22ClickUp+is+a+project+management+platform+with+rich+customization+tailored+to+each+individual+project+and+team.%22%2C%22name%22%3A%22ClickUp%22%2C%22telephone%22%3A%221-888-625-4258%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F12949663%22%2C%22https%3A%2F%2Fwww.facebook.com%2Fclickupprojectmanagement%2F%22%2C%22https%3A%2F%2Ftwitter.com%2Fclickup%22%5D%7D%5D&sw=1280&sh=1024&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1614318166696.822304215&it=1614318165850&coo=false&es=automatic&tm=3&rqm=formPOST equals www.facebook.com (Facebook)
Source: Current Session.0.dr String found in binary or memory: id=124630241461844&ev=Microdata&dl=https%3A%2F%2Fclickup.com%2F%3Futm_source%3Dclickup%26utm_medium%3Ddoc%26utm_campaign%3D8666708&rl=&if=false&ts=1614318167526&cd%5BDataLayer%5D=%5B%5D&cd%5BMeta%5D=%7B%22title%22%3A%22ClickUp%E2%84%A2+%7C+One+app+to+replace+them+all%22%2C%22meta%3Adescription%22%3A%22Our+mission+is+to+make+the+world+more+productive.+To+do+this%2C+we+built+one+app+to+replace+them+all+-+Tasks%2C+Docs%2C+Goals%2C+and+Chat.%22%7D&cd%5BOpenGraph%5D=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fclickup.com%2Flanding%2Fimages%2Fclickup-logo-gradient.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fclickup.com%2Flanding%2Fimages%2Fclickup-logo-gradient.png%22%7D&cd%5BSchema.org%5D=%5B%7B%22dimensions%22%3A%7B%22h%22%3A913%2C%22w%22%3A1263%7D%2C%22properties%22%3A%7B%22image%22%3A%22https%3A%2F%2Fclickup.com%2Flanding%2Fimages%2Fclickup-logo-gradient.png%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd%5BJSON-LD%5D=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Corporation%22%2C%22url%22%3A%22https%3A%2F%2Fclickup.com%22%2C%22logo%22%3A%22https%3A%2F%2Fclickup.com%2Fimages%2Fschema_org%2Flogo.png%22%2C%22image%22%3A%22https%3A%2F%2Fclickup.com%2Fimages%2Fschema_org%2Fimage.png%22%2C%22address%22%3A%7B%22%40type%22%3A%22PostalAddress%22%2C%22addressLocality%22%3A%22San+Diego%22%2C%22addressRegion%22%3A%22CA%22%2C%22streetAddress%22%3A%22363+Fifth+Ave.+Suite+300%22%7D%2C%22description%22%3A%22ClickUp+is+a+project+management+platform+with+rich+customization+tailored+to+each+individual+project+and+team.%22%2C%22name%22%3A%22ClickUp%22%2C%22telephone%22%3A%221-888-625-4258%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F12949663%22%2C%22https%3A%2F%2Fwww.facebook.com%2Fclickupprojectmanagement%2F%22%2C%22https%3A%2F%2Ftwitter.com%2Fclickup%22%5D%7D%5D&sw=1280&sh=1024&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1614318166696.822304215&it=1614318165850&coo=false&es=automatic&tm=3&rqm=formPOST equals www.linkedin.com (Linkedin)
Source: unknown DNS traffic detected: queries for: doc.clickup.com
Source: 4CA77D36767B6202D4786BF3D1EC52420.1.dr String found in binary or memory: http://crl.securetrust.com/STCA.crl0
Source: 77EC63BDA74BD0D0E0426DC8F8008506.1.dr String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: Current Session.0.dr String found in binary or memory: http://schema.org
Source: Current Session.0.dr String found in binary or memory: http://schema.org/WebPage
Source: 4CA77D36767B6202D4786BF3D1EC5242.1.dr String found in binary or memory: http://ssl.trustwave.com/issuers/STCA.crt
Source: Reporting and NEL.1.dr String found in binary or memory: https://a.nel.cloudflare.com/report?s=2qSDxEO%2Bl16iEO%2Fr9dXZQqGJD0MD0GfEkqEOr9zZJVapODq9dxMtkrwDYC
Source: Reporting and NEL.1.dr String found in binary or memory: https://a.nel.cloudflare.com/report?s=O11DbKbToEDYU8BbPXLEMOvzLTbKNgfKv%2FYXb5hD6n5s5XyhWCSPrCk9kKob
Source: Reporting and NEL.1.dr String found in binary or memory: https://a.nel.cloudflare.com/report?s=o%2FAlgqyvzQo5eu%2F2EwtzvMPlVJRf7drni9ddf4mPxRbirxgkwaBZcF0FxM
Source: 4d623bcd069ac743_0.0.dr String found in binary or memory: https://a.quora.com/qevents.js
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr, manifest.json0.0.dr String found in binary or memory: https://accounts.google.com
Source: 76094a390b8abd4a_0.0.dr String found in binary or memory: https://acsbapp.com/apps/app/dist/js/app.js
