Windows Analysis Report
https://docsend.com/presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp

Overview

General Information

Sample URL:	https://docsend.com/presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp
Analysis ID:	1446717
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Found iframes

Classification

Signatures

Found iframes

Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: Iframe src: https://marketing.docsend.com/view/s/zxqzirinh2bw2bfp
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: Iframe src: https://marketing.docsend.com/view/s/zxqzirinh2bw2bfp
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: Iframe src: https://marketing.docsend.com/view/s/zxqzirinh2bw2bfp
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: Iframe src: https://marketing.docsend.com/view/s/zxqzirinh2bw2bfp

Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found

Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found

Source: unknown

HTTPS traffic detected: 35.186.224.25:443 -> 192.168.11.20:51819 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.200
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /v1/live-tile-xml?region=GB&language=en-US HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WNS/10.0Host: spclient.wg.spotify.com
Source: global traffic	HTTP traffic detected: GET /presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp HTTP/1.1Host: docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /view/s/zxqzirinh2bw2bfp HTTP/1.1Host: docsend.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _v_=Q0Oso9%2FcBhnP%2FNqCK83L6xcY%2BecjrObrIv5T5ticpBgRmRZwgkQVkipKBA6uAHiGZCuvLUjWRDwLa4cEzeI%2Flqzqmsqv2s5xF75Xw1hTOjvlEzvakA%3D%3D--YKm%2BrSFgI%2FDaRhqh--5BHW7OxroDhSorFM54%2FG7g%3D%3D; _dss_=5d9dc3567bdbe23f35ae5789a1822992
Source: global traffic	HTTP traffic detected: GET /assets/javascripts/presentation-5fc604fa15bc87a0fb75ab901b19342a6acea826712827896d4971b241ecb21d.js HTTP/1.1Host: assets.docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"Origin: https://docsend.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/stylesheets/presentation-4b9f317afea33e545f125d4df0bcfd8383b791132b867381ed328572ecd8a7ab.css HTTP/1.1Host: assets.docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D
Source: global traffic	HTTP traffic detected: GET /assets/javascripts/presentation-f83947fa83943be50f03a0df58afdbdbb19a1b9db9a4d6e264f5e0dac7e1ea0b.css HTTP/1.1Host: assets.docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D
Source: global traffic	HTTP traffic detected: GET /assets/javascripts/langpacks/en-7335ca5f4d5fd5c21e920914e3876cac05dc13fc03c0bc660a193782d2749d7a.js HTTP/1.1Host: assets.docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D
Source: global traffic	HTTP traffic detected: GET /pithos/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/privacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/marketing_tracker_client HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/content-folder-HDGUBPAX-14848f87660b30e1ecd01137e63e7c3b6e3d725e5ed598633ce315fa1e4d2afd.svg HTTP/1.1Host: assets.ducksend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets.docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2 HTTP/1.1Host: assets.ducksend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"Origin: https://docsend.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/content-folder-HDGUBPAX-14848f87660b30e1ecd01137e63e7c3b6e3d725e5ed598633ce315fa1e4d2afd.svg HTTP/1.1Host: assets.ducksend.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2 HTTP/1.1Host: assets.ducksend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"Origin: https://docsend.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/host%3Adocsend.com/marketing_tracker_client HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI
Source: global traffic	HTTP traffic detected: GET /pithos/host%3Adocsend.com/privacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI
