Windows Analysis Report
https://railrent-railrent.powerappsportals.com/

Overview

General Information

Sample URL:	https://railrent-railrent.powerappsportals.com/
Analysis ID:	1541138

Detection

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

AI detected landing page (webpage, office document or email)

HTML page contains obfuscated javascript

Phishing site detected (based on image similarity)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML title does not match URL

Invalid 'forgot password' link found

Invalid 'sign-in options' or 'sign-up' link found

Invalid T&C link found

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

AI detected phishing page

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	LLM: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'filerailrent-railrent.angebotsecurefile.top' does not match the legitimate domain for Microsoft., The domain contains suspicious elements such as multiple hyphens and an unusual domain extension '.top'., The presence of 'angebotsecurefile' in the domain is not associated with Microsoft and is suspicious., The URL structure suggests a potential phishing attempt by using unrelated terms and a non-standard domain. DOM: 4.7.pages.csv
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	LLM: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'filerailrent-railrent.angebotsecurefile.top' does not match the legitimate domain for Microsoft., The domain contains suspicious elements such as multiple hyphens and an unusual domain extension '.top'., The presence of a password input field on a non-legitimate domain is a common phishing tactic., The URL structure suggests a potential phishing attempt by using unrelated words and a non-standard domain. DOM: 5.9.pages.csv
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	LLM: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'filerailrent-railrent.angebotsecurefile.top' does not match the legitimate domain for Microsoft., The domain contains suspicious elements such as multiple hyphens and an unusual domain extension '.top'., The presence of 'angebotsecurefile' in the domain is unrelated to Microsoft and suggests a potential phishing attempt., The input field 'Enter password' is a common tactic used in phishing sites to capture sensitive information. DOM: 5.10.pages.csv

HTML page contains obfuscated javascript

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: var a0_0x40e52e=a0_0x3fb1;(function(_0x11bcf1,_0x22f5af){var _0x373eff=a0_0x3fb1,_0x151b12=_0x
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: var a0_0x566669=a0_0x47c6;(function(_0x1501aa,_0x6b0631){var _0x18fa28=a0_0x47c6,_0x1b274f=_0x1
Source: https://filerailrent-railrent.angebotsecurefile.top/&step=f253efe302d32ab264a76e0ce65be769671a36566016everify&uid=671a36566018d	HTTP Parser: var a0_0x47bbae=a0_0xdb11;function a0_0xdb11(_0xea70ca,_0x1104a8){var _0x15adce=a0_0x4023();ret

Phishing site detected (based on image similarity)

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927

Matcher: Found strong image similarity, brand: MICROSOFT

HTML body contains low number of good links

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: Number of links: 0
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://filerailrent-railrent.angebotsecurefile.top/

HTTP Parser: Base64 decoded: <svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" fill="none"><path fill="#B20F03" d="M16 3a13 13 0 1 0 13 13A13.015 13.015 0 0 0 16 3m0 24a11 11 0 1 1 11-11 11.01 11.01 0 0 1-11 11"/><path fill="#B20F03" d="M17.038 18.615H14.87L14.563 9.5h2....

HTML title does not match URL

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: Title: bfb1a8adcad258cb68461f9218e08471671a362b569dd does not match URL
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Title: bfb1a8adcad258cb68461f9218e08471671a362b569dd does not match URL

Invalid 'forgot password' link found

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927

HTTP Parser: Invalid link: reset it now.

Invalid 'sign-in options' or 'sign-up' link found

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf

HTTP Parser: Invalid link: get a new Microsoft account

Invalid T&C link found

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: Invalid link: Terms of use
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: Invalid link: Privacy & cookies
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Invalid link: Terms of use
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Invalid link: Privacy & cookies
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Invalid link: Terms of use
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Invalid link: Privacy & cookies

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927

HTTP Parser: <input type="password" .../> found

Source: https://railrent-railrent.powerappsportals.com/	HTTP Parser: No favicon
Source: https://railrent-railrent.powerappsportals.com/	HTTP Parser: No favicon
Source: https://filerailrent-railrent.angebotsecurefile.top/	HTTP Parser: No favicon
Source: https://filerailrent-railrent.angebotsecurefile.top/	HTTP Parser: No favicon
Source: https://filerailrent-railrent.angebotsecurefile.top/	HTTP Parser: No favicon
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No favicon

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: No <meta name="author".. found
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No <meta name="author".. found
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No <meta name="author".. found

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: No <meta name="copyright".. found
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No <meta name="copyright".. found
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:63728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:63730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:63740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:63852 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.16:56051 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:56051 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:56051 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:56051 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic	DNS traffic detected: DNS query: railrent-railrent.powerappsportals.com
Source: global traffic	DNS traffic detected: DNS query: content.powerapps.com
Source: global traffic	DNS traffic detected: DNS query: png.pngtree.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: filerailrent-railrent.angebotsecurefile.top
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msauthimages.net