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr, manifest.json0.0.dr String found in binary or memory: https://apis.google.com
Source: Favicons-journal.0.dr String found in binary or memory: https://app-cdn.clickup.com/assets/favicons/favicon-32x32.png
Source: Network Action Predictor.0.dr String found in binary or memory: https://calendly.com/
Source: 701263a561b04671_0.0.dr String found in binary or memory: https://calendly.com/assets/external/widget.js
Source: d9133d4093e7cc49_0.0.dr String found in binary or memory: https://cdn.firstpromoter.com/fprom.js
Source: d6a93f49c5fe3a17_0.0.dr String found in binary or memory: https://cdn.pdst.fm/ping.min.js
Source: 31aa3190c5efd805_0.0.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/bowser.min.js
Source: b11f6c304de41b06_0.0.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Source: Current Session.0.dr String found in binary or memory: https://clickup.com
Source: 372528a3f8712b40_0.0.dr, 099b5e3dfcf45bcf_0.0.dr, 000003.log3.0.dr, 4303153a6c225d91_0.0.dr, 73b471123e2428a3_0.0.dr, 8fd5d1efccaacc9f_0.0.dr, 000003.log0.0.dr String found in binary or memory: https://clickup.com/
Source: f8a2aae8c7eea631_0.0.dr String found in binary or memory: https://clickup.com/$M
Source: 4d623bcd069ac743_0.0.dr String found in binary or memory: https://clickup.com//
Source: d3f4ed42682742c9_0.0.dr String found in binary or memory: https://clickup.com/?
Source: Current Session.0.dr String found in binary or memory: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708
Source: Current Session.0.dr String found in binary or memory: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708&ClickUp
Source: History-journal.0.dr String found in binary or memory: https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708ClickUp
Source: 7e26d863851b82b7_0.0.dr String found in binary or memory: https://clickup.com/E
Source: ecba0530bad5195f_0.0.dr String found in binary or memory: https://clickup.com/H
Source: 4071488f0118ba2c_0.0.dr String found in binary or memory: https://clickup.com/I$
Source: f8a2aae8c7eea631_0.0.dr String found in binary or memory: https://clickup.com/J
Source: 76094a390b8abd4a_0.0.dr String found in binary or memory: https://clickup.com/J:%
Source: 060571bc15e680b3_0.0.dr String found in binary or memory: https://clickup.com/L
Source: 426f0f97b11e76c3_0.0.dr String found in binary or memory: https://clickup.com/O
Source: e65c83fcefffa33a_0.0.dr String found in binary or memory: https://clickup.com/OX
Source: cae14352f97fb1aa_0.0.dr String found in binary or memory: https://clickup.com/Q
Source: 438fcc93076e9e9c_0.0.dr String found in binary or memory: https://clickup.com/Y
Source: 668970570f5e454b_0.0.dr String found in binary or memory: https://clickup.com/Z
Source: afbc24eaef0bbeb7_0.0.dr String found in binary or memory: https://clickup.com/cu
Source: Current Session.0.dr String found in binary or memory: https://clickup.com/images/schema_org/image.png
Source: Current Session.0.dr String found in binary or memory: https://clickup.com/images/schema_org/logo.png
Source: 668970570f5e454b_0.0.dr String found in binary or memory: https://clickup.com/j
Source: Favicons.0.dr String found in binary or memory: https://clickup.com/landing/favicons/favicon-32x32.png
Source: Favicons.0.dr String found in binary or memory: https://clickup.com/landing/favicons/favicon-32x32.pngB
Source: Current Session.0.dr String found in binary or memory: https://clickup.com/landing/images/clickup-logo-gradient.png
Source: b482e01c93094c80_0.0.dr String found in binary or memory: https://clickup.com/landing/js/app.min.120a1dff.js
Source: 8fd5d1efccaacc9f_0.0.dr String found in binary or memory: https://clickup.com/landing/js/cssrelpreload.js
Source: 73b471123e2428a3_0.0.dr String found in binary or memory: https://clickup.com/landing/js/typed.min.js
Source: 1408a718ac481827_0.0.dr String found in binary or memory: https://clickup.com/t
Source: 7f8fede988c53756_0.0.dr String found in binary or memory: https://clickup.com/tJ