Source: global traffic	HTTP traffic detected: GET /pithos/host%3Adocsend.com/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI
Source: global traffic	HTTP traffic detected: GET /bundle_headers%2Fdefault_bundle_headers%2F0.jpg?Expires=1716488280&Signature=qea2PNbOs~2MBASM4kws2kf7ltw3vov-M6Cz4P~Pl0-gaDERaqLJE-I8f25mJWh9SMf7-kkBHHky8QRPOV-KxtHkMGolNi6k9Krj938WthpUwfZ1dqfhm-m~TMG1JYDBFkn05LZYGvokw6uogC0wb8~E-2zNMLxzsSwGkzfXYWNSrFBznNOusWYQWuM0NxGse~xB0nPTtw1BAIu9aCBa69CNDdgQLkljLfJtql6jae4KkdJdMF0pfbYNH9Zdec2CdXGXzQAdPXzR8OZF32pWQ1hF5LwcM28bJaf40NyFCoLjB4Rxh8RsX40Bn21kQWkhff5SJu-1mYt5Mx3iS~idCQ__&Key-Pair-Id=K35JMHU7N40WUH HTTP/1.1Host: d2qvtfnm75xrxf.cloudfront.netConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/AtlasGrotesk-Regular-Italic-Web-ZM4W24YU-39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff.woff2 HTTP/1.1Host: assets.ducksend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"Origin: https://docsend.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundle_headers%2Fdefault_bundle_headers%2F0.jpg?Expires=1716488280&Signature=qea2PNbOs~2MBASM4kws2kf7ltw3vov-M6Cz4P~Pl0-gaDERaqLJE-I8f25mJWh9SMf7-kkBHHky8QRPOV-KxtHkMGolNi6k9Krj938WthpUwfZ1dqfhm-m~TMG1JYDBFkn05LZYGvokw6uogC0wb8~E-2zNMLxzsSwGkzfXYWNSrFBznNOusWYQWuM0NxGse~xB0nPTtw1BAIu9aCBa69CNDdgQLkljLfJtql6jae4KkdJdMF0pfbYNH9Zdec2CdXGXzQAdPXzR8OZF32pWQ1hF5LwcM28bJaf40NyFCoLjB4Rxh8RsX40Bn21kQWkhff5SJu-1mYt5Mx3iS~idCQ__&Key-Pair-Id=K35JMHU7N40WUH HTTP/1.1Host: d2qvtfnm75xrxf.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=6 HTTP/1.1Host: docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://docsend.com/view/s/zxqzirinh2bw2bfpAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D; statsig_stable_id=2c1610e0-df03-450e-8c30-7dd05ba1f247
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=6 HTTP/1.1Host: docsend.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D; statsig_stable_id=2c1610e0-df03-450e-8c30-7dd05ba1f247
Source: global traffic	HTTP traffic detected: GET /widget/lv6lji7h HTTP/1.1Host: widget.intercom.ioConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /frame-modern.4d66b2f2.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendor-modern.84baedee.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /messenger/web/ping HTTP/1.1Host: api-iam.intercom.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pubsub/5-mII3z3EmzhYoNzny4-uOBUibyRS0O6Xg3DJk5JZaui-WY-yvUUEHrB9q5f3-jXmBBaWHVa9Zxh9H4XXgwvJygMdYpy7Kxb9-s4S1?X-Nexus-New-Client=true&X-Nexus-Version=0.12.12&user_role=visitor HTTP/1.1Host: nexus-websocket-a.intercom.ioConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Upgrade: websocketOrigin: https://docsend.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: Zk9UH73NA6ekMD7NCl3IBw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /vendors~app~tooltips-modern.9292a7fd.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendors~app-modern.f45e12b6.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app~tooltips-modern.bc0a2f19.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app-modern.ef3c49a6.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /messenger/web/metrics HTTP/1.1Host: api-iam.intercom.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: docsend.com
Source: global traffic	DNS traffic detected: DNS query: assets.docsend.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: assets.ducksend.com
Source: global traffic	DNS traffic detected: DNS query: d.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: d2qvtfnm75xrxf.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: cfl.dropboxstatic.com
Source: global traffic	DNS traffic detected: DNS query: statsigapi.net
Source: global traffic	DNS traffic detected: DNS query: events.statsigapi.net
Source: global traffic	DNS traffic detected: DNS query: widget.intercom.io
Source: global traffic	DNS traffic detected: DNS query: js.intercomcdn.com
Source: global traffic	DNS traffic detected: DNS query: api-iam.intercom.io
Source: global traffic	DNS traffic detected: DNS query: nexus-websocket-a.intercom.io

