Edit tour

Windows Analysis Report
http://app.security.umbrella.com

Overview

General Information

Sample URL:http://app.security.umbrella.com
Analysis ID:1661992
Infos:

Detection

Score:1
Range:0 - 100
Confidence:80%

Signatures

Creates files inside the system directory
Deletes files inside the Windows folder
Suricata IDS alerts with low severity for network traffic

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 3908 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 544 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1976,i,10585217938546677843,6606636917146969565,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2192 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6644 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://app.security.umbrella.com" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
No yara matches
No Sigma rule has matched
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-04-10T16:49:41.284875+020028494291Attempted Administrator Privilege Gain1.1.1.153192.168.2.1657208UDP

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://app.security.umbrella.com/HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 140.86.220.9:443 -> 192.168.2.16:49696 version: TLS 1.2
Source: unknownHTTPS traffic detected: 140.86.220.9:443 -> 192.168.2.16:49699 version: TLS 1.2
Source: unknownHTTPS traffic detected: 140.86.220.9:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.80.14:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.65.234:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.65.234:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.65.206:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknownHTTPS traffic detected: 67.215.70.200:443 -> 192.168.2.16:49761 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.211.170.103:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.56.162.118:443 -> 192.168.2.16:49768 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.27.152:443 -> 192.168.2.16:49772 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.218.114:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.218.115:443 -> 192.168.2.16:49793 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.218.115:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: unknownHTTPS traffic detected: 199.232.90.132:443 -> 192.168.2.16:49804 version: TLS 1.2
Source: unknownHTTPS traffic detected: 199.232.90.132:443 -> 192.168.2.16:49806 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.211.170.103:443 -> 192.168.2.16:49817 version: TLS 1.2
Source: unknownHTTPS traffic detected: 199.232.90.132:443 -> 192.168.2.16:49805 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.211.170.103:443 -> 192.168.2.16:49820 version: TLS 1.2
Source: unknownHTTPS traffic detected: 199.232.90.132:443 -> 192.168.2.16:49828 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.86.42:443 -> 192.168.2.16:49841 version: TLS 1.2
Source: Network trafficSuricata IDS: 2849429 - Severity 1 - ETPRO EXPLOIT Possible dhcpcd IPv6 IA/NA Buffer Overflow [Advertise 0x02] Inbound (CVE-2019-11577) : 1.1.1.1:53 -> 192.168.2.16:57208
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: app.security.umbrella.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: app.security.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.security.umbrella.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: app.security.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficHTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=e&oit=1&cp=1&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.24R2mrw_td8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9vR1rNwOjC3PXOxUlyKiCwNBv2Fg/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en2&oit=1&cp=3&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25&oit=1&cp=4&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25.&oit=1&cp=5&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25.co&oit=3&cp=7&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25.com&oit=3&cp=8&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=Ycl04-TmqLOE5hn_3apwLcqljDcPu4Jj078XHBC5bdRISrUZafpFnWMErBaJ4-lbAZQ8l-gbPV8lzltD14IJq5ssANWSNnIqGzBJvHiK68Y0yEm_l40RNJnsRhPZkk1mgJmvyHlfsDN2eflgCzeyEYhzzp6vqI2sY7dXxJsuZYslEUvYPnKLKkN64O-BXDReH2iS9Q
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=http%3A%2F%2Fapp.security.umbrella.com&oit=3&cp=4&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=Ycl04-TmqLOE5hn_3apwLcqljDcPu4Jj078XHBC5bdRISrUZafpFnWMErBaJ4-lbAZQ8l-gbPV8lzltD14IJq5ssANWSNnIqGzBJvHiK68Y0yEm_l40RNJnsRhPZkk1mgJmvyHlfsDN2eflgCzeyEYhzzp6vqI2sY7dXxJsuZYslEUvYPnKLKkN64O-BXDReH2iS9Q
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: app.security.umbrella.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: app.security.umbrella.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=Ycl04-TmqLOE5hn_3apwLcqljDcPu4Jj078XHBC5bdRISrUZafpFnWMErBaJ4-lbAZQ8l-gbPV8lzltD14IJq5ssANWSNnIqGzBJvHiK68Y0yEm_l40RNJnsRhPZkk1mgJmvyHlfsDN2eflgCzeyEYhzzp6vqI2sY7dXxJsuZYslEUvYPnKLKkN64O-BXDReH2iS9Q
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=w.umbrella.com&oit=3&cp=1&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=Ycl04-TmqLOE5hn_3apwLcqljDcPu4Jj078XHBC5bdRISrUZafpFnWMErBaJ4-lbAZQ8l-gbPV8lzltD14IJq5ssANWSNnIqGzBJvHiK68Y0yEm_l40RNJnsRhPZkk1mgJmvyHlfsDN2eflgCzeyEYhzzp6vqI2sY7dXxJsuZYslEUvYPnKLKkN64O-BXDReH2iS9Q
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=www.umbrella.com&oit=3&cp=3&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=Ycl04-TmqLOE5hn_3apwLcqljDcPu4Jj078XHBC5bdRISrUZafpFnWMErBaJ4-lbAZQ8l-gbPV8lzltD14IJq5ssANWSNnIqGzBJvHiK68Y0yEm_l40RNJnsRhPZkk1mgJmvyHlfsDN2eflgCzeyEYhzzp6vqI2sY7dXxJsuZYslEUvYPnKLKkN64O-BXDReH2iS9Q
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=www..umbrella.com&oit=1&cp=4&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=Ycl04-TmqLOE5hn_3apwLcqljDcPu4Jj078XHBC5bdRISrUZafpFnWMErBaJ4-lbAZQ8l-gbPV8lzltD14IJq5ssANWSNnIqGzBJvHiK68Y0yEm_l40RNJnsRhPZkk1mgJmvyHlfsDN2eflgCzeyEYhzzp6vqI2sY7dXxJsuZYslEUvYPnKLKkN64O-BXDReH2iS9Q
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=www.umbrella.com&oit=3&cp=4&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=Ycl04-TmqLOE5hn_3apwLcqljDcPu4Jj078XHBC5bdRISrUZafpFnWMErBaJ4-lbAZQ8l-gbPV8lzltD14IJq5ssANWSNnIqGzBJvHiK68Y0yEm_l40RNJnsRhPZkk1mgJmvyHlfsDN2eflgCzeyEYhzzp6vqI2sY7dXxJsuZYslEUvYPnKLKkN64O-BXDReH2iS9Q
