Windows Analysis Report
https://1drv.ms/o/c/3e563d3fb2a98d1c/Emlo5KUbYYNEvKtIF-7SS0EBYSeT3hOOGuv_MbeT-n2y4g?e=HPjqUn

Overview

General Information

Sample URL:	https://1drv.ms/o/c/3e563d3fb2a98d1c/Emlo5KUbYYNEvKtIF-7SS0EBYSeT3hOOGuv_MbeT-n2y4g?e=HPjqUn
Analysis ID:	1541149

Detection

HtmlDropper

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Yara detected Html Dropper

AI detected landing page (webpage, office document or email)

HTML page contains obfuscated javascript

Phishing site detected (based on favicon image match)

Phishing site detected (based on image similarity)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body with high number of embedded images detected

HTML page contains hidden javascript code

HTML title does not match URL

Invalid 'forgot password' link found

Invalid 'sign-in options' or 'sign-up' link found

Invalid T&C link found

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

AI detected phishing page

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	LLM: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'mohrhydrokultur.adaradocumentfolder.top' does not match the legitimate domain for Microsoft., The domain 'adaradocumentfolder.top' is unusual and not associated with Microsoft., The presence of unrelated words like 'mohrhydrokultur' and 'adaradocumentfolder' in the URL is suspicious., The use of a '.top' domain extension is uncommon for a well-known brand like Microsoft and can be a red flag for phishing. DOM: 4.15.pages.csv
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known global technology company., The legitimate domain for Microsoft is 'microsoft.com'., The provided URL 'mohrhydrokultur.adaradocumentfolder.top' does not match the legitimate domain for Microsoft., The URL contains unusual elements such as 'adaradocumentfolder.top', which is not associated with Microsoft., The presence of a password input field on a non-Microsoft domain is suspicious and indicative of phishing. DOM: 5.19.pages.csv

HTML page contains obfuscated javascript

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: var a0_0x36091f=a0_0x4f90;function a0_0x4f90(_0x5c77f4,_0x5e295b){var _0x24fcb4=a0_0x1e61();re
Source: https://mohrhydrokultur.adaradocumentfolder.top/js_/671a394a1ba96-069e1219415fe70482935df3ce64b451	HTTP Parser: const a0_0x3073bc=a0_0x3920;(function(_0x286f0d,_0x4566b6){const _0x46dd23=a0_0x3920,_0x1f2b9f=_0x28
Source: https://mohrhydrokultur.adaradocumentfolder.top/js2_/671a3964cb686-18422c97909c69491844ce8ab555f730	HTTP Parser: const a0_0x2a5fe5=a0_0x46e1;(function(_0x32bc40,_0xe0232c){const _0x2b1141=a0_0x46e1,_0x5d3f16=_0x32
Source: https://mohrhydrokultur.adaradocumentfolder.top/&step=f253efe302d32ab264a76e0ce65be769671a397785458verify&uid=671a39778547a	HTTP Parser: var a0_0x242969=a0_0x220f;(function(_0x51e62b,_0x10a54b){var _0x11f018=a0_0x220f,_0xe565a2=_0x5
Source: https://mohrhydrokultur.adaradocumentfolder.top/js2_/671a39791f8f6-73c3fa6f5f1f491ea7041c79078cc674	HTTP Parser: const a0_0x2a5fe5=a0_0x46e1;(function(_0x32bc40,_0xe0232c){const _0x2b1141=a0_0x46e1,_0x5d3f16=_0x32

Phishing site detected (based on favicon image match)

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98

Matcher: Template: microsoft matched with high similarity

Phishing site detected (based on image similarity)

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	Matcher: Found strong image similarity, brand: MICROSOFT
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	Matcher: Found strong image similarity, brand: MICROSOFT

HTML body contains low number of good links

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: Number of links: 0
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: Number of links: 0

HTML body with high number of embedded images detected

Source: https://onedrive.live.com/view.aspx?resid=3E563D3FB2A98D1C!sa5e46869611b4483bcab4817eed24b41&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL28vYy8zZTU2M2QzZmIyYTk4ZDFjL0VtbG81S1ViWVlORXZLdElGLTdTUzBFQllTZVQzaE9PR3V2X01iZVQtbjJ5NGc_ZT1IUGpxVW4&wd=target%28Quick%20Notes.one%7C087bc1e6-1071-4924-97c8-9c06613cae25%2FMohr%20HYDROKULTUR%7Ca61e7bae-8de5-48ea-9575-302832b9824d%2F%29&wdorigin=NavigationUrl