Source: unknown	Network traffic detected: HTTP traffic on port 63921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63929
Source: unknown	Network traffic detected: HTTP traffic on port 63909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63807
Source: unknown	Network traffic detected: HTTP traffic on port 63829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63927
Source: unknown	Network traffic detected: HTTP traffic on port 63806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63819
Source: unknown	Network traffic detected: HTTP traffic on port 63817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63816
Source: unknown	Network traffic detected: HTTP traffic on port 63876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63936
Source: unknown	Network traffic detected: HTTP traffic on port 63715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63817
Source: unknown	Network traffic detected: HTTP traffic on port 63784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63930
Source: unknown	Network traffic detected: HTTP traffic on port 63933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63709
Source: unknown	Network traffic detected: HTTP traffic on port 63795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63824
Source: unknown	Network traffic detected: HTTP traffic on port 63852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63700
Source: unknown	Network traffic detected: HTTP traffic on port 63693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63820
Source: unknown	Network traffic detected: HTTP traffic on port 63920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63836
Source: unknown	Network traffic detected: HTTP traffic on port 63899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63835
Source: unknown	Network traffic detected: HTTP traffic on port 63738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63839
Source: unknown	Network traffic detected: HTTP traffic on port 63761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63831
Source: unknown	Network traffic detected: HTTP traffic on port 63839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63907
Source: unknown	Network traffic detected: HTTP traffic on port 63889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63901
Source: unknown	Network traffic detected: HTTP traffic on port 63827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63904
Source: unknown	Network traffic detected: HTTP traffic on port 63762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63905
Source: unknown	Network traffic detected: HTTP traffic on port 63785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63910
Source: unknown	Network traffic detected: HTTP traffic on port 63910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63914
Source: unknown	Network traffic detected: HTTP traffic on port 63740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63917
Source: unknown	Network traffic detected: HTTP traffic on port 63717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63916
Source: unknown	Network traffic detected: HTTP traffic on port 63805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63890
Source: unknown	Network traffic detected: HTTP traffic on port 63929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63888
Source: unknown	Network traffic detected: HTTP traffic on port 63764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63769
Source: unknown	Network traffic detected: HTTP traffic on port 63850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63880
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63764
Source: unknown	Network traffic detected: HTTP traffic on port 63787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63885
Source: unknown	Network traffic detected: HTTP traffic on port 63930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63886
Source: unknown	Network traffic detected: HTTP traffic on port 63695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63780
Source: unknown	Network traffic detected: HTTP traffic on port 63838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63899
Source: unknown	Network traffic detected: HTTP traffic on port 63849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63775
Source: unknown	Network traffic detected: HTTP traffic on port 63803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63897
Source: unknown	Network traffic detected: HTTP traffic on port 63837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63791
Source: unknown	Network traffic detected: HTTP traffic on port 63891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63789
Source: unknown	Network traffic detected: HTTP traffic on port 63718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63782
Source: unknown	Network traffic detected: HTTP traffic on port 63879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63786
Source: unknown	Network traffic detected: HTTP traffic on port 63917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63785
Source: unknown	Network traffic detected: HTTP traffic on port 63804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63787
Source: unknown	Network traffic detected: HTTP traffic on port 63775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63797
Source: unknown	Network traffic detected: HTTP traffic on port 63786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63799
Source: unknown	Network traffic detected: HTTP traffic on port 63931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63798
Source: unknown	Network traffic detected: HTTP traffic on port 63694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63847
Source: unknown	Network traffic detected: HTTP traffic on port 63825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63848
Source: unknown	Network traffic detected: HTTP traffic on port 63848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63722
Source: unknown	Network traffic detected: HTTP traffic on port 63802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63842
Source: unknown	Network traffic detected: HTTP traffic on port 63813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63859
Source: unknown	Network traffic detected: HTTP traffic on port 63742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63733
Source: unknown	Network traffic detected: HTTP traffic on port 63788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63853
Source: unknown	Network traffic detected: HTTP traffic on port 63814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63868
Source: unknown	Network traffic detected: HTTP traffic on port 63720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63749
Source: unknown	Network traffic detected: HTTP traffic on port 63869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63864
Source: unknown	Network traffic detected: HTTP traffic on port 63754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63758
Source: unknown	Network traffic detected: HTTP traffic on port 63765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63879
Source: unknown	Network traffic detected: HTTP traffic on port 63870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63876
Source: unknown	Network traffic detected: HTTP traffic on port 63918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63875
Source: unknown	Network traffic detected: HTTP traffic on port 63778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63690
Source: unknown	Network traffic detected: HTTP traffic on port 63883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63692
Source: unknown	Network traffic detected: HTTP traffic on port 63868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63687
Source: unknown	Network traffic detected: HTTP traffic on port 63768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63688
Source: unknown	Network traffic detected: HTTP traffic on port 63756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63694
Source: unknown	Network traffic detected: HTTP traffic on port 63711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63696
Source: unknown	Network traffic detected: HTTP traffic on port 63937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63699
Source: unknown	Network traffic detected: HTTP traffic on port 63916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63935 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:63728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:63730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:63740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:63852 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@28/68@32/218

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1952,i,3889803478986375510,4915328613956276709,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://railrent-railrent.powerappsportals.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1952,i,3889803478986375510,4915328613956276709,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://railrent-railrent.powerappsportals.com/

LLM: Page contains button: 'AUSGEFLLTE DOKUMENTE ANZEIGEN' Source: '1.0.pages.csv'