Source: unknown

HTTP traffic detected: POST /csp_log?policy_name=docsend HTTP/1.1Host: www.dropbox.comConnection: keep-aliveContent-Length: 4212sec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Content-Type: application/csp-reportAccept: */*Origin: https://docsend.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: reportReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	TCP traffic: 192.168.11.20:49749 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:49749 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:49749 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:49749 -> 239.255.255.250:1900

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:08 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 74f346dbc6b049c09c0c026a17644720Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:09 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: a61403bf0e25453aad90f5ddcf51609aConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:10 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: a36bdf10a8764ab49e6beebca24300e4Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:13 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 445f2f8a5f4a40c79c621bc9d5f99cfbConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:18 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 4bcc60d967974c23b3890a709faf9a09Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:23 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 45c6dfd130d1436da3fb666924fa8c25Connection: close

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53208
Source: unknown	Network traffic detected: HTTP traffic on port 56383 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53166
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57005
Source: unknown	Network traffic detected: HTTP traffic on port 57401 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57401
Source: unknown	Network traffic detected: HTTP traffic on port 57347 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51424
Source: unknown	Network traffic detected: HTTP traffic on port 59374 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53172
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51271
Source: unknown	Network traffic detected: HTTP traffic on port 51648 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 51227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49172
Source: unknown	Network traffic detected: HTTP traffic on port 60612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57656
Source: unknown	Network traffic detected: HTTP traffic on port 65292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62848
Source: unknown	Network traffic detected: HTTP traffic on port 62128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59161
Source: unknown	Network traffic detected: HTTP traffic on port 57005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62289
Source: unknown	Network traffic detected: HTTP traffic on port 57034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63455 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50479
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65292
Source: unknown	Network traffic detected: HTTP traffic on port 58755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64241
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52498
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53985
Source: unknown	Network traffic detected: HTTP traffic on port 51152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57034
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53075
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51424 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54208
Source: unknown	Network traffic detected: HTTP traffic on port 51271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49393
Source: unknown	Network traffic detected: HTTP traffic on port 54208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55431 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60482 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60323
Source: unknown	Network traffic detected: HTTP traffic on port 57620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64885
Source: unknown	Network traffic detected: HTTP traffic on port 53780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51227
Source: unknown	Network traffic detected: HTTP traffic on port 53075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49393 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59748
Source: unknown	Network traffic detected: HTTP traffic on port 51767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51346
Source: unknown	Network traffic detected: HTTP traffic on port 49172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55431
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53099
Source: unknown	Network traffic detected: HTTP traffic on port 52505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62915
Source: unknown	Network traffic detected: HTTP traffic on port 51346 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60612
Source: unknown	Network traffic detected: HTTP traffic on port 61275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61026
Source: unknown	Network traffic detected: HTTP traffic on port 50479 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54585
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57620
Source: unknown	Network traffic detected: HTTP traffic on port 62915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53780
Source: unknown	Network traffic detected: HTTP traffic on port 60916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63455
Source: unknown	Network traffic detected: HTTP traffic on port 53172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57347
Source: unknown	Network traffic detected: HTTP traffic on port 62848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59374
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56383
Source: unknown	Network traffic detected: HTTP traffic on port 53057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52505
Source: unknown	Network traffic detected: HTTP traffic on port 50933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64241 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55183
Source: unknown	Network traffic detected: HTTP traffic on port 53985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60482
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60008

Source: unknown

HTTPS traffic detected: 35.186.224.25:443 -> 192.168.11.20:51819 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@24/0@16/14