Source: 81950e9ecb9b5351_0.0.dr String found in binary or memory: https://clickup.com/w
Source: be2d99002a93a98a_0.0.dr String found in binary or memory: https://clickup.com/x
Source: 4589da573ea5c1c6_0.0.dr String found in binary or memory: https://clickup.com/z
Source: Current Session.0.dr String found in binary or memory: https://clickup.comh
Source: Network Action Predictor.0.dr String found in binary or memory: https://client-registry.mutinycdn.com/
Source: 8fbb15542bd0b54d_0.0.dr String found in binary or memory: https://client-registry.mutinycdn.com/personalize/client/e970333877260fa7.js
Source: 90c36c75ff2a1ff6_0.0.dr String found in binary or memory: https://client.mutinycdn.com/mutiny-client/4.1.1.5.js
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr String found in binary or memory: https://clients2.googleusercontent.com
Source: 293e5233d64a0a25_0.0.dr String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: f4e88cc7f3307961_0.0.dr String found in binary or memory: https://connect.facebook.net/signals/config/124630241461844?v=2.9.33&r=stable
Source: manifest.json0.0.dr String found in binary or memory: https://content.googleapis.com
Source: 95097a95-8bab-45e6-a8f4-2a8c2bc140d5.tmp.1.dr, 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr, 9f0ba012-829b-4938-8dbf-fef5ec645bfd.tmp.1.dr String found in binary or memory: https://dns.google
Source: 000003.log3.0.dr, Current Session.0.dr String found in binary or memory: https://doc.clickup.com
Source: 000003.log3.0.dr String found in binary or memory: https://doc.clickup.com%_https://doc.clickup.com
Source: c7327b2c27d4aad8_0.0.dr String found in binary or memory: https://doc.clickup.com/2-es2015.80c13cde974ec82050f9.js
Source: 689332e427d15ae4_0.0.dr String found in binary or memory: https://doc.clickup.com/20-es2015.666b0fb40ec673ec73d7.js
Source: d3f4ed42682742c9_0.0.dr String found in binary or memory: https://doc.clickup.com/30-es2015.c8400463cbca5eefae05.js
Source: 399055e3fa3b678b_0.0.dr String found in binary or memory: https://doc.clickup.com/4-es2015.e012bd08670670cdbbee.js
Source: 426f0f97b11e76c3_0.0.dr String found in binary or memory: https://doc.clickup.com/5-es2015.5bc3006d8825d1f0c7fe.js
Source: 438fcc93076e9e9c_0.0.dr String found in binary or memory: https://doc.clickup.com/6-es2015.cba4f5449c46d437389a.js
Source: cae14352f97fb1aa_0.0.dr String found in binary or memory: https://doc.clickup.com/8-es2015.572c4744fe272494ec6d.js
Source: Current Session.0.dr, History-journal.0.dr String found in binary or memory: https://doc.clickup.com/d/h/88fjm-14/9b55da9c0a2598a
Source: History Provider Cache.0.dr String found in binary or memory: https://doc.clickup.com/d/h/88fjm-14/9b55da9c0a2598a2
Source: History-journal.0.dr String found in binary or memory: https://doc.clickup.com/d/h/88fjm-14/9b55da9c0a2598aMS
Source: d914bd0e979d4799_0.0.dr String found in binary or memory: https://doc.clickup.com/main-es2015.8cfd6901e25e8624f9e5.js
Source: c2c5635b1cb2c5d5_0.0.dr String found in binary or memory: https://doc.clickup.com/polyfills-es2015.74fd49d5fff3696d5809.js
Source: 21cda92b5a14b9f1_0.0.dr String found in binary or memory: https://doc.clickup.com/runtime-es2015.1e4c4eb7935977bacb85.js
Source: 73d613a0-1d9e-4787-b174-f6001c9eb0aa.tmp.0.dr String found in binary or memory: https://doc.clickup.com:443
Source: 000003.log3.0.dr String found in binary or memory: https://docs.clickup.com
Source: da27c87340da77ca_0.0.dr String found in binary or memory: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=31571&tdr=&plh=https%3A%2F%2Fclickup.com%2F%3Fu
Source: a81f1b4d5a99dd1d_0.0.dr String found in binary or memory: https://edge.fullstory.com/s/fs.js
Source: manifest.json0.0.dr String found in binary or memory: https://feedback.googleusercontent.com
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.googleapis.com;
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.dr String found in binary or memory: https://fonts.gstatic.com;