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
40.79.141.152	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.110.84	unknown	United States	15169	GOOGLEUS	false
40.79.141.154	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
34.104.35.123	unknown	United States	15169	GOOGLEUS	false
20.50.64.25	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.246.45	s-part-0017.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.18.94.41	unknown	United States	13335	CLOUDFLARENETUS	false
13.107.253.45	s-part-0017.t-0009.fb-t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.110	unknown	United States	15169	GOOGLEUS	false
104.18.95.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.18.2.157	png.pngtree.com	United States	13335	CLOUDFLARENETUS	false
216.58.206.36	www.google.com	United States	15169	GOOGLEUS	false
142.250.181.227	unknown	United States	15169	GOOGLEUS	false
142.250.181.238	unknown	United States	15169	GOOGLEUS	false
104.21.81.69	filerailrent-railrent.angebotsecurefile.top	United States	13335	CLOUDFLARENETUS	true
239.255.255.250	unknown	Reserved	unknown	unknown	false
152.199.21.175	sni1gl.wpc.upsiloncdn.net	United States	15133	EDGECASTUS	false
172.67.140.116	unknown	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
142.250.186.99	unknown	United States	15169	GOOGLEUS	false
142.250.186.138	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
png.pngtree.com	104.18.2.157	true
filerailrent-railrent.angebotsecurefile.top	104.21.81.69	true
sni1gl.wpc.upsiloncdn.net	152.199.21.175	true
challenges.cloudflare.com	104.18.95.41	true
s-part-0017.t-0009.fb-t-msedge.net	13.107.253.45	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
www.google.com	216.58.206.36	true
aadcdn.msauthimages.net	unknown	unknown
content.powerapps.com	unknown	unknown
railrent-railrent.powerappsportals.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	true	unknown
https://railrent-railrent.powerappsportals.com/	true	unknown
https://filerailrent-railrent.angebotsecurefile.top/	false	unknown
https://filerailrent-railrent.angebotsecurefile.top/&step=f253efe302d32ab264a76e0ce65be769671a36566016everify&uid=671a36566018d	true	unknown
https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	true	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	A58201A91E51D627DBE64DA9A40DADF7	85F5E79E48F1A03A0BF26DAB38CD2215884856C9	F5B75ED3EE2E933307E583B9E9BD8D6EB7E8BED5591DA557A42E64CCBF540C07
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	46C70635A332A7081A8818D7CE9604DC	158E3102F3EBDB436A06B9BE96713D49F364C76B	69BF17394AC23E56A3364C9AF34E44374653F92E16C807333FF642692D87D85A
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	3DF99B89BE5A4C530315B5EB4E6A6910	7AC70A39F21BC2692D590BB1EB02EC1D92FDCE68	E6E7765FFF0A8B4CDE275A471B48052075A55B77016CD1D4B90F41E3FC8185D8
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	8E79F4D5240575339B6805869D30D5A7	8CC4296128B5C9BB74D33AC1ADFE2F5940146983	AC80EE4499E0BCEB84AF5870E5E44923FF07FD416115577E025C01EC5A0CF034
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	014CE4824FBB16963020DEB50AB42686	DE6EE7B51833598745B8F6249C2D4340D6221CE2	D37F533219E7A8F93033B1D35018A5C68F1BA12C6555332353D6D05C01B9A1CD
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 10:56:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	105BC06DB5BD6DBC7E3F02382838B581	7EC6AB849E119D573928C1238C43CB26D9CFF5B6	F13308F4E5EF54AFAB4A8D24A5489A9947EE0652E127F41736D3EFE3ABBD537D
Chrome Cache Entry: 204	ASCII text, with very long lines (48395)	6027D51DC3F9461C3B5AB3A1F8C5BEED	9787028F6B186F85580729694A1ED66DAE58B5F5	C108037861ED8A7BD3CD188CC6DA3F7DC4103207B2C77B7E439F33DFA9334309
Chrome Cache Entry: 205	ASCII text, with very long lines (11766), with no line terminators	2659C6F064BBDF38AFF3A3F7D33BA256	73EA787E226F755D9F57DC637AEB5A9D506338CF	E3A5A5E3432453A9CDCE2A02DD4D7F08037119C6A9AC545D010D3CF73768825A