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,4048712102622945065,17185252306210673249,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://docsend.com/presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,4048712102622945065,17185252306210673249,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
3.163.158.86	d2qvtfnm75xrxf.cloudfront.net	United States	16509	AMAZON-02US	false
142.251.211.228	www.google.com	United States	15169	GOOGLEUS	false
3.163.158.84	unknown	United States	16509	AMAZON-02US	false
162.125.8.20	d-edge.v.dropbox.com	United States	19679	DROPBOXUS	false
18.172.170.110	docsend.com	United States	3	MIT-GATEWAYSUS	false
35.174.127.31	nexus-websocket-a.intercom.io	United States	14618	AMAZON-AESUS	false
18.238.217.108	js.intercomcdn.com	United States	16509	AMAZON-02US	false
34.128.128.0	events.statsigapi.net	United States	2686	ATGS-MMD-ASUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
18.238.217.12	widget.intercom.io	United States	16509	AMAZON-02US	false
162.125.1.18	www-env.dropbox-dns.com	United States	19679	DROPBOXUS	false
18.65.229.111	d5doxliz2zm8u.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
3.215.228.22	api-iam.intercom.io	United States	14618	AMAZON-AESUS	false

Private

IP
192.168.11.20

Contacted Domains

Name	IP	Active
d2qvtfnm75xrxf.cloudfront.net	3.163.158.86	true
widget.intercom.io	18.238.217.12	true
www-env.dropbox-dns.com	162.125.1.18	true
d-edge.v.dropbox.com	162.125.8.20	true
www.google.com	142.251.211.228	true
events.statsigapi.net	34.128.128.0	true
api-iam.intercom.io	3.215.228.22	true
nexus-websocket-a.intercom.io	35.174.127.31	true
d5doxliz2zm8u.cloudfront.net	18.65.229.111	true
docsend.com	18.172.170.110	true
statsigapi.net	34.128.128.0	true
js.intercomcdn.com	18.238.217.108	true
assets.docsend.com	unknown	unknown
cfl.dropboxstatic.com	unknown	unknown
d.dropbox.com	unknown	unknown
www.dropbox.com	unknown	unknown
assets.ducksend.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://assets.ducksend.com/assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2	false	Avira URL Cloud: safe	unknown
https://assets.ducksend.com/assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2	false	Avira URL Cloud: safe	unknown
https://docsend.com/client_log	false	Avira URL Cloud: safe	unknown
https://js.intercomcdn.com/frame-modern.4d66b2f2.js	false	Avira URL Cloud: safe	unknown
https://www.dropbox.com/pithos/ux_analytics	false	Avira URL Cloud: safe	unknown
https://www.dropbox.com/csp_log?policy_name=docsend	false	Avira URL Cloud: safe	unknown
https://www.dropbox.com/pithos/marketing_tracker_client	false	Avira URL Cloud: safe	unknown
https://www.dropbox.com/pithos/host%3Adocsend.com/privacy_consent	false	Avira URL Cloud: safe	unknown
https://d.dropbox.com/crashdash/proxy/sessions	false	Avira URL Cloud: safe	unknown
https://js.intercomcdn.com/app-modern.ef3c49a6.js	false	Avira URL Cloud: safe	unknown