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.umbrella.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=6.7.2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/shiny-code/build/css/themes/atom-one-light/prism.css?ver=1.0.0 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /c/dam/cdc/t/ctm-core.js HTTP/1.1Host: www.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/css/dashicons.min.css?ver=6.7.2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/gutenberg.min.css?ver=2.6.16 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.4 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /css/templates/v2.1/essentials/cludo-search.min.css?ver=2.6.16 HTTP/1.1Host: customer.cludo.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.8.4 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.7.2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/style.min.css?ver=2.6.16 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2022/03/17212340/Navigation-dropdown-promo-CULD-webinar_031722.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2022/03/17213632/Navigation-dropdown-promo-free-trial_031522-3.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/15144319/Homepage-hero-banner.jpg HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/fonts/CiscoSansTTLight.woff2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveOrigin: https://umbrella.cisco.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://umbrella.cisco.com/wp-content/themes/umbrella/style.min.css?ver=2.6.16Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/fonts/CiscoSansTTBold.woff2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveOrigin: https://umbrella.cisco.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://umbrella.cisco.com/wp-content/themes/umbrella/style.min.css?ver=2.6.16Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveOrigin: https://umbrella.cisco.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://umbrella.cisco.com/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.7.2Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2022/03/17213701/Navigation-dropdown-promo-Become-a-partner_031722-3.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2022/03/17183534/Navigation-dropdown-promo-On-demand-webinar_031722.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/16102520/Homepage-icons-umbrella-01.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/16102529/Homepage-icons-umbrella-03.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/16102521/Homepage-icons-umbrella-02.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2022/03/17212340/Navigation-dropdown-promo-CULD-webinar_031722.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2022/03/17213632/Navigation-dropdown-promo-free-trial_031522-3.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/16102520/Homepage-icons-umbrella-01.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/16102529/Homepage-icons-umbrella-03.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/16102521/Homepage-icons-umbrella-02.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/fonts/CiscoSansTTExtraLight.woff2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveOrigin: https://umbrella.cisco.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://umbrella.cisco.com/wp-content/themes/umbrella/style.min.css?ver=2.6.16Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/fonts/CiscoSansTTLightOblique.woff2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveOrigin: https://umbrella.cisco.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://umbrella.cisco.com/wp-content/themes/umbrella/style.min.css?ver=2.6.16Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/06/05141452/FedRAMP-logo.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/15144415/homepage-integrations.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2022/03/17213701/Navigation-dropdown-promo-Become-a-partner_031722-3.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/shiny-code/assets/js/vendor/prism.js?ver=1.15.0 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/15144319/Homepage-hero-banner.jpg HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/close-icon-gray-32px.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /embed/medias/2lvakgl5rq.jsonp HTTP/1.1Host: fast.wistia.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/external/E-v1.js HTTP/1.1Host: fast.wistia.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.7 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2022/03/17183534/Navigation-dropdown-promo-On-demand-webinar_031722.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/search-icon-green-bkg-76px.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/11/01114508/TrustRadius-Buyers-Choice-Award-UMB-Promo.jpg HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/06/05141452/FedRAMP-logo.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/06/20105331/free-trial-blade-06202024.jpg HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/05/15144415/homepage-integrations.png HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /scripts/bundles/search-script.min.js?ver=2.6.16 HTTP/1.1Host: customer.cludo.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /c/dam/cdc/t/ctm.js HTTP/1.1Host: www.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472; c_bi=f04ef44c21eb42b5b78bc53e290fb367
