Edit tour

Windows Analysis Report
Tbconsulting Company Guidelines Employee Handbook.docx

Overview

General Information

Sample name:	Tbconsulting Company Guidelines Employee Handbook.docx
Analysis ID:	1576304
MD5:	bc51bca6bdbcb1fd80b041ac0fa20732
SHA1:	924b734434cf013358caf8c3f2cea9b420106182
SHA256:	17baac08210299de158c11f84f587789f3c943c0c1b7675977e85c42e7c7aae8
Infos:

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected landing page (webpage, office document or email)

AI detected suspicious URL

Suspicious office document detected (based on various text indicators)

Connects to many different domains

Detected hidden input values containing email addresses (often used in phishing pages)

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

WINWORD.EXE (PID: 6952 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\user\Desktop\Tbconsulting Company Guidelines Employee Handbook.docx" /o "" MD5: 1A0C2C2E7D9C4BC18E91604E9B0C7678)

chrome.exe (PID: 5740 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://mstf.mailsupport-netsuites.online/oVtAwgdE#agavin@tbconsulting.com MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5860 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1988,i,14035628684313978814,14330272916034412988,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7744 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4076 --field-trial-handle=1988,i,14035628684313978814,14330272916034412988,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

AI detected landing page (webpage, office document or email)

Source: Office document

Joe Sandbox AI: Office document contains QR code

AI detected suspicious URL

Source: Email	Joe Sandbox AI: AI detected Brand spoofing attempt in URL: https://mstf.mailsupport-netsuites.online
Source: Email	Joe Sandbox AI: AI detected Typosquatting in URL: https://mstf.mailsupport-netsuites.online

Suspicious office document detected (based on various text indicators)

Source: Word

OCR Text: DocuSign You have received a secure file to review. SCAN BARCODE TO REVIEW DOCUMENT Agavin agavin@tbconsulting.com This message was sent from DocuSign. All parties have completed Complete with DocuSign: New Company Policy added to Employee Handbook Reigneventsmenphis.pdf You are receiving this email because you subscribed to Microsoft Office 365. Do Not Share This Email This email contains a secure link to DocuSign. Please do not share this email, link, or access code with others.

Source: https://www.justanswer.com/sip/justanswer?r=ppc|ga|27|Tech-Computer-SQR-Search-BMM-Broad|Software-Amazon|&JPKW=%2Bhelp%20%2B%26%20%2Bcustomer%20%2Bservice&JPDC=S&JPST=&JPAD=355200043659&JPMT=b&JPNW=s&JPAF=txt&JPRC=1&JPCD=&JPOP=&cmpid=2031261533&agid=71340705109&fiid=&tgtid=kwd-370301366612&ntw=s&dvc=c&gad_source=5&gclid=EAIaIQobChMIiqSKju6sigMVpgcGAB2u5DvREAAYASAAEgJ7_PD_BwE