HTTP Parser: Total embedded image size: 56838

HTML page contains hidden javascript code

Source: https://onedrive.live.com/personal/3e563d3fb2a98d1c/_layouts/15/Doc.aspx?sourcedoc=%7Ba5e46869-611b-4483-bcab-4817eed24b41%7D&action=default&redeem=aHR0cHM6Ly8xZHJ2Lm1zL28vYy8zZTU2M2QzZmIyYTk4ZDFjL0VtbG81S1ViWVlORXZLdElGLTdTUzBFQllTZVQzaE9PR3V2X01iZVQtbjJ5NGc_ZT1IUGpxVW4&slrid=ba095da1-10b3-a000-2020-f8c86b0ebf8e&originalPath=aHR0cHM6Ly8xZHJ2Lm1zL28vYy8zZTU2M2QzZmIyYTk4ZDFjL0VtbG81S1ViWVlORXZLdElGLTdTUzBFQllTZVQzaE9PR3V2X01iZVQtbjJ5NGc_cnRpbWU9QmY3LXdDVDAzRWc&CID=41ae2d81-d6a2-4d5a-bc24-bef3a325b0a4&_SRM=0:G:39

HTTP Parser: Base64 decoded: {"siteid":"8c4f37b4-180c-47a5-bd62-049c455972c2","aud":"00000003-0000-0ff1-ce00-000000000000/onedrive.live.com@9188040d-6c67-4c5b-b112-36a304b66dad","exp":"1730200189"}

HTML title does not match URL

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: Title: a3609aa6e6c3453a45d858f7b7ee50f2671a39485d592 does not match URL
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: Title: a3609aa6e6c3453a45d858f7b7ee50f2671a39485d592 does not match URL

Invalid 'forgot password' link found

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd

HTTP Parser: Invalid link: reset it now.

Invalid 'sign-in options' or 'sign-up' link found

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98

HTTP Parser: Invalid link: get a new Microsoft account

Invalid T&C link found

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: Invalid link: Terms of use
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: Invalid link: Privacy & cookies
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: Invalid link: Terms of use
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: Invalid link: Privacy & cookies

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd

HTTP Parser: <input type="password" .../> found

Source: https://onedrive.live.com/view.aspx?resid=3E563D3FB2A98D1C!sa5e46869611b4483bcab4817eed24b41&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL28vYy8zZTU2M2QzZmIyYTk4ZDFjL0VtbG81S1ViWVlORXZLdElGLTdTUzBFQllTZVQzaE9PR3V2X01iZVQtbjJ5NGc_ZT1IUGpxVW4&wd=target%28Quick%20Notes.one%7C087bc1e6-1071-4924-97c8-9c06613cae25%2FMohr%20HYDROKULTUR%7Ca61e7bae-8de5-48ea-9575-302832b9824d%2F%29&wdorigin=NavigationUrl	HTTP Parser: No favicon
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: No favicon

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: No <meta name="author".. found
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: No <meta name="author".. found

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: No <meta name="copyright".. found
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49981 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 20MB