Source: global trafficHTTP traffic detected: GET /wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.3.5 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/close-icon-gray-32px.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /embed/medias/2lvakgl5rq/swatch HTTP/1.1Host: fast.wistia.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/search-icon-green-bkg-76px.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.5 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/js/theme.min.js?ver=2.6.16 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/11/01114508/TrustRadius-Buyers-Choice-Award-UMB-Promo.jpg HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2024/06/20105331/free-trial-blade-06202024.jpg HTTP/1.1Host: cdn.umbrella.marketops.umbrella.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/genesis/lib/js/menu/responsive-menus.min.js?ver=1.1.3 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.4 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.8.4 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/umbrella-logo.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://umbrella.cisco.com/wp-content/themes/umbrella/style.min.css?ver=2.6.16Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/search-icon-gray-34px.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveOrigin: https://umbrella.cisco.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://umbrella.cisco.com/wp-content/themes/umbrella/style.min.css?ver=2.6.16Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/check.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://umbrella.cisco.com/wp-content/themes/umbrella/style.min.css?ver=2.6.16Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/umbrella-footer-logo.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/umbrella-logo.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /embed/medias/2lvakgl5rq/swatch HTTP/1.1Host: fast.wistia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?ver=6.7.2 HTTP/1.1Host: umbrella.cisco.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://umbrella.cisco.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/search-icon-gray-34px.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/check.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficHTTP traffic detected: GET /wp-content/themes/umbrella/images/umbrella-footer-logo.svg HTTP/1.1Host: umbrella.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: CP_GUTC=23.195.36.105.17169171744296647472
Source: global trafficDNS traffic detected: DNS query: app.security.umbrella.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: ogads-pa.clients6.google.com
Source: global trafficDNS traffic detected: DNS query: apis.google.com
Source: global trafficDNS traffic detected: DNS query: play.google.com
Source: global trafficDNS traffic detected: DNS query: en25.com
Source: global trafficDNS traffic detected: DNS query: www.umbrella.com
Source: global trafficDNS traffic detected: DNS query: umbrella.cisco.com
Source: global trafficDNS traffic detected: DNS query: www.cisco.com
Source: global trafficDNS traffic detected: DNS query: customer.cludo.com
Source: global trafficDNS traffic detected: DNS query: cdn.umbrella.marketops.umbrella.com
Source: global trafficDNS traffic detected: DNS query: cdn.cookielaw.org
Source: global trafficDNS traffic detected: DNS query: fast.wistia.com
Source: unknownHTTP traffic detected: POST /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/1.1Host: ogads-pa.clients6.google.comConnection: keep-aliveContent-Length: 67X-Goog-Api-Key: AIzaSyCbsbvGCe7C9mCtdaTycZB2eUFuzsYKG_Esec-ch-ua-platform: "Windows"X-User-Agent: grpc-web-javascript/0.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/json+protobufsec-ch-ua-mobile: ?0Accept: */*Origin: chrome-untrusted://new-tab-pageX-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-storePragma: no-cacheContent-Type: text/htmlExpires: -1X-Robots-Tag: noindex, nofollowX-Xss-Protection: 1; mode=blockP3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",X-Content-Type-Options: nosniffDate: Thu, 10 Apr 2025 14:49:40 GMTConnection: closeContent-Length: 600
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-storePragma: no-cacheContent-Type: text/htmlExpires: -1X-Robots-Tag: noindex, nofollowX-Xss-Protection: 1; mode=blockP3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",X-Content-Type-Options: nosniffDate: Thu, 10 Apr 2025 14:50:34 GMTConnection: closeContent-Length: 600
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49696
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49673
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49696 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownHTTPS traffic detected: 140.86.220.9:443 -> 192.168.2.16:49696 version: TLS 1.2
Source: unknownHTTPS traffic detected: 140.86.220.9:443 -> 192.168.2.16:49699 version: TLS 1.2
Source: unknownHTTPS traffic detected: 140.86.220.9:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.80.14:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.65.234:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.65.234:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.65.206:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknownHTTPS traffic detected: 67.215.70.200:443 -> 192.168.2.16:49761 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.32.100:443 -> 192.168.2.16:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.211.170.103:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.56.162.118:443 -> 192.168.2.16:49768 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.27.152:443 -> 192.168.2.16:49772 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.218.114:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.218.115:443 -> 192.168.2.16:49793 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.218.115:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: unknownHTTPS traffic detected: 199.232.90.132:443 -> 192.168.2.16:49804 version: TLS 1.2
Source: unknownHTTPS traffic detected: 199.232.90.132:443 -> 192.168.2.16:49806 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.211.170.103:443 -> 192.168.2.16:49817 version: TLS 1.2
Source: unknownHTTPS traffic detected: 199.232.90.132:443 -> 192.168.2.16:49805 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.211.170.103:443 -> 192.168.2.16:49820 version: TLS 1.2
Source: unknownHTTPS traffic detected: 199.232.90.132:443 -> 192.168.2.16:49828 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.86.42:443 -> 192.168.2.16:49841 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir3908_1372115198
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir3908_1372115198
Source: classification engineClassification label: clean1.win@31/0@46/126