HTTP Parser: {"resources":{"hero":{"category":"Experts","tagline":"Get 24/7 help for any issue. Chat with an on-call Expert now.","subhead":["Get your answer in minutes","Personalized help from verified Experts","Get unlimited chats upon joining. Cancel anytime."],"subheadPriceTemplate":"Get unlimited chats upon joining. Cancel anytime.","subheadPriceDefault":"Get unlimited chats upon joining. Cancel anytime.","formattedThirdBullet":"Get unlimited chats upon joining. Cancel anytime.","backgroundImage":"https://ww2-secure.justanswer.com/static/img/sip-prominent-v2/right_rail/Tech.jpg","mediaLogos":[{"name":"icon-cnn"},{"name":"icon-nbc"},{"name":"icon-fox"},{"name":"icon-today"},{"name":"icon-nyt"}],"bullets":[{"text":"Get your answer in minutes","withHtml":false},{"text":"Personalized help from verified Experts","withHtml":false},{"text":"Get unlimited chats upon joining. Cancel anytime.","withHtml":false}],"coBrandedData":{},"cookieBannersProps":{"gdprBannerProps":{"text":"We use cookies to give you the best possible experience on our website. By continuing to use this site you consent to the use of cookies on your device as described in our <a href=\"https://ww2-secure.justanswer.com/en-gb/cookie-notice\" class=\"cookies-privacy-link\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">cookie policy</a> unless you have disabled them."},"ccpaBannerProps":{"text":"By chatting and providing personal info, you understand and agree to our <a href=\"//www.justanswer.com/info/terms-of-service\" class=\"ccpa-terms\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Terms of Service</a> and <a href=\"//www.justanswer.com/info/privacy-security\" class=\"ccpa-policy\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Privacy Policy</a>."},"forceCcpa":false,"shouldShowCcpaBanner":false},"isTcpaBannerEnabled":false},"head":{"marinClientId":"7suskw9xo0","metadata":{"description":"","title":"Ask an Experts Question, Get an Answer ASAP!","canonicalUrl":"https://www.justanswer.com/sip/justanswer","copyright":"2003-2024 JustAnswer LLC","useKeywords":true,"keywords":"","useGooglePlusPublisher":true,"useVerifyV1":false,"useAppleMobileWebCapable":false,"useViewport":false},"headerIcons":{"faviconUrl":"/favicon.ico","touchIconUrl":"/img/ja-boxlogo.png"},"partner":{"baseDomain":"www.justanswer.com"},"labels":{"common":{"copyright":"2003-2024 JustAnswer LLC"}},"jsVariables":{"mainVariable":"JA","variables":{"i":{"analytics":{"tracker":"UA-2229500-1","domain":"justanswer.com","ignoredDomain":"justanswer.com","pagepath":"/fe/layout/desktop/sip.aspx"},"partner":{"ID":1,"Name":"JA Root"},"category":{"id":"53197","name":"Computer","parentName":"","topLevelCategoryName":"Computer","siloVerticalName":"Computer","ppcVerticalName":"Tech","forumSubName":"Computer","hierarchyId":"a8bcbd4209b94fa0918560822259e3bb"},"sipSelectedTabName":"Computer","loadRevizelyInHead":false,"isTargetedMarketing":false,"pt":"100","ptName":"Homepage","baseDomain":"justanswer.com","isDev":false,"i

Source: https://mstf.mailsupport-netsuites.online/oVtAwgdE#agavin@tbconsulting.com

HTTP Parser: Base64 decoded: {"uuid":"8e7532e8-2cd2-4fba-8dd0-9938baa6a450","page_time":1734371669,"page_url":"https://mstf.mailsupport-netsuites.online/oVtAwgdE","page_method":"GET","page_request":{},"page_headers":{},"host":"mstf.mailsupport-netsuites.online","ip":"8.46.123.189"}