https://docsend.com/metrics/properties	false	Avira URL Cloud: safe	unknown
https://www.dropbox.com/log/ux_analytics	false	Avira URL Cloud: safe	unknown
https://events.statsigapi.net/v1/rgstr	false	Avira URL Cloud: safe	unknown
https://widget.intercom.io/widget/lv6lji7h	false	Avira URL Cloud: safe	unknown
https://api-iam.intercom.io/messenger/web/metrics	false	Avira URL Cloud: safe	unknown
https://assets.docsend.com/assets/stylesheets/presentation-4b9f317afea33e545f125d4df0bcfd8383b791132b867381ed328572ecd8a7ab.css	false	Avira URL Cloud: safe	unknown
https://www.dropbox.com/pithos/host%3Adocsend.com/marketing_tracker_client	false	Avira URL Cloud: safe	unknown
https://js.intercomcdn.com/vendor-modern.84baedee.js	false	Avira URL Cloud: safe	unknown
https://spclient.wg.spotify.com/v1/live-tile-xml?region=GB&language=en-US	false	Avira URL Cloud: safe	unknown
https://js.intercomcdn.com/app~tooltips-modern.bc0a2f19.js	false	Avira URL Cloud: safe	unknown
https://docsend.com/favicon.ico?v=6	false	Avira URL Cloud: safe	unknown
https://www.dropbox.com/pithos/host%3Adocsend.com/ux_analytics	false	Avira URL Cloud: safe	unknown
https://assets.docsend.com/assets/javascripts/presentation-5fc604fa15bc87a0fb75ab901b19342a6acea826712827896d4971b241ecb21d.js	false	Avira URL Cloud: safe	unknown
https://docsend.com/presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp	false		unknown
https://js.intercomcdn.com/vendors~app~tooltips-modern.9292a7fd.js	false	Avira URL Cloud: safe	unknown
https://docsend.com/view/s/zxqzirinh2bw2bfp	false		unknown
https://statsigapi.net/v1/sdk_exception	false	Avira URL Cloud: safe	unknown
https://assets.docsend.com/assets/javascripts/presentation-f83947fa83943be50f03a0df58afdbdbb19a1b9db9a4d6e264f5e0dac7e1ea0b.css	false	Avira URL Cloud: safe	unknown
https://assets.docsend.com/assets/javascripts/langpacks/en-7335ca5f4d5fd5c21e920914e3876cac05dc13fc03c0bc660a193782d2749d7a.js	false	Avira URL Cloud: safe	unknown
https://assets.ducksend.com/assets/AtlasGrotesk-Regular-Italic-Web-ZM4W24YU-39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff.woff2	false	Avira URL Cloud: safe	unknown
https://api-iam.intercom.io/messenger/web/ping	false	Avira URL Cloud: safe	unknown
https://www.dropbox.com/pithos/privacy_consent	false	Avira URL Cloud: safe	unknown
https://assets.ducksend.com/assets/content-folder-HDGUBPAX-14848f87660b30e1ecd01137e63e7c3b6e3d725e5ed598633ce315fa1e4d2afd.svg	false	Avira URL Cloud: safe	unknown
https://docsend.com/metrics/events	false	Avira URL Cloud: safe	unknown
https://js.intercomcdn.com/vendors~app-modern.f45e12b6.js	false	Avira URL Cloud: safe	unknown
https://nexus-websocket-a.intercom.io/pubsub/5-mII3z3EmzhYoNzny4-uOBUibyRS0O6Xg3DJk5JZaui-WY-yvUUEHrB9q5f3-jXmBBaWHVa9Zxh9H4XXgwvJygMdYpy7Kxb9-s4S1?X-Nexus-New-Client=true&X-Nexus-Version=0.12.12&user_role=visitor	false	Avira URL Cloud: safe	unknown