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1976,i,10585217938546677843,6606636917146969565,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2192 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://app.security.umbrella.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1976,i,10585217938546677843,6606636917146969565,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2192 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
File Deletion
Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
http://app.security.umbrella.com0%Avira URL Cloudsafe
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://app.security.umbrella.com/favicon.ico0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en2&oit=1&cp=3&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25&oit=1&cp=4&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25.com&oit=3&cp=8&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=e&oit=1&cp=1&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25.co&oit=3&cp=7&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25.&oit=1&cp=5&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=http%3A%2F%2Fapp.security.umbrella.com&oit=3&cp=4&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
http://app.security.umbrella.com/0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=w.umbrella.com&oit=3&cp=1&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=www.umbrella.com&oit=3&cp=4&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=www.umbrella.com&oit=3&cp=3&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.20%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/plugins/shiny-code/build/css/themes/atom-one-light/prism.css?ver=1.0.00%Avira URL Cloudsafe
https://umbrella.cisco.com/0%Avira URL Cloudsafe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=www..umbrella.com&oit=1&cp=4&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE0%Avira URL Cloudsafe
https://www.umbrella.com/0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/images/umbrella-footer-logo.svg0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.50%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.40%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/fonts/CiscoSansTTLight.woff20%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-includes/js/hoverIntent.min.js?ver=1.10.20%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.70%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-solid-900.woff20%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/images/close-icon-gray-32px.svg0%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2022/03/17213632/Navigation-dropdown-promo-free-trial_031522-3.png0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/images/umbrella-logo.svg0%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/15144319/Homepage-hero-banner.jpg0%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/16102529/Homepage-icons-umbrella-03.png0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.7.20%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/15144415/homepage-integrations.png0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/genesis/lib/js/menu/responsive-menus.min.js?ver=1.1.30%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/06/20105331/free-trial-blade-06202024.jpg0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/fonts/CiscoSansTTExtraLight.woff20%Avira URL Cloudsafe
https://fast.wistia.com/embed/medias/2lvakgl5rq.jsonp0%Avira URL Cloudsafe
https://www.cisco.com/c/dam/cdc/t/ctm-core.js0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.3.50%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/16102520/Homepage-icons-umbrella-01.png0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/images/check.svg0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/plugins/shiny-code/assets/js/vendor/prism.js?ver=1.15.00%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/images/search-icon-green-bkg-76px.svg0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/gutenberg.min.css?ver=2.6.160%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.100%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/js/theme.min.js?ver=2.6.160%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.20%Avira URL Cloudsafe
https://customer.cludo.com/scripts/bundles/search-script.min.js?ver=2.6.160%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.8.40%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/16102521/Homepage-icons-umbrella-02.png0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.8.40%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2022/03/17183534/Navigation-dropdown-promo-On-demand-webinar_031722.png0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.40%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/images/search-icon-gray-34px.svg0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/style.min.css?ver=2.6.160%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/06/05141452/FedRAMP-logo.png0%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/fonts/CiscoSansTTLightOblique.woff20%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.10%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-includes/css/dashicons.min.css?ver=6.7.20%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2022/03/17212340/Navigation-dropdown-promo-CULD-webinar_031722.png0%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2022/03/17213701/Navigation-dropdown-promo-Become-a-partner_031722-3.png0%Avira URL Cloudsafe
https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/11/01114508/TrustRadius-Buyers-Choice-Award-UMB-Promo.jpg0%Avira URL Cloudsafe
https://www.cisco.com/c/dam/cdc/t/ctm.js0%Avira URL Cloudsafe
https://fast.wistia.com/embed/medias/2lvakgl5rq/swatch0%Avira URL Cloudsafe
https://customer.cludo.com/css/templates/v2.1/essentials/cludo-search.min.css?ver=2.6.160%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-content/themes/umbrella/fonts/CiscoSansTTBold.woff20%Avira URL Cloudsafe
https://umbrella.cisco.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.10%Avira URL Cloudsafe
NameIPActiveMaliciousAntivirus DetectionReputation
plus.l.google.com
142.250.80.14
truefalse
    high
    www.umbrella.com
    67.215.70.200
    truefalse
      unknown
      en25.com
      208.80.56.11
      truefalse
        unknown
        d3ef9xpzva7yl6.cloudfront.net