Chrome Cache Entry: 207	ASCII text, with very long lines (61300)	11A5A914937B75288F59799624B22C41	FA1304A3AAE266ECEEA76FF1BED1D2894DAF19F2	0D123D26B7574F73FADFC2B904E098C4977CAFFFBA55A94F547ED5B23EBC4169
Chrome Cache Entry: 208	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 209	ASCII text, with very long lines (7625)	FBAA8BF626C7A370536A67E0E49FBF2A	2E271B643612210C73D4DB20A3E7771830A922C0	C83EE49A30249601960E9B2E2502A41128423F46517BF01E36052EA082317830
Chrome Cache Entry: 211	PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced	C9F31E87400C46F9F8FB580602328C72	4B538CA736FB2A88A89214AD5EB0B2B80640B5AB	DDE1ACEFE23281E3715BDEE565CF1FD7064370D4BB751AB92C4ADD7D42932BBE
Chrome Cache Entry: 212	ASCII text, with very long lines (39862)	E303D5355313048BECBD7E9429825F82	4ECFDB3DCA8F4AD156D0A0F12FB2ABBB1DBF6D67	CED5EA5C04E6DD8807FA46B2052888EB4798E557C507FC2EC75463FEE17A9AEA
Chrome Cache Entry: 213	ASCII text, with very long lines (967)	7A2EF769677E18EAD3D12FAE8D4115D0	AA4CEE6B17E340F9115A15FA5D4C955A570A9D9A	5F2DC19AAE1F3EB6725226ED863F8259B6EB12A0916D75D44C29313DE631E4D8
Chrome Cache Entry: 214	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 216	ASCII text, with very long lines (47531)	808A57CAE0B6FEE71F46EFDDED44B348	DD570A24C8BDA1B391AA1DDEA6004125818E579A	5B75AC6F98994352699841DFFA6E562725EBBD0005C539946AD3625EC550EB0F
Chrome Cache Entry: 217	JSON data	E9E06BD908E7D11B2DBB948AE94240F9	B7D9E792499009E11AC5F9CDB8F4F48213C50393	6DE1B066A9275A163E098423585D83D89146536C718BECD1F4CE7BB70BC9B133
Chrome Cache Entry: 219	ASCII text, with very long lines (31803)	6470A918BA1FD4B8D0882DF0269DDB82	97814FDAB64AA7D1B30F082F9EB272D4B1CE18A2	FD4CE12A87594281AFCEE9C73A40FE7ACC282BCC9E764FBB3AFA1481A96A091E
Chrome Cache Entry: 220	ASCII text, with very long lines (28287)	9183DA3D63ADCBCA9C451BB60E6E1F10	9207557A291A137EF495DCEF25900E1E5D6F33AA	66AA8F2E328C6461928C45E81A225A7C857185A6A27119BEBFD3F3C321AD555C
Chrome Cache Entry: 221	ASCII text, with very long lines (65312), with CRLF line terminators	2CE6EFB497D50E0FBD335FF651D0E961	4A644F008F5535E2B15DE5A72ACD498C2D5C59C8	37AD3F3C0DB53E8E6D68199A6DF828E7DB31ABE1DE721CB7475A840A6C10C215
Chrome Cache Entry: 223	ASCII text, with very long lines (8056)	86D02538FCA59B05B1C0479F013993FC	484718F407A44A2852A22A242C2736CC85E3E59C	5C01B319D8FCFD764F5154FE0A39F8D21B4D664A3E503569A43896FB07DCD86C
Chrome Cache Entry: 225	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 228	PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced	73E4A57308882BB368A1E2F49E58497F	99CEF0948C0A6114982E66D28AD311CA95D6F09C	759C1FA1BBE8316C91FE672EE390CA824622A3CB5D4F6FE74B996677B6417D9C
Chrome Cache Entry: 229	ASCII text, with very long lines (65536), with no line terminators	4C674D8D4294C4A6B763AA1FC836827C	88DEC91B36CAD6555FB73B9ED28D6FDC7A944467	99855F2433E80A925CE4CABD975E2DD7A9FE01FAB8E164B26F67010FF5769EC0
Chrome Cache Entry: 231	JSON data	7CB4A6366251589A2F7BFA12D1CC1CB4	A94C94B1AF63338F70312C114C40182C95EF88DB	C2D957ED044439C57F5589353C379AD5184403E9DCB5C31D23FF1E2ED947332C
Chrome Cache Entry: 232	ASCII text, with very long lines (383)	25DFE0A5F08DAE66177D60C599904208	6888D55C9D52DF74703862C1274459D1BFCDFC69	A3765EC0AC346488AE0E3BED0E98F5744AC56C19BBD371073195ADF8AE2F77A9
Chrome Cache Entry: 236	Unicode text, UTF-8 text, with very long lines (65445)	CF8E0FD9421E12CFB59F0266E0273F7D	62EF88B36C4A8C0475E10DFD80A4F7E588AA1F15	522C2E27DB64974813E59251D101596A7692A9B964771A9CE3F1978247862258
Chrome Cache Entry: 237	ASCII text, with very long lines (65536), with no line terminators	3C181C74CE7549815433A33A56FDF280	FA83EFBB876F7BD22C0C011BBCCD0019F484D9B4	3ECB3CED51DFEEACBEBD2EF5E0FCD5A6F86246F7493D4D8F3101B7D6726C473C