Source: 81950e9ecb9b5351_0.0.dr String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/617640813/?random=1614318166622&cv=
Source: 3783441f7181a3e9_0.0.dr String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/617640813/?random=1614318166627&cv=
Source: 68fe4b04414a05eb_0.0.dr String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/617640813/?random=1614318166633&cv=
Source: 43724727b15723b9_0.0.dr String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/617640813/?random=1614318176073&cv=
Source: 7f8fede988c53756_0.0.dr String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/617640813/?random=1614318179820&cv=
Source: 7188dd9bfd300813_0.0.dr String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/867030291/?random=1614318166635&cv=
Source: 7e26d863851b82b7_0.0.dr String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/867030291/?random=1614318176081&cv=
Source: manifest.json0.0.dr String found in binary or memory: https://hangouts.google.com/
Source: 099b5e3dfcf45bcf_0.0.dr String found in binary or memory: https://js.hs-analytics.net/analytics/1614285600000/6613321.js
Source: 4303153a6c225d91_0.0.dr String found in binary or memory: https://js.hs-scripts.com/6613321.js
Source: 0cf69c09debb1d32_0.0.dr String found in binary or memory: https://js.hscollectedforms.net/collectedforms.js
Source: e62126747b8640fd_0.0.dr String found in binary or memory: https://js.intercomcdn.com/app-modern.16409436.js
Source: 38aa030603a13736_0.0.dr String found in binary or memory: https://js.intercomcdn.com/frame-modern.17b2a5c1.js
Source: 71d60bb0bfb5747b_0.0.dr String found in binary or memory: https://js.intercomcdn.com/shim.latest.js
Source: a64461351d5f2a59_0.0.dr String found in binary or memory: https://js.intercomcdn.com/vendor-modern.2ab434f6.js
Source: 9cf84dddf1420918_0.0.dr String found in binary or memory: https://js.intercomcdn.com/vendors~app-modern.257e5d56.js
Source: 1408a718ac481827_0.0.dr String found in binary or memory: https://m.servedby-buysellads.com/monetization.it.js
Source: 1dfebe463549e1f9_0.0.dr String found in binary or memory: https://ob.cheqzone.com/clicktrue_invocation.js?id=3839
Source: 396648a11d6cfbf5_0.0.dr String found in binary or memory: https://obs.cheqzone.com/ct?id=3839&url=https%3A%2F%2Fclickup.com%2F%3Futm_source%3Dclickup%26utm_me
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr String found in binary or memory: https://ogs.google.com
Source: Current Session.0.dr String found in binary or memory: https://pale-small-origami.glitch.me
Source: Current Session.0.dr String found in binary or memory: https://pale-small-origami.glitch.me%https://pale-small-origami.glitch.me/
Source: Current Session.0.dr String found in binary or memory: https://pale-small-origami.glitch.me/
Source: History Provider Cache.0.dr String found in binary or memory: https://pale-small-origami.glitch.me/2
Source: History.0.dr String found in binary or memory: https://pale-small-origami.glitch.me/Sign
Source: History-journal.0.dr String found in binary or memory: https://pale-small-origami.glitch.me/Waking
Source: 31aa3190c5efd805_0.0.dr String found in binary or memory: https://pale-small-origami.glitch.me/t
Source: manifest.json.0.dr String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: ecba0530bad5195f_0.0.dr String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: bfbf5849650ec0d2_0.0.dr String found in binary or memory: https://px.steelhousemedia.com/st?ga_tracking_id=UA-87708648-1&ga_client_id=1304408799.1614318149&sh
Source: manifest.json.0.dr String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 372528a3f8712b40_0.0.dr String found in binary or memory: https://script.hotjar.com/modules.dbbd0f16dca02537aef0.js
Source: 4071488f0118ba2c_0.0.dr String found in binary or memory: https://scripts.attributionapp.com/attribution.js
Source: ecba0530bad5195f_0.0.dr String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: ecba0530bad5195f_0.0.dr String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.jsaD