        18.173.218.114
        truefalse
          unknown
          customer.cludo.com.cdn.cloudflare.net
          172.67.27.152
          truefalse
            unknown
            dualstack.j.sni.global.fastly.net
            199.232.90.132
            truefalse
              high
              e2867.dsca.akamaiedge.net
              23.56.162.118
              truefalse
                unknown
                ciscosystemsinc.pagelyhosting.com
                3.211.170.103
                truefalse
                  unknown
                  ogads-pa.clients6.google.com
                  142.250.65.234
                  truefalse
                    high
                    play.google.com
                    142.250.65.206
                    truefalse
                      high
                      www.google.com
                      142.251.32.100
                      truefalse
                        high
                        cdn.cookielaw.org
                        104.18.86.42
                        truefalse
                          high
                          p03k.t.en25.com
                          140.86.220.9
                          truefalse
                            unknown
                            customer.cludo.com
                            unknown
                            unknownfalse
                              unknown
                              fast.wistia.com
                              unknown
                              unknownfalse
                                high
                                umbrella.cisco.com
                                unknown
                                unknownfalse
                                  unknown
                                  app.security.umbrella.com
                                  unknown
                                  unknownfalse
                                    unknown
                                    www.cisco.com
                                    unknown
                                    unknownfalse
                                      unknown
                                      cdn.umbrella.marketops.umbrella.com
                                      unknown
                                      unknownfalse
                                        unknown
                                        apis.google.com
                                        unknown
                                        unknownfalse
                                          high
                                          NameMaliciousAntivirus DetectionReputation
                                          https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=http%3A%2F%2Fapp.security.umbrella.com&oit=3&cp=4&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en2&oit=1&cp=3&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://umbrella.cisco.com/wp-content/themes/umbrella/images/umbrella-footer-logo.svgfalse
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25.com&oit=3&cp=8&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://umbrella.cisco.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.7false
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://umbrella.cisco.com/wp-content/themes/umbrella/images/close-icon-gray-32px.svgfalse
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://umbrella.cisco.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.5false
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://umbrella.cisco.com/wp-content/themes/umbrella/images/umbrella-logo.svgfalse
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=w.umbrella.com&oit=3&cp=1&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://umbrella.cisco.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.4false
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://umbrella.cisco.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2false
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://umbrella.cisco.com/wp-content/themes/umbrella/fonts/CiscoSansTTLight.woff2false
                                          • Avira URL Cloud: safe
                                          unknown
                                          https://app.security.umbrella.com/favicon.icofalse
                                          • Avira URL Cloud: safe
                                          unknown
                                          http://c.pki.goog/r/r4.crlfalse
                                            high
                                            https://umbrella.cisco.com/wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-solid-900.woff2false
                                            • Avira URL Cloud: safe
                                            unknown
                                            https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2022/03/17213632/Navigation-dropdown-promo-free-trial_031522-3.pngfalse
                                            • Avira URL Cloud: safe
                                            unknown
                                            https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/15144319/Homepage-hero-banner.jpgfalse
                                            • Avira URL Cloud: safe
                                            unknown
                                            https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/16102529/Homepage-icons-umbrella-03.pngfalse
                                            • Avira URL Cloud: safe
                                            unknown
                                            https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=e&oit=1&cp=1&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                            • Avira URL Cloud: safe
                                            unknown
                                            https://umbrella.cisco.com/wp-content/themes/genesis/lib/js/menu/responsive-menus.min.js?ver=1.1.3false
                                            • Avira URL Cloud: safe
                                            unknown