Chrome Cache Entry: 239	ASCII text, with very long lines (6010), with no line terminators	790E733CD54BBBC3C12D63CBF3691DD8	F9AC77B473722F0F85A84CDD62103AF1CB2A3FF4	054D144643511B4E7EBAD481F56BE3E55AC3D7F6E32FB7785F51EFDCB0A2F2F9
Chrome Cache Entry: 242	ASCII text, with very long lines (871)	810463C3E7DB6F6CD79470456FA4E09E	47F48B0E06C323A21794DC9838A41310B2E0B7BB	E40D6A96069A22C6D0DAB01A689A082599DC32B3BCBB1A6AE35896817EA32694
Chrome Cache Entry: 243	SVG Scalable Vector Graphics image	A9CC2824EF3517B6C4160DCF8FF7D410	8DB9AEBAD84CA6E4225BFDD2458FF3821CC4F064	34F9DB946E89F031A80DFCA7B16B2B686469C9886441261AE70A44DA1DFA2D58
Chrome Cache Entry: 245	JSON data	320C8BE42A19CB9DF6A5011CC4E1BC6D	2EEC673BEFEAE800B601D970B4A0E4CA46FABA93	16201845D54E6F4B48E3CBBC60B835FD7B3D31284F4D1F63BD959EE4A09986F5
Chrome Cache Entry: 248	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 251	Unicode text, UTF-8 text, with very long lines (65300), with CRLF line terminators	30EAFD8EF153814B788EB71DB3F1B99C	3C7BD538F6307CAE3DE00D64BD2B742B9E4AFE3B	7FCFD614F45FE132CC914BEEAC10592711BF2760E3732D85DFAFEB4022A3C914
Chrome Cache Entry: 253	assembler source, ASCII text, with CRLF line terminators	FA694BC0473766A8E8F1CDEFB9007BBB	7F69530F8431FA456B9C0C02B65E7C2E197A98C2	AB189E68B67A70C8B40043A6734C512439214A072F5F90C69860A5BA42E71880
Chrome Cache Entry: 256	ASCII text, with very long lines (25293)	805A1661B77834F61B0C8E1175DC9F90	38E8EEB48DF5906F796E4C9A4549DFBF0327D656	B37275F7C7F76430F05A20E7D0DDDAC3649467DBC0E7AF58CC3F04B1EE6DEA81
Chrome Cache Entry: 257	ASCII text, with very long lines (50758)	67176C242E1BDC20603C878DEE836DF3	27A71B00383D61EF3C489326B3564D698FC1227C	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
Chrome Cache Entry: 258	JSON data	76167CAA7E3FD19E1D5684ED58434C7E	24EEA8841EE197B894382B75420D7B9893D0D0B7	FFFF5534CABFD94B388E8C9311FECCFDFD4A767D007C5C56D19ADC78DE5F10C4
Chrome Cache Entry: 261	ASCII text, with very long lines (540), with no line terminators	2739C60227F87D19F5C784BFFB5991F8	42DBAC51553D7778A176E710D3CE1009884DE167	974FECBEBCF2F295348C3631FE069966EAB4B4B57CD4FCBE15FB70D0ACAB47C6
Chrome Cache Entry: 263	ASCII text, with no line terminators	D6B82198AF25D0139723AF9E44D3D23A	D60DEEF1847EEEF1889803E9D3ADC7EDA220F544	A5C8CC49FA6649BE393EF22C2B31F1C46B671F8D763F783ED6D7B4E33669BDA3
Chrome Cache Entry: 264	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 267	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	633E70F51B5C0319AF3ACF16EC1AE7B6	D28238721914C98998ACC0485CCEBF230F01A520	FB076F7948CA70EB1F51334FE4C473C40BBE3BCEB105981C482BB8634FF98081
Chrome Cache Entry: 268	ASCII text, with very long lines (1835)	DFD19253D3DBC5521540512B5B2B05FB	63C7C12B96231EA61F6DF2DAFAF53FEBB20D627D	810C0D1DE636403CE04DD194F9230C998613BA37D1496463648055B44E2B95F6
Chrome Cache Entry: 269	Unicode text, UTF-8 text, with CRLF line terminators	59380F382417BF76CCD73D0E7FC38B7E	9A1227F495EDF0331145EE9FEE187F2F0D1E00B5	2FD89992331C73B2D2383CB19D799425B42AF4EE09290B65B380C29F2412F3C8
Chrome Cache Entry: 273	PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced	74710B068526106916E5A9AE5B70FA64	2E7344458A5EB6EFB65976EE144BBEDBA680B5AC	55B9B171BB9BC15ACDD21C7A186E1268BC774B6A7C5A6FBC2F2BFEE564890325
Chrome Cache Entry: 275	PNG image data, 47 x 82, 8-bit/color RGB, non-interlaced	D5F4D0F9850F6C5392A274F11A078002	64C3B431D859A5B204DF58A640D006B81A08C091	14E341B4F85D92265B0CD955E40E85A770B7B40B651F2EB9634503628F981357
Chrome Cache Entry: 277	ASCII text, with very long lines (64184)	76D43A9405CE1A4618FF0A86BECBA682	556ACEAE8396531440488D48302636CB02288CBC	D636393DA268FA543FC3F05A5405E53E26BF4101EA929ECCD401707B5A6C75B4
Chrome Cache Entry: 279	ASCII text, with very long lines (6203)	F1ACFD2815BECD7DF8E02C415B9973F7	3CF9577A5B4CBA69C9646967B8855F7A2F137F80	99A2179570F5B6A4388F0175165C32018D8078E6F97F1591CF3426538361B4D7