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr String found in binary or memory: https://ssl.gstatic.com
Source: f7fd71217955a417_0.0.dr String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Source: 86f3493414ae88e3_0.0.dr String found in binary or memory: https://static.ads-twitter.com/uwt.js
Source: bceb1bf92d92d13e_0.0.dr String found in binary or memory: https://static.hotjar.com/c/hotjar-779854.js?sv=6
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: be4f8f8a4aeaa100_0.0.dr String found in binary or memory: https://tag.getdrip.com/4818331.js
Source: 000003.log0.0.dr String found in binary or memory: https://vars.hotjar.com/
Source: Current Session.0.dr String found in binary or memory: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Source: 9229dca696207896_0.0.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: 060571bc15e680b3_0.0.dr String found in binary or memory: https://www.google-analytics.com/gtm/js?id=GTM-PBLF7VJ&t=gtag_UA_87708648_1&cid=1304408799.161431814
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr, manifest.json0.0.dr String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr String found in binary or memory: https://www.google.com/
Source: manifest.json0.0.dr String found in binary or memory: https://www.google.com;
Source: 4a2623481b433f65_0.0.dr String found in binary or memory: https://www.googleadservices.com/pagead/conversion/617640813/?random=1614318176075&cv=9&fst=16143181
Source: afbc24eaef0bbeb7_0.0.dr String found in binary or memory: https://www.googleadservices.com/pagead/conversion/867030291/?random=1614318176082&cv=9&fst=16143181
Source: be2d99002a93a98a_0.0.dr String found in binary or memory: https://www.googleadservices.com/pagead/conversion_async.js
Source: be2d99002a93a98a_0.0.dr String found in binary or memory: https://www.googleadservices.com/pagead/conversion_async.jsaD
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: Network Action Predictor.0.dr String found in binary or memory: https://www.googleoptimize.com/
Source: 4e268f2ebf5198c2_0.0.dr String found in binary or memory: https://www.googleoptimize.com/optimize.js?id=GTM-PBLF7VJ
Source: f8a2aae8c7eea631_0.0.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-617640813
Source: c2829b54881167c2_0.0.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-617640813&l=dataLayer&cx=c
Source: cc7c77a27c21d11b_0.0.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-867030291
Source: f7bde544f5eb53fd_0.0.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-867030291&l=dataLayer&cx=c
Source: d1e77cef7d85a72b_0.0.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-87708648-1
Source: 302386b6e7db3ed0_0.0.dr String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-W9LSCFD
Source: 9222b070-7287-4cdd-bb70-e35b6a9fe87f.tmp.1.dr String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.dr String found in binary or memory: https://www.gstatic.com;
Source: Current Session.0.dr String found in binary or memory: https://www.linkedin.com/company/12949663
Source: 4589da573ea5c1c6_0.0.dr String found in binary or memory: https://www.redditstatic.com/ads/pixel.js
Source: a0836518de30683a_0.0.dr String found in binary or memory: https://x.clearbitjs.com/v1/pk_77a36b09108b9b80c547cddad434b648/clearbit.min.js
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown HTTPS traffic detected: 52.29.76.203:443 -> 192.168.2.5:49732 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.121:443 -> 192.168.2.5:49748 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.215.10.11:443 -> 192.168.2.5:49754 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.215.10.11:443 -> 192.168.2.5:49755 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.211.204:443 -> 192.168.2.5:49783 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.134.247.58:443 -> 192.168.2.5:49788 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.12.157:443 -> 192.168.2.5:49794 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.58.150.147:443 -> 192.168.2.5:49792 version: TLS 1.2