                                            https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/15144415/homepage-integrations.pngfalse
                                            • Avira URL Cloud: safe
                                            unknown
                                            https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=www.umbrella.com&oit=3&cp=4&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                            • Avira URL Cloud: safe
                                            unknown
                                            https://app.security.umbrella.com/false
                                              unknown
                                              https://umbrella.cisco.com/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.7.2false
                                              • Avira URL Cloud: safe
                                              unknown
                                              https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/06/20105331/free-trial-blade-06202024.jpgfalse
                                              • Avira URL Cloud: safe
                                              unknown
                                              https://umbrella.cisco.com/wp-content/themes/umbrella/fonts/CiscoSansTTExtraLight.woff2false
                                              • Avira URL Cloud: safe
                                              unknown
                                              https://fast.wistia.com/embed/medias/2lvakgl5rq.jsonpfalse
                                              • Avira URL Cloud: safe
                                              unknown
                                              https://fast.wistia.com/assets/external/E-v1.jsfalse
                                                high
                                                https://umbrella.cisco.com/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.3.5false
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.umbrella.com/false
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://c.pki.goog/r/gsr1.crlfalse
                                                  high
                                                  https://umbrella.cisco.com/false
                                                  • Avira URL Cloud: safe
                                                  unknown
                                                  https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0false
                                                    high
                                                    https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=www.umbrella.com&oit=3&cp=3&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                                    • Avira URL Cloud: safe
                                                    unknown
                                                    https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=www..umbrella.com&oit=1&cp=4&pgcl=4&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                                    • Avira URL Cloud: safe
                                                    unknown
                                                    https://www.cisco.com/c/dam/cdc/t/ctm-core.jsfalse
                                                    • Avira URL Cloud: safe
                                                    unknown
                                                    https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                                      high
                                                      https://ogads-pa.clients6.google.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDatafalse
                                                        high
                                                        https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/16102520/Homepage-icons-umbrella-01.pngfalse
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://umbrella.cisco.com/wp-content/plugins/shiny-code/assets/js/vendor/prism.js?ver=1.15.0false
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                                          high
                                                          https://umbrella.cisco.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://umbrella.cisco.com/wp-content/themes/umbrella/images/check.svgfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://umbrella.cisco.com/wp-content/themes/umbrella/images/search-icon-green-bkg-76px.svgfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://umbrella.cisco.com/wp-content/themes/umbrella/gutenberg.min.css?ver=2.6.16false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          http://app.security.umbrella.com/false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://umbrella.cisco.com/wp-content/themes/umbrella/js/theme.min.js?ver=2.6.16false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://umbrella.cisco.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://www.google.com/async/newtab_promosfalse
                                                            high
                                                            https://umbrella.cisco.com/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.8.4false
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://customer.cludo.com/scripts/bundles/search-script.min.js?ver=2.6.16false
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/05/16102521/Homepage-icons-umbrella-02.pngfalse
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://umbrella.cisco.com/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.8.4false
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25&oit=1&cp=4&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2022/03/17183534/Navigation-dropdown-promo-On-demand-webinar_031722.pngfalse
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://www.google.com/async/ddljson?async=ntp:2false
                                                              high
                                                              https://umbrella.cisco.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.4false