Found iframes

Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: Iframe src: https://marketing.docsend.com/view/s/zxqzirinh2bw2bfp
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: Iframe src: https://marketing.docsend.com/view/s/zxqzirinh2bw2bfp
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: Iframe src: https://marketing.docsend.com/view/s/zxqzirinh2bw2bfp
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: Iframe src: https://marketing.docsend.com/view/s/zxqzirinh2bw2bfp

Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="author".. found

Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found
Source: https://docsend.com/view/s/zxqzirinh2bw2bfp	HTTP Parser: No <meta name="copyright".. found

Source: unknown

HTTPS traffic detected: 35.186.224.25:443 -> 192.168.11.20:51819 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 35.186.224.25
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.200
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 239.255.255.250
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /v1/live-tile-xml?region=GB&language=en-US HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WNS/10.0Host: spclient.wg.spotify.com
Source: global traffic	HTTP traffic detected: GET /presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp HTTP/1.1Host: docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /view/s/zxqzirinh2bw2bfp HTTP/1.1Host: docsend.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _v_=Q0Oso9%2FcBhnP%2FNqCK83L6xcY%2BecjrObrIv5T5ticpBgRmRZwgkQVkipKBA6uAHiGZCuvLUjWRDwLa4cEzeI%2Flqzqmsqv2s5xF75Xw1hTOjvlEzvakA%3D%3D--YKm%2BrSFgI%2FDaRhqh--5BHW7OxroDhSorFM54%2FG7g%3D%3D; _dss_=5d9dc3567bdbe23f35ae5789a1822992
Source: global traffic	HTTP traffic detected: GET /assets/javascripts/presentation-5fc604fa15bc87a0fb75ab901b19342a6acea826712827896d4971b241ecb21d.js HTTP/1.1Host: assets.docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"Origin: https://docsend.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/stylesheets/presentation-4b9f317afea33e545f125d4df0bcfd8383b791132b867381ed328572ecd8a7ab.css HTTP/1.1Host: assets.docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D
Source: global traffic	HTTP traffic detected: GET /assets/javascripts/presentation-f83947fa83943be50f03a0df58afdbdbb19a1b9db9a4d6e264f5e0dac7e1ea0b.css HTTP/1.1Host: assets.docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D
Source: global traffic	HTTP traffic detected: GET /assets/javascripts/langpacks/en-7335ca5f4d5fd5c21e920914e3876cac05dc13fc03c0bc660a193782d2749d7a.js HTTP/1.1Host: assets.docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D
Source: global traffic	HTTP traffic detected: GET /pithos/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/privacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/marketing_tracker_client HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/content-folder-HDGUBPAX-14848f87660b30e1ecd01137e63e7c3b6e3d725e5ed598633ce315fa1e4d2afd.svg HTTP/1.1Host: assets.ducksend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets.docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/AtlasGrotesk-Regular-Web-DS4XBEAW-43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db.woff2 HTTP/1.1Host: assets.ducksend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"Origin: https://docsend.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/content-folder-HDGUBPAX-14848f87660b30e1ecd01137e63e7c3b6e3d725e5ed598633ce315fa1e4d2afd.svg HTTP/1.1Host: assets.ducksend.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/AtlasGrotesk-Medium-Web-LFHKUOTE-b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3.woff2 HTTP/1.1Host: assets.ducksend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"Origin: https://docsend.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pithos/host%3Adocsend.com/marketing_tracker_client HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI
Source: global traffic	HTTP traffic detected: GET /pithos/host%3Adocsend.com/privacy_consent HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI
Source: global traffic	HTTP traffic detected: GET /pithos/host%3Adocsend.com/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI
Source: global traffic	HTTP traffic detected: GET /bundle_headers%2Fdefault_bundle_headers%2F0.jpg?Expires=1716488280&Signature=qea2PNbOs~2MBASM4kws2kf7ltw3vov-M6Cz4P~Pl0-gaDERaqLJE-I8f25mJWh9SMf7-kkBHHky8QRPOV-KxtHkMGolNi6k9Krj938WthpUwfZ1dqfhm-m~TMG1JYDBFkn05LZYGvokw6uogC0wb8~E-2zNMLxzsSwGkzfXYWNSrFBznNOusWYQWuM0NxGse~xB0nPTtw1BAIu9aCBa69CNDdgQLkljLfJtql6jae4KkdJdMF0pfbYNH9Zdec2CdXGXzQAdPXzR8OZF32pWQ1hF5LwcM28bJaf40NyFCoLjB4Rxh8RsX40Bn21kQWkhff5SJu-1mYt5Mx3iS~idCQ__&Key-Pair-Id=K35JMHU7N40WUH HTTP/1.1Host: d2qvtfnm75xrxf.cloudfront.netConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/AtlasGrotesk-Regular-Italic-Web-ZM4W24YU-39e1b683885a862832eb9f30c6626b7e36613856ee10e8c2d1bf671921ab70ff.woff2 HTTP/1.1Host: assets.ducksend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"Origin: https://docsend.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundle_headers%2Fdefault_bundle_headers%2F0.jpg?Expires=1716488280&Signature=qea2PNbOs~2MBASM4kws2kf7ltw3vov-M6Cz4P~Pl0-gaDERaqLJE-I8f25mJWh9SMf7-kkBHHky8QRPOV-KxtHkMGolNi6k9Krj938WthpUwfZ1dqfhm-m~TMG1JYDBFkn05LZYGvokw6uogC0wb8~E-2zNMLxzsSwGkzfXYWNSrFBznNOusWYQWuM0NxGse~xB0nPTtw1BAIu9aCBa69CNDdgQLkljLfJtql6jae4KkdJdMF0pfbYNH9Zdec2CdXGXzQAdPXzR8OZF32pWQ1hF5LwcM28bJaf40NyFCoLjB4Rxh8RsX40Bn21kQWkhff5SJu-1mYt5Mx3iS~idCQ__&Key-Pair-Id=K35JMHU7N40WUH HTTP/1.1Host: d2qvtfnm75xrxf.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=6 HTTP/1.1Host: docsend.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://docsend.com/view/s/zxqzirinh2bw2bfpAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D; statsig_stable_id=2c1610e0-df03-450e-8c30-7dd05ba1f247
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=6 HTTP/1.1Host: docsend.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _dss_=5d9dc3567bdbe23f35ae5789a1822992; _v_=8LHpTMP99vSTP0yE9f%2FHqgrMqYhNhgoojOCA6kkpDsZPjpsJK1%2F9cxEbOl335QNkwWigmGAZ2hm9U0%2BGKSvE4VHPFRRdPvXb0KHrGWOtS4Nlv0%2BHIA%3D%3D--xrAybv1j1jZvbiBk--j7NT2Rox8osCO4MLSo3Z7w%3D%3D; statsig_stable_id=2c1610e0-df03-450e-8c30-7dd05ba1f247
Source: global traffic	HTTP traffic detected: GET /widget/lv6lji7h HTTP/1.1Host: widget.intercom.ioConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docsend.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /frame-modern.4d66b2f2.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendor-modern.84baedee.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /messenger/web/ping HTTP/1.1Host: api-iam.intercom.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pubsub/5-mII3z3EmzhYoNzny4-uOBUibyRS0O6Xg3DJk5JZaui-WY-yvUUEHrB9q5f3-jXmBBaWHVa9Zxh9H4XXgwvJygMdYpy7Kxb9-s4S1?X-Nexus-New-Client=true&X-Nexus-Version=0.12.12&user_role=visitor HTTP/1.1Host: nexus-websocket-a.intercom.ioConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Upgrade: websocketOrigin: https://docsend.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: Zk9UH73NA6ekMD7NCl3IBw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /vendors~app~tooltips-modern.9292a7fd.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendors~app-modern.f45e12b6.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app~tooltips-modern.bc0a2f19.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app-modern.ef3c49a6.js HTTP/1.1Host: js.intercomcdn.comConnection: keep-alivesec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log/ux_analytics HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; gvc=MjgxNzQ3NDYzNzQ2MjU5ODQ1NDg2NzY0MDg2Nzk5NDg3OTkxOTgw; t=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-js_csrf=uL7dlyS_TDuCPmNC6ipNLRSI; __Host-logged-out-session=ChBXC7gnS64Va+wSuBJejV2mEKCQvrIGGi5BSjdQRVlCa0dMd2xqVE5aZEJ0UkExV0xCTUdSclM3YkdJUlV0T1ZhNHBqYUln
Source: global traffic	HTTP traffic detected: GET /messenger/web/metrics HTTP/1.1Host: api-iam.intercom.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: docsend.com
Source: global traffic	DNS traffic detected: DNS query: assets.docsend.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: assets.ducksend.com
Source: global traffic	DNS traffic detected: DNS query: d.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: d2qvtfnm75xrxf.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: cfl.dropboxstatic.com
Source: global traffic	DNS traffic detected: DNS query: statsigapi.net
Source: global traffic	DNS traffic detected: DNS query: events.statsigapi.net
Source: global traffic	DNS traffic detected: DNS query: widget.intercom.io
Source: global traffic	DNS traffic detected: DNS query: js.intercomcdn.com
Source: global traffic	DNS traffic detected: DNS query: api-iam.intercom.io
Source: global traffic	DNS traffic detected: DNS query: nexus-websocket-a.intercom.io