Source: unknown HTTPS traffic detected: 44.241.10.203:443 -> 192.168.2.5:49796 version: TLS 1.2
Source: unknown HTTPS traffic detected: 44.241.10.203:443 -> 192.168.2.5:49798 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.70.176:443 -> 192.168.2.5:49810 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.17.130.171:443 -> 192.168.2.5:49812 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.225.168.201:443 -> 192.168.2.5:49808 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.17.2.180:443 -> 192.168.2.5:49814 version: TLS 1.2
Source: unknown HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.5:49813 version: TLS 1.2
Source: unknown HTTPS traffic detected: 108.161.189.78:443 -> 192.168.2.5:49819 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.1.140:443 -> 192.168.2.5:49820 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.134.247.58:443 -> 192.168.2.5:49825 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.244.42.69:443 -> 192.168.2.5:49833 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.1.140:443 -> 192.168.2.5:49837 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.245.46.233:443 -> 192.168.2.5:49839 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.45.196.192:443 -> 192.168.2.5:49841 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.153.6.179:443 -> 192.168.2.5:49847 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.153.6.179:443 -> 192.168.2.5:49845 version: TLS 1.2
Source: unknown HTTPS traffic detected: 44.238.130.186:443 -> 192.168.2.5:49848 version: TLS 1.2
Source: unknown HTTPS traffic detected: 44.238.130.186:443 -> 192.168.2.5:49851 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.249.70.28:443 -> 192.168.2.5:49857 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.251.161.187:443 -> 192.168.2.5:49858 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.244.42.67:443 -> 192.168.2.5:49880 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.244.42.67:443 -> 192.168.2.5:49881 version: TLS 1.2
Source: unknown HTTPS traffic detected: 99.83.219.81:443 -> 192.168.2.5:49898 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.174.127.31:443 -> 192.168.2.5:49901 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.22:443 -> 192.168.2.5:49904 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.22:443 -> 192.168.2.5:49905 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.22:443 -> 192.168.2.5:49907 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.227.156.123:443 -> 192.168.2.5:49924 version: TLS 1.2
Source: classification engine Classification label: mal72.phis.win@32/246@80/68
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60388A3E-1208.pma Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Temp\f678c25b-114e-4507-a884-e686089b9797.tmp Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://doc.clickup.com/d/h/88fjm-14/9b55da9c0a2598a'
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1612,2893176907998818176,3513762577707477399,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1672 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1612,2893176907998818176,3513762577707477399,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1672 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 358580 URL: https://doc.clickup.com/d/h... Startdate: 25/02/2021 Architecture: WINDOWS Score: 72 13 t8666708.p.clickup-attachments.com 2->13 15 px.steelhousemedia.com 2->15 17 10 other IPs or domains 2->17 29 Antivirus / Scanner detection for submitted sample 2->29 31 Phishing site detected (based on favicon image match) 2->31 33 Yara detected HtmlPhish_10 2->33 35 2 other signatures 2->35 7 chrome.exe 15 460 2->7         started        signatures3 process4 dnsIp5 19 192.168.2.1 unknown unknown 7->19 21 239.255.255.250 unknown Reserved 7->21 10 chrome.exe 136 7->10         started        process6 dnsIp7 23 s.twitter.com 104.244.42.67 TWITTERUS United States 10->23 25 t.co 104.244.42.69, 443, 49833 TWITTERUS United States 10->25 27 99 other IPs or domains 10->27