                                                              • Avira URL Cloud: safe
                                                              unknown
                                                              https://play.google.com/log?format=json&hasfast=truefalse
                                                                high
                                                                https://umbrella.cisco.com/wp-content/themes/umbrella/images/search-icon-gray-34px.svgfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://umbrella.cisco.com/wp-content/themes/umbrella/style.min.css?ver=2.6.16false
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/06/05141452/FedRAMP-logo.pngfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://umbrella.cisco.com/wp-content/themes/umbrella/fonts/CiscoSansTTLightOblique.woff2false
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://umbrella.cisco.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1false
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25.co&oit=3&cp=7&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://umbrella.cisco.com/wp-includes/css/dashicons.min.css?ver=6.7.2false
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2022/03/17213701/Navigation-dropdown-promo-Become-a-partner_031722-3.pngfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2022/03/17212340/Navigation-dropdown-promo-CULD-webinar_031722.pngfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://cdn.umbrella.marketops.umbrella.com/wp-content/uploads/2024/11/01114508/TrustRadius-Buyers-Choice-Award-UMB-Promo.jpgfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.24R2mrw_td8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9vR1rNwOjC3PXOxUlyKiCwNBv2Fg/cb=gapi.loaded_0false
                                                                  high
                                                                  https://www.cisco.com/c/dam/cdc/t/ctm.jsfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=en25.&oit=1&cp=5&pgcl=7&gs_rn=42&psi=3S57yrodrxcZ9nde&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://umbrella.cisco.com/wp-content/plugins/shiny-code/build/css/themes/atom-one-light/prism.css?ver=1.0.0false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://umbrella.cisco.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://customer.cludo.com/css/templates/v2.1/essentials/cludo-search.min.css?ver=2.6.16false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://fast.wistia.com/embed/medias/2lvakgl5rq/swatchfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://umbrella.cisco.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://umbrella.cisco.com/wp-content/themes/umbrella/fonts/CiscoSansTTBold.woff2false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://cdn.cookielaw.org/scripttemplates/otSDKStub.jsfalse
                                                                    high
                                                                    • No. of IPs < 25%
                                                                    • 25% < No. of IPs < 50%
                                                                    • 50% < No. of IPs < 75%
                                                                    • 75% < No. of IPs
                                                                    IPDomainCountryFlagASNASN NameMalicious
                                                                    142.250.80.14
                                                                    plus.l.google.comUnited States
                                                                    15169GOOGLEUSfalse
                                                                    1.1.1.1
                                                                    unknownAustralia
                                                                    13335CLOUDFLARENETUSfalse
                                                                    140.86.220.9
                                                                    p03k.t.en25.comSweden
                                                                    43898ORCL-AM-OPC1NLfalse
                                                                    142.251.179.84
                                                                    unknownUnited States
                                                                    15169GOOGLEUSfalse
                                                                    199.232.90.132
                                                                    dualstack.j.sni.global.fastly.netUnited States
                                                                    54113FASTLYUSfalse
                                                                    142.251.40.238
                                                                    unknownUnited States
                                                                    15169GOOGLEUSfalse
                                                                    172.67.27.152
                                                                    customer.cludo.com.cdn.cloudflare.netUnited States
                                                                    13335CLOUDFLARENETUSfalse
                                                                    67.215.70.200
                                                                    www.umbrella.comUnited States
                                                                    36692OPENDNSUSfalse
                                                                    208.80.56.11
                                                                    en25.comUnited States
                                                                    14288MPINETUSfalse
                                                                    3.211.170.103
                                                                    ciscosystemsinc.pagelyhosting.comUnited States
                                                                    14618AMAZON-AESUSfalse
                                                                    23.56.162.118
                                                                    e2867.dsca.akamaiedge.netUnited States