Source: unknown

Source: global traffic	TCP traffic: 192.168.11.20:49749 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:49749 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:49749 -> 239.255.255.250:1900
Source: global traffic	TCP traffic: 192.168.11.20:49749 -> 239.255.255.250:1900

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:08 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 74f346dbc6b049c09c0c026a17644720Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:09 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: a61403bf0e25453aad90f5ddcf51609aConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:10 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: a36bdf10a8764ab49e6beebca24300e4Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:13 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 445f2f8a5f4a40c79c621bc9d5f99cfbConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:18 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 4bcc60d967974c23b3890a709faf9a09Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundStrict-Transport-Security: max-age=31536000; includeSubDomainsContent-Length: 1233Content-Type: text/htmlDate: Thu, 23 May 2024 18:17:23 GMTServer: envoyStrict-Transport-Security: max-age=31536000; includeSubDomainsCache-Control: no-cache, no-storeVary: Accept-EncodingX-Dropbox-Response-Origin: far_remoteX-Dropbox-Request-Id: 45c6dfd130d1436da3fb666924fa8c25Connection: close

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53208
Source: unknown	Network traffic detected: HTTP traffic on port 56383 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53166
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57005
Source: unknown	Network traffic detected: HTTP traffic on port 57401 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57401
Source: unknown	Network traffic detected: HTTP traffic on port 57347 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51424
Source: unknown	Network traffic detected: HTTP traffic on port 59374 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53172
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51271
Source: unknown	Network traffic detected: HTTP traffic on port 51648 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 51227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49172
Source: unknown	Network traffic detected: HTTP traffic on port 60612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57656
Source: unknown	Network traffic detected: HTTP traffic on port 65292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62848
Source: unknown	Network traffic detected: HTTP traffic on port 62128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59161
Source: unknown	Network traffic detected: HTTP traffic on port 57005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62289
Source: unknown	Network traffic detected: HTTP traffic on port 57034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63455 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50479
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65292
Source: unknown	Network traffic detected: HTTP traffic on port 58755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64241
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52498
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53985
Source: unknown	Network traffic detected: HTTP traffic on port 51152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57034
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53075
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51424 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54208
Source: unknown	Network traffic detected: HTTP traffic on port 51271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49393
Source: unknown	Network traffic detected: HTTP traffic on port 54208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55431 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60482 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60323
Source: unknown	Network traffic detected: HTTP traffic on port 57620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64885
Source: unknown	Network traffic detected: HTTP traffic on port 53780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51227
Source: unknown	Network traffic detected: HTTP traffic on port 53075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49393 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59748
Source: unknown	Network traffic detected: HTTP traffic on port 51767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51346
Source: unknown	Network traffic detected: HTTP traffic on port 49172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55431
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53099
Source: unknown	Network traffic detected: HTTP traffic on port 52505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62915
Source: unknown	Network traffic detected: HTTP traffic on port 51346 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60612
Source: unknown	Network traffic detected: HTTP traffic on port 61275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61026
Source: unknown	Network traffic detected: HTTP traffic on port 50479 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54585
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57620
Source: unknown	Network traffic detected: HTTP traffic on port 62915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53780
Source: unknown	Network traffic detected: HTTP traffic on port 60916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63455
Source: unknown	Network traffic detected: HTTP traffic on port 53172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57347
Source: unknown	Network traffic detected: HTTP traffic on port 62848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59374
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56383
Source: unknown	Network traffic detected: HTTP traffic on port 53057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52505
Source: unknown	Network traffic detected: HTTP traffic on port 50933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64241 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55183
Source: unknown	Network traffic detected: HTTP traffic on port 53985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60482
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60008

Source: unknown

HTTPS traffic detected: 35.186.224.25:443 -> 192.168.11.20:51819 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@24/0@16/14

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,4048712102622945065,17185252306210673249,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://docsend.com/presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,4048712102622945065,17185252306210673249,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1446717
Product:	CloudBasic
Start time:	20:14:51
Start date:	23.05.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
Architecture:	WINDOWS

Windows Analysis Report
https://docsend.com/presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://docsend.com/presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://docsend.com/presentation_users/E8ZmQyTe3_RJa_9pzKRa?redirect_url=https%3A%2F%2Fdocsend.com%2Fview%2Fs%2Fzxqzirinh2bw2bfp