Source: https://mstf.mailsupport-netsuites.online/oVtAwgdE#agavin@tbconsulting.com	HTTP Parser: No favicon
Source: https://mstf.mailsupport-netsuites.online/oVtAwgdE#agavin@tbconsulting.com	HTTP Parser: No favicon
Source: https://mstf.mailsupport-netsuites.online/oVtAwgdE#agavin@tbconsulting.com	HTTP Parser: No favicon
Source: https://mstf.mailsupport-netsuites.online/oVtAwgdE#agavin@tbconsulting.com	HTTP Parser: No favicon
Source: https://mstf.mailsupport-netsuites.online/?caf=1&bpt=345&query=Contact+Support&afdToken=ChMIzprt_u2sigMVIvO7CB2i4QJuEmoBlLqpj5ASqvXftwqlNK0WjZT-2vZ00jSbxMfBbfDeCaSn5cEU3FDmKGscNErcJUp-1g7d0FEUiUIhfcht7f55gANmkLB2pDGpPskX2fep6CamPOxzYNOYd7FsEXLQezpMjg5DR68hYOWiIAE&pcsa=false&nb=0&nm=38&nx=565&ny=53&is=700x480&clkt=112	HTTP Parser: No favicon
Source: https://mstf.mailsupport-netsuites.online/?caf=1&bpt=345&query=Contact+Support&afdToken=ChMIzprt_u2sigMVIvO7CB2i4QJuEmoBlLqpj5ASqvXftwqlNK0WjZT-2vZ00jSbxMfBbfDeCaSn5cEU3FDmKGscNErcJUp-1g7d0FEUiUIhfcht7f55gANmkLB2pDGpPskX2fep6CamPOxzYNOYd7FsEXLQezpMjg5DR68hYOWiIAE&pcsa=false&nb=0&nm=38&nx=565&ny=53&is=700x480&clkt=112	HTTP Parser: No favicon
Source: https://mstf.mailsupport-netsuites.online/?caf=1&bpt=345&query=Contact+Support&afdToken=ChMIzprt_u2sigMVIvO7CB2i4QJuEmoBlLqpj5ASqvXftwqlNK0WjZT-2vZ00jSbxMfBbfDeCaSn5cEU3FDmKGscNErcJUp-1g7d0FEUiUIhfcht7f55gANmkLB2pDGpPskX2fep6CamPOxzYNOYd7FsEXLQezpMjg5DR68hYOWiIAE&pcsa=false&nb=0&nm=38&nx=565&ny=53&is=700x480&clkt=112	HTTP Parser: No favicon
Source: https://mstf.mailsupport-netsuites.online/?caf=1&bpt=345&query=Contact+Support&afdToken=ChMIzprt_u2sigMVIvO7CB2i4QJuEmoBlLqpj5ASqvXftwqlNK0WjZT-2vZ00jSbxMfBbfDeCaSn5cEU3FDmKGscNErcJUp-1g7d0FEUiUIhfcht7f55gANmkLB2pDGpPskX2fep6CamPOxzYNOYd7FsEXLQezpMjg5DR68hYOWiIAE&pcsa=false&nb=0&nm=38&nx=565&ny=53&is=700x480&clkt=112	HTTP Parser: No favicon
Source: https://www.justanswer.com/sip/justanswer?r=ppc\|ga\|27\|Tech-Computer-SQR-Search-BMM-Broad\|Software-Amazon\|&JPKW=%2Bhelp%20%2B%26%20%2Bcustomer%20%2Bservice&JPDC=S&JPST=&JPAD=355200043659&JPMT=b&JPNW=s&JPAF=txt&JPRC=1&JPCD=&JPOP=&cmpid=2031261533&agid=71340705109&fiid=&tgtid=kwd-370301366612&ntw=s&dvc=c&gad_source=5&gclid=EAIaIQobChMIiqSKju6sigMVpgcGAB2u5DvREAAYASAAEgJ7_PD_BwE	HTTP Parser: No favicon
Source: https://www.justanswer.com/sip/justanswer?r=ppc\|ga\|27\|Tech-Computer-SQR-Search-BMM-Broad\|Software-Amazon\|&JPKW=%2Bhelp%20%2B%26%20%2Bcustomer%20%2Bservice&JPDC=S&JPST=&JPAD=355200043659&JPMT=b&JPNW=s&JPAF=txt&JPRC=1&JPCD=&JPOP=&cmpid=2031261533&agid=71340705109&fiid=&tgtid=kwd-370301366612&ntw=s&dvc=c&gad_source=5&gclid=EAIaIQobChMIiqSKju6sigMVpgcGAB2u5DvREAAYASAAEgJ7_PD_BwE	HTTP Parser: No favicon
