Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://u29271426.ct.sendgrid.net/ls/click?upn=3T7exZ7CPnDMYe213NRbLhq-2B5D4-2BnY-2FiPTzicmL02kUpZ11gmTXTCFRLsy6wjXggLkIYzrB9C24t-2B2-2FWkC5hKNIvF4j-2FvNG-2BV2FxSOqjizVopB7MgrWMoAW0OqtifeU8nsXx_0DZIarqO7rTJkdLOMFYhDD7dyDsIC7p5IrHjuIWYLvkfflMFAz0w3bHha13nk84f2Gg6NRBg3p5GJzNi0w7MkgseIvFKosT9eOBtLlNvwx

Overview

General Information

Sample URL:https://u29271426.ct.sendgrid.net/ls/click?upn=3T7exZ7CPnDMYe213NRbLhq-2B5D4-2BnY-2FiPTzicmL02kUpZ11gmTXTCFRLsy6wjXggLkIYzrB9C24t-2B2-2FWkC5hKNIvF4j-2FvNG-2BV2FxSOqjizVopB7MgrWMoAW0OqtifeU8nsXx_0DZIar
Analysis ID:715062

Detection

HTMLPhisher
Score:60
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Phishing site detected (based on favicon image match)
Yara detected HtmlPhish10
Phishing site detected (based on image similarity)
HTML body contains low number of good links
Found iframes
Suspicious form URL found
No HTML title found
Submit button contains javascript call

Classification

  • System is w10x64_ra
  • chrome.exe (PID: 3592 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://u29271426.ct.sendgrid.net/ls/click?upn=3T7exZ7CPnDMYe213NRbLhq-2B5D4-2BnY-2FiPTzicmL02kUpZ11gmTXTCFRLsy6wjXggLkIYzrB9C24t-2B2-2FWkC5hKNIvF4j-2FvNG-2BV2FxSOqjizVopB7MgrWMoAW0OqtifeU8nsXx_0DZIarqO7rTJkdLOMFYhDD7dyDsIC7p5IrHjuIWYLvkfflMFAz0w3bHha13nk84f2Gg6NRBg3p5GJzNi0w7MkgseIvFKosT9eOBtLlNvwx-2F1e1F3NDnggParWpZFm-2FPSjS1gGUKWYhzU7cFFHD9idZltk1H1NxOa9gNQ5T2Br-2BYl-2BPY4EnDFELBtiHpsENUApjNICGs5jD0cpDtmC-2F5FS9JD8vHdEgDODYsC1TYiABOUpcXaSdgGsL2brbpEnlUGganYnIkydhSLAC7C0gaOWLcpEMrSafFR3ySNWE9FHgqAFx8hnDAwr6Wr2woAk4vGpa8FpMNYu7DPx3rOrMSxQHqV9w7zvcCtIeSVz9yN7VLcIFzjRy5jM4hPDZnSF2gMilUZzuBtx9s8uP-2Fg-2FH-2B3fU1vEBUxtz-2F15OMpp3yc6w5VTJvTiwZodHVKzjAnX1Xe709VhpVo2Lo75G52JsjbSKS-2B-2FkHKf7teOLBNtrScoFbE-2FCoanOGNYnRWJ7mNnwZrYTcwBNA6uvkjVjGPbCjNhDldw643ruGdKMffBTDGB3HragrPRGrrsSdad-2ByG0Gnke298NCaqpC4VkbRSqg-2FEPePxnvrSqgqRLpMcAu0FxIG0vvHLOpBsRKXip-2B1FPI5RG628kNXFkx4uAwwnbg9UJazGaQ3q-2FpSJaSX1514PGquYFWQeIZkiJuklBxoD5ka3LlKUukRTVjBr-2FgVC4Crjm2GBl9-2BXYRN8zX8RR5G4xC-2Fb2qMdgwPEwiR-2Bj9iHttcE-2BbdGkL7O3AjCkoNf4NBinJf4oFKton71fRnwsp0xP-2BR0RGlurfhN1wJrKmK4HnhngB5Dio-2FjoaLb20SMFmnvZrJWuGSYcD8HWbjee65Bcbg-3D MD5: 7BC7B4AEDC055BB02BCB52710132E9E1)
    • chrome.exe (PID: 4520 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1768,i,1560021492578366336,2145283588874095376,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 MD5: 7BC7B4AEDC055BB02BCB52710132E9E1)
  • cleanup
SourceRuleDescriptionAuthorStrings
05992.4.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
    09329.6.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
      No Sigma rule has matched
      No Snort rule has matched

      Click to jump to signature section

      Show All Signature Results

      Phishing

      barindex
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Template: microsoft matched with high similarity
      Source: Yara matchFile source: 05992.4.pages.csv, type: HTML
      Source: Yara matchFile source: 09329.6.pages.csv, type: HTML
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/Matcher: Found strong image similarity, brand: Microsoft image: 05992.4.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.1.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1Matcher: Found strong image similarity, brand: Microsoft image: 09329.6.img.5.gfk.csv A5DBD4393FF6A725C7E62B61DF7E72F0
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: Number of links: 0
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: Number of links: 0
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: Number of links: 0
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: Number of links: 0
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: Iframe src: ./Sign in to your account_files/prefetch(1).html
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: Iframe src: ./Sign in to your account_files/prefetch(1).html
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: Iframe src: ./Sign in to your account_files/prefetch(1).html
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: Iframe src: ./Sign in to your account_files/prefetch(1).html
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: Form action: login.php
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: Form action: login.php
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: Form action: login.php
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: Form action: login.php
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: HTML title missing
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: HTML title missing
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: HTML title missing
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: HTML title missing
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: On click: goNext()
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: On click: goNext()
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: No <meta name="author".. found
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: No <meta name="author".. found
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: No <meta name="author".. found
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: No <meta name="author".. found
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: No <meta name="copyright".. found
      Source: https://davedinkel.com/teamsmp3/appsuite/HTTP Parser: No <meta name="copyright".. found
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: No <meta name="copyright".. found
      Source: https://davedinkel.com/teamsmp3/appsuite/index.php?error&id=sucker@sucker.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1HTTP Parser: No <meta name="copyright".. found
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\GoogleUpdater
      Source: unknownHTTPS traffic detected: 170.39.79.34:443 -> 192.168.2.2:49797 version: TLS 1.2
      Source: unknownDNS traffic detected: queries for: u29271426.ct.sendgrid.net
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
      Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
      Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
      Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
      Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
      Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
      Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
      Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
      Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
      Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
      Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
      Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443