Chrome Cache Entry: 282	HTML document, ASCII text, with very long lines (5094)	DAD12EEA0E17B25EEBA8B7C4CCDAF48A	27A98DDB756E0B8A488BDDBF16AE56A6CF9D8B9A	E677FCFFB37D5A002AC51A1BA3613E950EDB7BAD69A2FECD0813B943CA604D24
Chrome Cache Entry: 283	ASCII text, with very long lines (6778), with no line terminators	2FB2EEECD0B93C2846EC0876E9ADCF57	2523CE3A137E3690382D1C5EA579C16BE38E1F48	087E97DB50FFF3511F7ACDA819F99DB5DDCED9E9E7150D2198D101134BE5E5BB
Chrome Cache Entry: 284	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	1CCFEA34F655127024E56A9182D069B2	F01C37FC36D6F283021BFE2021F884756ACC0830	DDEB1C61FE3FC1C4195D6AF3CA1514F8EB78DE09E6DE3DBFCC960DDFDA93EE54
Chrome Cache Entry: 285	Unicode text, UTF-8 text, with very long lines (61934), with no line terminators	88CB6BE085E688626F0DB33FD21E94C6	DDFED3438A109DB2ED257690E48C4BD8A9C4DB73	ED0B89FFB4522C3F00D070FB161F7272C0857DC7E1F40BDD6974261CF96210C1
Chrome Cache Entry: 287	JSON data	A0D01046CF6C59450C9379B2FC386E9F	D11CA23D0432A0E9625F2CD6C18574660FE4D5C6	31C68BC283A3829BCA75EB76E24E5EB38DD1DA242E3B5E31D5DF22384B988EC6
Chrome Cache Entry: 289	ASCII text, with no line terminators	011B17B116126E6E0C4A9B0DE9145805	DF63A6EB731FFCE96F79802EFF6D53D00CDA42BC	3418E6E704387A99F1611EB7BB883328A438BA600971E6D692E8BEA60F10B179
Chrome Cache Entry: 290	ASCII text, with very long lines (361), with no line terminators	EDA4E638FDD1B8DE8F97EC781E8242D6	A8C0716A4BCCF2805899403AF14E7B9216B19573	5423F185195F046D0F3893F674E072BE43E47C6124DD6CCBE214E896B1944D43
Chrome Cache Entry: 292	ASCII text, with very long lines (65294), with CRLF line terminators	BE8391E97DEA755C86C38DB4E43773D8	3E573E059A8C52A1B7063895562F6A23261F54A0	BBB5F1A1DF8E94BE934B438B99E27173F2EC270005C7ABE07204BFE0DD64B134
Chrome Cache Entry: 296	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 297	ASCII text, with no line terminators	F4A0E619B855697F4DB1A1B22FE37E8C	3D1CA30185839E05C6D876C7E8477604BFAC6CDA	CEC86F53B19C31BC124614007553A6EBC5434F9B1D2F03B1DB0393B22AB16EA2
Chrome Cache Entry: 299	ASCII text, with very long lines (54049)	110C02AABA6D184B61982072646CAF33	5FB13C49228FD1A7597A4DE2AB57AE6F68233856	A2EB7527F1135BFE4F7B429303B3350C680FEAA326EB307737EB2A90B7AA84B3
Chrome Cache Entry: 300	ASCII text, with very long lines (65393), with CRLF line terminators	ECBF4AB0D0CA4064D3D18A524CF98318	5D09A46D8CB4B306868E12D9D031D879C55A3708	11F2BCC472B9619DD37DA32533FB968338193AFA59A822C69FD9929E3CDEE834
Chrome Cache Entry: 304	JSON data	342EB5262D32E1B9DF9450C66AC54F43	2B26C610C6581B8F9940E25BDACA29BD8C5A01BF	C5A191475EB82B4A9BED085D3EEDB34CDC14B74F7E280E926D8E350AB571BD7A
Chrome Cache Entry: 307	ASCII text, with very long lines (8422)	1DC7540813F00864F80D146889952EA2	93FF4BD80E9E3645F5D277D5C9D045971D055564	32C09B085C80835DF9F2B2024D20C76DFB4663A49C455F58CDED0FBCDEC19494
Chrome Cache Entry: 308	ASCII text, with very long lines (42815)	197395E90DC9729F818EA9939E9C0F02	44AB2D06F60067EDD19EDFC7150C4D8FF144BEB2	E82600ABB85B8F5E55BC120B8FBA82ACD57C533C97FD6B843AD31FC75A255F56
Chrome Cache Entry: 311	C++ source, ASCII text, with very long lines (8606)	3F80DA0A75A54EF2AE643C7E06B7616B	F7BD077BB4D30DA0A5B96662ADD1CFD251B6101F	DFDBEF9F7A31A51D202D7CE4D7AEDFFD1A58CD246D7770B98243343A7CE46285
Chrome Cache Entry: 312	HTML document, ASCII text	A34AC19F4AFAE63ADC5D2F7BC970C07F	A82190FC530C265AA40A045C21770D967F4767B8	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
Chrome Cache Entry: 313	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 314	ASCII text, with very long lines (64632), with CRLF line terminators	8C396F163B2003283B54A6E105D2B395	CEE717CF5E3DE1C370C83C1C683F172117B2497B	6571F808B2D30448550E0FBCD070074A4381E3A0F5125BA532FD71DAD5824FFB
Chrome Cache Entry: 315	ASCII text, with very long lines (394), with CRLF line terminators	16F567F549BA7B4EAF0559BD527323FA	77E458F5FB123247C0104F72655F07D2CE94DC5B	7C515050A8D0D8CF2D3E17528FE0BFCC5FABC6F766C4069044F214AEE3D7A047