Source: https://mstf.mailsupport-netsuites.online/?caf=1&bpt=345&query=Contact+Support&afdToken=ChMIzprt_u2sigMVIvO7CB2i4QJuEmoBlLqpj5ASqvXftwqlNK0WjZT-2vZ00jSbxMfBbfDeCaSn5cEU3FDmKGscNErcJUp-1g7d0FEUiUIhfcht7f55gANmkLB2pDGpPskX2fep6CamPOxzYNOYd7FsEXLQezpMjg5DR68hYOWiIAE&pcsa=false&nb=0&nm=38&nx=565&ny=53&is=700x480&clkt=112	HTTP Parser: No favicon
Source: https://www.justanswer.com/sip/justanswer?r=ppc\|ga\|27\|Tech-Computer-SQR-Search-BMM-Broad\|Software-Amazon\|&JPKW=%2Bhelp%20%2B%26%20%2Bcustomer%20%2Bservice&JPDC=S&JPST=&JPAD=355200043659&JPMT=b&JPNW=s&JPAF=txt&JPRC=1&JPCD=&JPOP=&cmpid=2031261533&agid=71340705109&fiid=&tgtid=kwd-370301366612&ntw=s&dvc=c&gad_source=5&gclid=EAIaIQobChMIiqSKju6sigMVpgcGAB2u5DvREAAYASAAEgJ7_PD_BwE	HTTP Parser: No favicon
Source: https://www.justanswer.com/sip/justanswer?r=ppc\|ga\|27\|Tech-Computer-SQR-Search-BMM-Broad\|Software-Amazon\|&JPKW=%2Bhelp%20%2B%26%20%2Bcustomer%20%2Bservice&JPDC=S&JPST=&JPAD=355200043659&JPMT=b&JPNW=s&JPAF=txt&JPRC=1&JPCD=&JPOP=&cmpid=2031261533&agid=71340705109&fiid=&tgtid=kwd-370301366612&ntw=s&dvc=c&gad_source=5&gclid=EAIaIQobChMIiqSKju6sigMVpgcGAB2u5DvREAAYASAAEgJ7_PD_BwE	HTTP Parser: No favicon
Source: https://www.justanswer.com/sip/justanswer?r=ppc\|ga\|27\|Tech-Computer-SQR-Search-BMM-Broad\|Software-Amazon\|&JPKW=%2Bhelp%20%2B%26%20%2Bcustomer%20%2Bservice&JPDC=S&JPST=&JPAD=355200043659&JPMT=b&JPNW=s&JPAF=txt&JPRC=1&JPCD=&JPOP=&cmpid=2031261533&agid=71340705109&fiid=&tgtid=kwd-370301366612&ntw=s&dvc=c&gad_source=5&gclid=EAIaIQobChMIiqSKju6sigMVpgcGAB2u5DvREAAYASAAEgJ7_PD_BwE	HTTP Parser: No favicon
Source: https://www.justanswer.com/sip/justanswer?r=ppc\|ga\|27\|Tech-Computer-SQR-Search-BMM-Broad\|Software-Amazon\|&JPKW=%2Bhelp%20%2B%26%20%2Bcustomer%20%2Bservice&JPDC=S&JPST=&JPAD=355200043659&JPMT=b&JPNW=s&JPAF=txt&JPRC=1&JPCD=&JPOP=&cmpid=2031261533&agid=71340705109&fiid=&tgtid=kwd-370301366612&ntw=s&dvc=c&gad_source=5&gclid=EAIaIQobChMIiqSKju6sigMVpgcGAB2u5DvREAAYASAAEgJ7_PD_BwE	HTTP Parser: No favicon
Source: https://www.justanswer.com/sip/justanswer?r=ppc\|ga\|27\|Tech-Computer-SQR-Search-BMM-Broad\|Software-Amazon\|&JPKW=%2Bhelp%20%2B%26%20%2Bcustomer%20%2Bservice&JPDC=S&JPST=&JPAD=355200043659&JPMT=b&JPNW=s&JPAF=txt&JPRC=1&JPCD=&JPOP=&cmpid=2031261533&agid=71340705109&fiid=&tgtid=kwd-370301366612&ntw=s&dvc=c&gad_source=5&gclid=EAIaIQobChMIiqSKju6sigMVpgcGAB2u5DvREAAYASAAEgJ7_PD_BwE	HTTP Parser: No favicon
Source: https://www.justanswer.com/sip/justanswer?r=ppc\|ga\|27\|Tech-Computer-SQR-Search-BMM-Broad\|Software-Amazon\|&JPKW=%2Bhelp%20%2B%26%20%2Bcustomer%20%2Bservice&JPDC=S&JPST=&JPAD=355200043659&JPMT=b&JPNW=s&JPAF=txt&JPRC=1&JPCD=&JPOP=&cmpid=2031261533&agid=71340705109&fiid=&tgtid=kwd-370301366612&ntw=s&dvc=c&gad_source=5&gclid=EAIaIQobChMIiqSKju6sigMVpgcGAB2u5DvREAAYASAAEgJ7_PD_BwE	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49807 version: TLS 1.2