                                                                    16625AKAMAI-ASUSfalse
                                                                    142.250.64.67
                                                                    unknownUnited States
                                                                    15169GOOGLEUSfalse
                                                                    142.250.65.206
                                                                    play.google.comUnited States
                                                                    15169GOOGLEUSfalse
                                                                    142.250.65.227
                                                                    unknownUnited States
                                                                    15169GOOGLEUSfalse
                                                                    142.251.32.110
                                                                    unknownUnited States
                                                                    15169GOOGLEUSfalse
                                                                    142.251.32.100
                                                                    www.google.comUnited States
                                                                    15169GOOGLEUSfalse
                                                                    18.173.218.115
                                                                    unknownUnited States
                                                                    3MIT-GATEWAYSUSfalse
                                                                    18.173.218.114
                                                                    d3ef9xpzva7yl6.cloudfront.netUnited States
                                                                    3MIT-GATEWAYSUSfalse
                                                                    172.217.165.131
                                                                    unknownUnited States
                                                                    15169GOOGLEUSfalse
                                                                    104.18.86.42
                                                                    cdn.cookielaw.orgUnited States
                                                                    13335CLOUDFLARENETUSfalse
                                                                    142.250.65.234
                                                                    ogads-pa.clients6.google.comUnited States
                                                                    15169GOOGLEUSfalse
                                                                    IP
                                                                    192.168.2.16
                                                                    192.168.2.5
                                                                    Joe Sandbox version:42.0.0 Malachite
                                                                    Analysis ID:1661992
                                                                    Start date and time:2025-04-10 16:49:09 +02:00
                                                                    Joe Sandbox product:CloudBasic
                                                                    Overall analysis duration:
                                                                    Hypervisor based Inspection enabled:false
                                                                    Report type:full
                                                                    Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                    Sample URL:http://app.security.umbrella.com
                                                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                    Number of analysed new started processes analysed:14
                                                                    Number of new started drivers analysed:0
                                                                    Number of existing processes analysed:0
                                                                    Number of existing drivers analysed:0
                                                                    Number of injected processes analysed:0
                                                                    Technologies:
                                                                    • EGA enabled
                                                                    Analysis Mode:stream
                                                                    Analysis stop reason:Timeout
                                                                    Detection:CLEAN
                                                                    Classification:clean1.win@31/0@46/126
                                                                    • Exclude process from analysis (whitelisted): svchost.exe
                                                                    • Excluded IPs from analysis (whitelisted): 142.251.179.84, 142.250.64.67, 142.251.32.110, 142.250.80.78
                                                                    • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, redirector.gvt1.com, clientservices.googleapis.com, clients.l.google.com
                                                                    • Not all processes where analyzed, report is missing behavior information
                                                                    • Report size getting too big, too many NtOpenFile calls found.
                                                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                    • VT rate limit hit for: http://app.security.umbrella.com
                                                                    No created / dropped files found
                                                                    No static file info