Phishing

AI detected phishing page

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	LLM: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'filerailrent-railrent.angebotsecurefile.top' does not match the legitimate domain for Microsoft., The domain contains suspicious elements such as multiple hyphens and an unusual domain extension '.top'., The presence of 'angebotsecurefile' in the domain is not associated with Microsoft and is suspicious., The URL structure suggests a potential phishing attempt by using unrelated terms and a non-standard domain. DOM: 4.7.pages.csv
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	LLM: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'filerailrent-railrent.angebotsecurefile.top' does not match the legitimate domain for Microsoft., The domain contains suspicious elements such as multiple hyphens and an unusual domain extension '.top'., The presence of a password input field on a non-legitimate domain is a common phishing tactic., The URL structure suggests a potential phishing attempt by using unrelated words and a non-standard domain. DOM: 5.9.pages.csv
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	LLM: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'filerailrent-railrent.angebotsecurefile.top' does not match the legitimate domain for Microsoft., The domain contains suspicious elements such as multiple hyphens and an unusual domain extension '.top'., The presence of 'angebotsecurefile' in the domain is unrelated to Microsoft and suggests a potential phishing attempt., The input field 'Enter password' is a common tactic used in phishing sites to capture sensitive information. DOM: 5.10.pages.csv

HTML page contains obfuscated javascript

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: var a0_0x40e52e=a0_0x3fb1;(function(_0x11bcf1,_0x22f5af){var _0x373eff=a0_0x3fb1,_0x151b12=_0x
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: var a0_0x566669=a0_0x47c6;(function(_0x1501aa,_0x6b0631){var _0x18fa28=a0_0x47c6,_0x1b274f=_0x1
Source: https://filerailrent-railrent.angebotsecurefile.top/&step=f253efe302d32ab264a76e0ce65be769671a36566016everify&uid=671a36566018d	HTTP Parser: var a0_0x47bbae=a0_0xdb11;function a0_0xdb11(_0xea70ca,_0x1104a8){var _0x15adce=a0_0x4023();ret

Phishing site detected (based on image similarity)

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927

Matcher: Found strong image similarity, brand: MICROSOFT

HTML body contains low number of good links

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: Number of links: 0
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://filerailrent-railrent.angebotsecurefile.top/

HTML title does not match URL

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: Title: bfb1a8adcad258cb68461f9218e08471671a362b569dd does not match URL
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Title: bfb1a8adcad258cb68461f9218e08471671a362b569dd does not match URL

Invalid 'forgot password' link found

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927

HTTP Parser: Invalid link: reset it now.

Invalid 'sign-in options' or 'sign-up' link found

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf

HTTP Parser: Invalid link: get a new Microsoft account

Invalid T&C link found

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: Invalid link: Terms of use
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: Invalid link: Privacy & cookies
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Invalid link: Terms of use
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Invalid link: Privacy & cookies
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Invalid link: Terms of use
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: Invalid link: Privacy & cookies

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927

HTTP Parser: <input type="password" .../> found

Source: https://railrent-railrent.powerappsportals.com/	HTTP Parser: No favicon
Source: https://railrent-railrent.powerappsportals.com/	HTTP Parser: No favicon
Source: https://filerailrent-railrent.angebotsecurefile.top/	HTTP Parser: No favicon
Source: https://filerailrent-railrent.angebotsecurefile.top/	HTTP Parser: No favicon
Source: https://filerailrent-railrent.angebotsecurefile.top/	HTTP Parser: No favicon
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No favicon

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: No <meta name="author".. found
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No <meta name="author".. found
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No <meta name="author".. found

Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=97c850c199db8e87d0b7ba104d582f72ae56613amain&uid=f253efe302d32ab264a76e0ce65be769671a362ccf2cf	HTTP Parser: No <meta name="copyright".. found
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No <meta name="copyright".. found
Source: https://filerailrent-railrent.angebotsecurefile.top/&redirect=2c616d158c788cdcbc3b3e2bb2a3f2e4sec&uid=f253efe302d32ab264a76e0ce65be769671a364239927	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:63728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:63730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:63740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:63852 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.16:56051 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:56051 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:56051 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:56051 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic	DNS traffic detected: DNS query: railrent-railrent.powerappsportals.com
Source: global traffic	DNS traffic detected: DNS query: content.powerapps.com
Source: global traffic	DNS traffic detected: DNS query: png.pngtree.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: filerailrent-railrent.angebotsecurefile.top
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msauthimages.net