Source: winword.exe

Memory has grown: Private usage: 15MB later: 59MB

Source: unknown

Network traffic detected: DNS query count 49

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200

Source: global traffic	DNS traffic detected: DNS query: mstf.mailsupport-netsuites.online
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: syndicatedsearch.goog
Source: global traffic	DNS traffic detected: DNS query: parking3.parklogic.com
Source: global traffic	DNS traffic detected: DNS query: afs.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: click-use1.bodis.com
Source: global traffic	DNS traffic detected: DNS query: www.justanswer.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: components.justanswer.com
Source: global traffic	DNS traffic detected: DNS query: ww2-secure.justanswer.com
Source: global traffic	DNS traffic detected: DNS query: ww2.justanswer.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: secure.justanswer.com
Source: global traffic	DNS traffic detected: DNS query: va.justanswer.com
Source: global traffic	DNS traffic detected: DNS query: cat.justanswer.com
Source: global traffic	DNS traffic detected: DNS query: transcend-cdn.com
Source: global traffic	DNS traffic detected: DNS query: sima.justanswer.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: widget.trustpilot.com
Source: global traffic	DNS traffic detected: DNS query: s.adroll.com
Source: global traffic	DNS traffic detected: DNS query: static.ads-twitter.com
Source: global traffic	DNS traffic detected: DNS query: cdn.mouseflow.com
Source: global traffic	DNS traffic detected: DNS query: d.impactradius-event.com
Source: global traffic	DNS traffic detected: DNS query: d2hrivdxn8ekm8.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: arttrk.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: 9480947.fls.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: d.adroll.com
Source: global traffic	DNS traffic detected: DNS query: acdn.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: ad.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: t.co
Source: global traffic	DNS traffic detected: DNS query: analytics.twitter.com
Source: global traffic	DNS traffic detected: DNS query: ib.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: ttip-ipv4-prod.telemetry.vaultdcr.com
Source: global traffic	DNS traffic detected: DNS query: ttip-ipv6-prod.telemetry.vaultdcr.com
Source: global traffic	DNS traffic detected: DNS query: tte-prod.telemetry.vaultdcr.com
Source: global traffic	DNS traffic detected: DNS query: x.adroll.com
Source: global traffic	DNS traffic detected: DNS query: adservice.google.com
Source: global traffic	DNS traffic detected: DNS query: segment.prod.bidr.io
Source: global traffic	DNS traffic detected: DNS query: x.bidswitch.net
Source: global traffic	DNS traffic detected: DNS query: ml314.com
Source: global traffic	DNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: pixel.tapad.com
Source: global traffic	DNS traffic detected: DNS query: dsum-sec.casalemedia.com
Source: global traffic	DNS traffic detected: DNS query: idsync.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: match.adsrvr.org
Source: global traffic	DNS traffic detected: DNS query: pixel.rubiconproject.com

Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 50062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 50066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 50086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50069 -> 443

Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49807 version: TLS 1.2

Source: classification engine

Classification label: mal52.phis.winDOCX@29/170@186/390