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27

Source: global traffic	DNS traffic detected: DNS query: 1drv.ms
Source: global traffic	DNS traffic detected: DNS query: onedrive.live.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: common.online.office.com
Source: global traffic	DNS traffic detected: DNS query: onenoteonline.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: messaging.engagement.office.com
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com
Source: global traffic	DNS traffic detected: DNS query: mohrhydrokultur.adaradocumentfolder.top
Source: global traffic	DNS traffic detected: DNS query: www.onenote.com
Source: global traffic	DNS traffic detected: DNS query: fa000000012.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000096.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000110.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000111.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000128.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000138.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: augloop.office.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: spoprod-a.akamaihd.net
Source: global traffic	DNS traffic detected: DNS query: westeurope-pa00.augloop.office.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msauthimages.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50154 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 50120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 50062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 50210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 50187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50293 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50144 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 50209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 50281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50236 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50199 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50216
Source: unknown	Network traffic detected: HTTP traffic on port 50277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50218
Source: unknown	Network traffic detected: HTTP traffic on port 50254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50217
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50219
Source: unknown	Network traffic detected: HTTP traffic on port 50139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50212
Source: unknown	Network traffic detected: HTTP traffic on port 50225 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50213
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50227
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50226
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50229
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50228
Source: unknown	Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 50186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50221
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50220
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50223
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 50243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50225
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50224
Source: unknown	Network traffic detected: HTTP traffic on port 50289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50237
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50239
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50232
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50231
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50233
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50236
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50235
Source: unknown	Network traffic detected: HTTP traffic on port 50288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50249
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 50255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50240
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 50150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50243
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50242
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50245
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50244
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 50224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50246
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50250
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50223 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50207
Source: unknown	Network traffic detected: HTTP traffic on port 50196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50209
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50208
Source: unknown	Network traffic detected: HTTP traffic on port 50245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50201
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50200
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50202
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50179
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50180
Source: unknown	Network traffic detected: HTTP traffic on port 50263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50182
Source: unknown	Network traffic detected: HTTP traffic on port 50286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50251 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50188
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 50205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50195
Source: unknown	Network traffic detected: HTTP traffic on port 50227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50197
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50196
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50139
Source: unknown	Network traffic detected: HTTP traffic on port 50170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50138
Source: unknown	Network traffic detected: HTTP traffic on port 50193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50131
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50251
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50254
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50132
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50253
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50255
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50136
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50260
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50149
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50143
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50146
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50145
Source: unknown	Network traffic detected: HTTP traffic on port 50226 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50148
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50269
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50147
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50268
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50270
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50151
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50272
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50271
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50153
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50154
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50156
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50279
Source: unknown	Network traffic detected: HTTP traffic on port 50182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 50137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50162
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50283
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50282
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50164
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50284
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50165
Source: unknown	Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50286
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50168
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50167
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50169
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50292
Source: unknown	Network traffic detected: HTTP traffic on port 50160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50170
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50291
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50294
Source: unknown	Network traffic detected: HTTP traffic on port 50287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50293
Source: unknown	Network traffic detected: HTTP traffic on port 50231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50145 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50237 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50133 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443

Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49981 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.troj.win@26/145@97/505

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1928,i,2509791596793076584,592649922223633577,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://1drv.ms/o/c/3e563d3fb2a98d1c/Emlo5KUbYYNEvKtIF-7SS0EBYSeT3hOOGuv_MbeT-n2y4g?e=HPjqUn"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1928,i,2509791596793076584,592649922223633577,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Data Obfuscation

Yara detected Html Dropper

Source: Yara match

File source: 4.15.pages.csv, type: HTML

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

LLM: Page contains button: 'FREIGEGBENES DOKUMENT ANZEIGEN' Source: '1.1.pages.csv'

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.6.156	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.246.45	s-part-0017.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.108.9.12	wac-0003.wac-msedge.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
151.101.130.137	unknown	United States	54113	FASTLYUS	false
52.108.10.12	wac-0003.wac-dc-msedge.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.109.89.117	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
151.101.66.137	code.jquery.com	United States	54113	FASTLYUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
23.38.98.97	unknown	United States	16625	AKAMAI-ASUS	false
23.38.98.96	unknown	United States	16625	AKAMAI-ASUS	false
13.107.139.11	dual-spov-0006.spov-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
104.18.95.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
52.111.236.4	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.238	unknown	United States	15169	GOOGLEUS	false
20.190.159.75	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.42.12	1drv.ms	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.253.72	s-part-0044.t-0009.fb-t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
40.126.31.73	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.196	www.google.com	United States	15169	GOOGLEUS	false
152.199.21.175	sni1gl.wpc.upsiloncdn.net	United States	15133	EDGECASTUS	false
52.111.243.13	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
172.67.216.102	unknown	United States	13335	CLOUDFLARENETUS	false
184.28.90.96	unknown	United States	16625	AKAMAI-ASUS	false
152.199.19.160	unknown	United States	15133	EDGECASTUS	false
216.58.206.74	unknown	United States	15169	GOOGLEUS	false
40.126.32.140	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
23.38.98.102	unknown	United States	16625	AKAMAI-ASUS	false
13.107.246.67	s-part-0039.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.186.174	unknown	United States	15169	GOOGLEUS	false
23.38.98.104	unknown	United States	16625	AKAMAI-ASUS	false
104.18.94.41	unknown	United States	13335	CLOUDFLARENETUS	false
52.111.236.17	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
172.217.23.106	unknown	United States	15169	GOOGLEUS	false
52.182.143.211	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
64.233.166.84	unknown	United States	15169	GOOGLEUS	false
2.16.164.49	unknown	European Union	20940	AKAMAI-ASN1EU	false
2.19.126.143	unknown	European Union	16625	AKAMAI-ASUS	false
20.42.73.28	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false
104.102.55.235	unknown	United States	16625	AKAMAI-ASUS	false
23.38.98.111	unknown	United States	16625	AKAMAI-ASUS	false
104.208.16.95	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.113.194.132	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.246.57	s-part-0029.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.21.45.155	mohrhydrokultur.adaradocumentfolder.top	United States	13335	CLOUDFLARENETUS	true
142.250.186.163	unknown	United States	15169	GOOGLEUS	false
216.58.206.67	unknown	United States	15169	GOOGLEUS	false
13.107.253.45	s-part-0017.t-0009.fb-t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
20.42.65.94	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
2.16.168.12	unknown	European Union	20940	AKAMAI-ASN1EU	false
52.108.8.12	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.108.11.12	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
184.28.89.164	unknown	United States	16625	AKAMAI-ASUS	false
88.221.110.248	unknown	European Union	20940	AKAMAI-ASN1EU	false