Source: unknown	Network traffic detected: HTTP traffic on port 63921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63929
Source: unknown	Network traffic detected: HTTP traffic on port 63909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63807
Source: unknown	Network traffic detected: HTTP traffic on port 63829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63927
Source: unknown	Network traffic detected: HTTP traffic on port 63806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63819
Source: unknown	Network traffic detected: HTTP traffic on port 63817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63816
Source: unknown	Network traffic detected: HTTP traffic on port 63876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63936
Source: unknown	Network traffic detected: HTTP traffic on port 63715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63817
Source: unknown	Network traffic detected: HTTP traffic on port 63784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63930
Source: unknown	Network traffic detected: HTTP traffic on port 63933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63709
Source: unknown	Network traffic detected: HTTP traffic on port 63795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63824
Source: unknown	Network traffic detected: HTTP traffic on port 63852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63700
Source: unknown	Network traffic detected: HTTP traffic on port 63693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63820
Source: unknown	Network traffic detected: HTTP traffic on port 63920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63836
Source: unknown	Network traffic detected: HTTP traffic on port 63899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63835
Source: unknown	Network traffic detected: HTTP traffic on port 63738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63839
Source: unknown	Network traffic detected: HTTP traffic on port 63761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63831
Source: unknown	Network traffic detected: HTTP traffic on port 63839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63907
Source: unknown	Network traffic detected: HTTP traffic on port 63889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63901
Source: unknown	Network traffic detected: HTTP traffic on port 63827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63904
Source: unknown	Network traffic detected: HTTP traffic on port 63762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63905
Source: unknown	Network traffic detected: HTTP traffic on port 63785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63910
Source: unknown	Network traffic detected: HTTP traffic on port 63910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63914
Source: unknown	Network traffic detected: HTTP traffic on port 63740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63917
Source: unknown	Network traffic detected: HTTP traffic on port 63717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63916
Source: unknown	Network traffic detected: HTTP traffic on port 63805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63890
Source: unknown	Network traffic detected: HTTP traffic on port 63929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63888
Source: unknown	Network traffic detected: HTTP traffic on port 63764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63769
Source: unknown	Network traffic detected: HTTP traffic on port 63850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63880
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63764
Source: unknown	Network traffic detected: HTTP traffic on port 63787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63885
Source: unknown	Network traffic detected: HTTP traffic on port 63930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63886
Source: unknown	Network traffic detected: HTTP traffic on port 63695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63780
Source: unknown	Network traffic detected: HTTP traffic on port 63838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63899
Source: unknown	Network traffic detected: HTTP traffic on port 63849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63775
Source: unknown	Network traffic detected: HTTP traffic on port 63803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63897
Source: unknown	Network traffic detected: HTTP traffic on port 63837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63791
Source: unknown	Network traffic detected: HTTP traffic on port 63891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63789
Source: unknown	Network traffic detected: HTTP traffic on port 63718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63782
Source: unknown	Network traffic detected: HTTP traffic on port 63879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63786
Source: unknown	Network traffic detected: HTTP traffic on port 63917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63785
Source: unknown	Network traffic detected: HTTP traffic on port 63804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63787
Source: unknown	Network traffic detected: HTTP traffic on port 63775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63797
Source: unknown	Network traffic detected: HTTP traffic on port 63786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63799
Source: unknown	Network traffic detected: HTTP traffic on port 63931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63798
Source: unknown	Network traffic detected: HTTP traffic on port 63694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63847
Source: unknown	Network traffic detected: HTTP traffic on port 63825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63848
Source: unknown	Network traffic detected: HTTP traffic on port 63848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63722
Source: unknown	Network traffic detected: HTTP traffic on port 63802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63842
Source: unknown	Network traffic detected: HTTP traffic on port 63813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63859
Source: unknown	Network traffic detected: HTTP traffic on port 63742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63733
Source: unknown	Network traffic detected: HTTP traffic on port 63788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63853
Source: unknown	Network traffic detected: HTTP traffic on port 63814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63868
Source: unknown	Network traffic detected: HTTP traffic on port 63720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63749
Source: unknown	Network traffic detected: HTTP traffic on port 63869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63864
Source: unknown	Network traffic detected: HTTP traffic on port 63754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63758
Source: unknown	Network traffic detected: HTTP traffic on port 63765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63879
Source: unknown	Network traffic detected: HTTP traffic on port 63870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63876
Source: unknown	Network traffic detected: HTTP traffic on port 63918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63875
Source: unknown	Network traffic detected: HTTP traffic on port 63778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63690
Source: unknown	Network traffic detected: HTTP traffic on port 63883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63692
Source: unknown	Network traffic detected: HTTP traffic on port 63868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63687
Source: unknown	Network traffic detected: HTTP traffic on port 63768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63688
Source: unknown	Network traffic detected: HTTP traffic on port 63756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63694
Source: unknown	Network traffic detected: HTTP traffic on port 63711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63696
Source: unknown	Network traffic detected: HTTP traffic on port 63937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63699
Source: unknown	Network traffic detected: HTTP traffic on port 63916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63935 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:63728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:63730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:63740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:63852 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@28/68@32/218

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1952,i,3889803478986375510,4915328613956276709,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://railrent-railrent.powerappsportals.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1952,i,3889803478986375510,4915328613956276709,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://railrent-railrent.powerappsportals.com/

LLM: Page contains button: 'AUSGEFLLTE DOKUMENTE ANZEIGEN' Source: '1.0.pages.csv'

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

ID:	1541138
Product:	CloudBasic
Start time:	13:56:23
Start date:	24.10.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://railrent-railrent.powerappsportals.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://railrent-railrent.powerappsportals.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://railrent-railrent.powerappsportals.com/