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
99.84.90.85
 unknown United States
16509 AMAZON-02US false
104.19.155.83
 unknown United States
13335 CLOUDFLARENETUS false
34.107.252.72
 unknown United States
15169 GOOGLEUS false
99.84.90.89
 unknown United States
16509 AMAZON-02US false
13.227.156.8
 unknown United States
16509 AMAZON-02US false
35.186.194.58
 unknown United States
15169 GOOGLEUS false
31.13.92.36
 unknown Ireland
32934 FACEBOOKUS false
161.35.15.77
 unknown United States
14061 DIGITALOCEAN-ASNUS false
35.174.127.31
 unknown United States
14618 AMAZON-AESUS false
18.215.10.11
 unknown United States
14618 AMAZON-AESUS false
151.101.1.2
 unknown United States
54113 FASTLYUS false
104.18.21.191
 unknown United States
13335 CLOUDFLARENETUS false
50.17.2.180
 unknown United States
14618 AMAZON-AESUS false
13.227.156.22
 unknown United States
16509 AMAZON-02US false
167.172.136.187
 unknown United States
14061 DIGITALOCEAN-ASNUS false
104.16.18.94
 unknown United States
13335 CLOUDFLARENETUS false
13.227.156.61
 unknown United States
16509 AMAZON-02US false
99.84.90.83
 unknown United States
16509 AMAZON-02US false
18.134.247.58
 unknown United States
16509 AMAZON-02US false
104.17.211.204
 unknown United States
13335 CLOUDFLARENETUS false
104.19.154.83
 unknown United States
13335 CLOUDFLARENETUS false
13.227.156.123
 unknown United States
16509 AMAZON-02US false
54.245.46.233
 unknown United States
16509 AMAZON-02US false
99.84.90.13
 unknown United States
16509 AMAZON-02US false
13.227.156.121
 unknown United States
16509 AMAZON-02US false
34.251.161.187
 unknown United States
16509 AMAZON-02US false
99.84.90.17
 unknown United States
16509 AMAZON-02US false
44.238.130.186
 unknown United States
16509 AMAZON-02US false
34.249.70.28
 unknown United States
16509 AMAZON-02US false
239.255.255.250
 unknown Reserved
unknown unknown false
31.13.92.2
 unknown Ireland
32934 FACEBOOKUS false
89.187.165.193
 unknown Czech Republic
60068 CDN77GB false
216.239.36.54
 unknown United States
15169 GOOGLEUS false
104.16.88.5
 unknown United States
13335 CLOUDFLARENETUS false
13.227.156.11
 unknown United States
16509 AMAZON-02US false
104.17.70.176
 unknown United States
13335 CLOUDFLARENETUS false
151.101.12.157
 unknown United States
54113 FASTLYUS false
104.17.130.171
 unknown United States
13335 CLOUDFLARENETUS false
99.84.90.20
 unknown United States
16509 AMAZON-02US false
142.250.184.67
 unknown United States
15169 GOOGLEUS false
31.13.92.14
 unknown Ireland
32934 FACEBOOKUS false
108.161.189.78
 unknown United States
33438 HIGHWINDS2US false
54.225.168.201
 unknown United States
14618 AMAZON-AESUS false
74.125.71.157
 unknown United States
15169 GOOGLEUS false
99.84.90.9
 unknown United States
16509 AMAZON-02US false
13.227.156.87
 unknown United States
16509 AMAZON-02US false
108.174.11.69
 unknown United States
14413 LINKEDINUS false
142.250.184.33
 unknown United States
15169 GOOGLEUS false
142.250.184.78
 unknown United States
15169 GOOGLEUS false
99.84.90.32
 unknown United States
16509 AMAZON-02US false
35.153.6.179
 unknown United States
14618 AMAZON-AESUS false
104.244.42.69
 unknown United States
13414 TWITTERUS false
104.244.42.67
 unknown United States
13414 TWITTERUS false
44.241.10.203
 unknown United States
16509 AMAZON-02US false
99.83.219.81
 unknown United States
16509 AMAZON-02US false
151.101.1.140
 unknown United States
54113 FASTLYUS false
52.29.76.203
 unknown United States
16509 AMAZON-02US false
52.58.150.147
 unknown United States
16509 AMAZON-02US false
35.201.112.186
 unknown United States
15169 GOOGLEUS false
104.20.248.116
 unknown United States
13335 CLOUDFLARENETUS false
34.210.168.131
 unknown United States
16509 AMAZON-02US false
52.45.196.192
 unknown United States
14618 AMAZON-AESUS false
172.67.74.213
 unknown United States
13335 CLOUDFLARENETUS false
35.244.142.80
 unknown United States
15169 GOOGLEUS false
104.18.27.190
 unknown United States
13335 CLOUDFLARENETUS false

Private
IP
192.168.2.1
192.168.2.6
127.0.0.1

Contacted Domains

Name IP Active
t8666708.p.clickup-attachments.com 13.227.156.121 true
forms.hubspot.com 104.19.154.83 true
clickup.com 13.227.156.22 true
d10w4ikcrdu13z.cloudfront.net 13.227.156.61 true
obs.cheqzone.com 52.45.196.192 true
platform.twitter.map.fastly.net 151.101.12.157 true
pixel2.cheqzone.com 35.153.6.179 true
client.mutinycdn.com 99.84.90.13 true
t.co 104.244.42.69 true
track.hubspot.com 104.19.155.83 true
cdnjs.cloudflare.com 104.16.18.94 true
js.hs-scripts.com 104.17.211.204 true
dx.steelhousemedia.com 44.241.10.203 true
tracking.g2crowd.com 104.18.27.190 true
match-1943069928.eu-west-1.elb.amazonaws.com 34.249.70.28 true
q.quora.com 50.17.2.180 true
quora.map.fastly.net 151.101.1.2 true
static-cdn.hotjar.com 99.84.90.83 true
d2ycxbs0cq3yaz.cloudfront.net 13.227.156.87 true
px.steelhousemedia.com 54.245.46.233 true
js.intercomcdn.com 99.84.90.89 true
js.hs-banner.com 104.18.21.191 true
star-mini.c10r.facebook.com 31.13.92.36 true
stats.l.doubleclick.net 74.125.71.157 true
pale-small-origami.glitch.me 18.215.10.11 true
s.twitter.com 104.244.42.67 true
ww.steelhousemedia.com 44.238.130.186 true
monetization-framework.bsa.netdna-cdn.com 108.161.189.78 true
edge.fullstory.com 35.201.112.186 true
api-iam.intercom.io 99.83.219.81 true
www.googleoptimize.com 142.250.184.78 true
insight-566961044.eu-west-1.elb.amazonaws.com 34.251.161.187 true
clockify.me 13.227.156.123 true
reddit.map.fastly.net 151.101.1.140 true
googleads.g.doubleclick.net 142.250.184.34 true
www.google.co.uk 142.250.184.67 true
acsbapp.com 167.172.136.187 true
atlas.c10r.facebook.com 31.13.92.2 true
calendly.com 104.20.248.116 true
cheqzone2.b-cdn.net 89.187.165.193 true
googlehosted.l.googleusercontent.com 142.250.184.33 true
d5txjkmyderx.cloudfront.net 13.227.156.8 true
forms.hsforms.com 104.16.88.5 true
global-v2.clearbit.com 18.134.247.58 true
pop-eda6.mix.linkedin.com 108.174.11.69 true
elb046299-1187644484.us-east-1.elb.amazonaws.com 54.225.168.201 true
js.hs-analytics.net 104.17.70.176 true
api.exchangeratesapi.io 172.67.74.213 true
x.clearbit.com 18.134.247.58 true
us-central1-adaptive-growth.cloudfunctions.net 216.239.36.54 true
scontent.xx.fbcdn.net 31.13.92.14 true
script.hotjar.com 99.84.90.20 true
cdn.pdst.fm 35.244.142.80 true
nexus-websocket-a.intercom.io 35.174.127.31 true
widget.intercom.io 99.84.90.9 true
fullstory.com 34.107.252.72 true
api.clickup.com 52.58.150.147 true
d279x8308vq8mj.cloudfront.net 99.84.90.85 true
gentle-meadow-3800.shrouded-lake-4691.herokuspace.com 34.210.168.131 true
vars.hotjar.com 99.84.90.32 true
rs.fullstory.com 35.186.194.58 true
api.getdrip.com 13.227.156.11 true
app.clickup.com 52.29.76.203 true
dlx6k0k2hv67n.cloudfront.net 99.84.90.17 true
js.hscollectedforms.net 104.17.130.171 true
alb.reddit.com unknown unknown
static.ads-twitter.com unknown unknown
app-cdn.clickup.com unknown unknown
stats.g.doubleclick.net unknown unknown
clients2.googleusercontent.com unknown unknown
static.hotjar.com unknown unknown
ob.cheqzone.com unknown unknown
match.adsrvr.org unknown unknown
www.redditstatic.com unknown unknown
cx.atdmt.com unknown unknown
doc.clickup.com unknown unknown
connect.facebook.net unknown unknown
px.ads.linkedin.com unknown unknown
cdn.acsbapp.com unknown unknown
a.quora.com unknown unknown
tag.getdrip.com unknown unknown
x.clearbitjs.com unknown unknown
cdn.firstpromoter.com unknown unknown
insight.adsrvr.org unknown unknown
scripts.attributionapp.com unknown unknown
track.attributionapp.com unknown unknown
stackpath.bootstrapcdn.com unknown unknown
www.facebook.com unknown unknown
client-registry.mutinycdn.com unknown unknown
analytics.twitter.com unknown unknown
m.servedby-buysellads.com unknown unknown
snap.licdn.com unknown unknown
user-data.mutinycdn.com unknown unknown
api-v2.mutinyhq.io unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=8666708 false
    		high
    https://pale-small-origami.glitch.me/ false
      		high
      https://doc.clickup.com/d/h/88fjm-14/9b55da9c0a2598a false
        		high