Private

IP
192.168.2.7
192.168.2.4
192.168.2.6
192.168.2.5
192.168.2.17
192.168.2.10

Contacted Domains

Name	IP	Active
s-part-0044.t-0009.fb-t-msedge.net	13.107.253.72	true
a.nel.cloudflare.com	35.190.80.1	true
mohrhydrokultur.adaradocumentfolder.top	104.21.45.155	true
s-part-0017.t-0009.fb-t-msedge.net	13.107.253.45	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
wac-0003.wac-dc-msedge.net	52.108.10.12	true
s-part-0039.t-0009.t-msedge.net	13.107.246.67	true
1drv.ms	13.107.42.12	true
s-part-0029.t-0009.t-msedge.net	13.107.246.57	true
dual-spov-0006.spov-msedge.net	13.107.139.11	true
wac-0003.wac-msedge.net	52.108.9.12	true
bg.microsoft.map.fastly.net	199.232.214.172	true
code.jquery.com	151.101.66.137	true
sni1gl.wpc.upsiloncdn.net	152.199.21.175	true
challenges.cloudflare.com	104.18.95.41	true
www.google.com	142.250.185.196	true
sni1gl.wpc.sigmacdn.net	152.199.21.175	true
fa000000012.resources.office.net	unknown	unknown
fa000000111.resources.office.net	unknown	unknown
fa000000128.resources.office.net	unknown	unknown
augloop.office.com	unknown	unknown
ajax.aspnetcdn.com	unknown	unknown
m365cdn.nel.measure.office.net	unknown	unknown
fa000000110.resources.office.net	unknown	unknown
onenoteonline.nel.measure.office.net	unknown	unknown
aadcdn.msauthimages.net	unknown	unknown
common.online.office.com	unknown	unknown
fa000000138.resources.office.net	unknown	unknown
onedrive.live.com	unknown	unknown
westeurope-pa00.augloop.office.com	unknown	unknown
login.microsoftonline.com	unknown	unknown
www.onenote.com	unknown	unknown
spoprod-a.akamaihd.net	unknown	unknown
messaging.engagement.office.com	unknown	unknown
fa000000096.resources.office.net	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://mohrhydrokultur.adaradocumentfolder.top/	false	unknown
https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	true	unknown
https://onedrive.live.com/view.aspx?resid=3E563D3FB2A98D1C!sa5e46869611b4483bcab4817eed24b41&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL28vYy8zZTU2M2QzZmIyYTk4ZDFjL0VtbG81S1ViWVlORXZLdElGLTdTUzBFQllTZVQzaE9PR3V2X01iZVQtbjJ5NGc_ZT1IUGpxVW4&wd=target%28Quick%20Notes.one%7C087bc1e6-1071-4924-97c8-9c06613cae25%2FMohr%20HYDROKULTUR%7Ca61e7bae-8de5-48ea-9575-302832b9824d%2F%29&wdorigin=NavigationUrl	false	unknown
https://onedrive.live.com/personal/3e563d3fb2a98d1c/_layouts/15/Doc.aspx?sourcedoc=%7Ba5e46869-611b-4483-bcab-4817eed24b41%7D&action=default&redeem=aHR0cHM6Ly8xZHJ2Lm1zL28vYy8zZTU2M2QzZmIyYTk4ZDFjL0VtbG81S1ViWVlORXZLdElGLTdTUzBFQllTZVQzaE9PR3V2X01iZVQtbjJ5NGc_ZT1IUGpxVW4&slrid=ba095da1-10b3-a000-2020-f8c86b0ebf8e&originalPath=aHR0cHM6Ly8xZHJ2Lm1zL28vYy8zZTU2M2QzZmIyYTk4ZDFjL0VtbG81S1ViWVlORXZLdElGLTdTUzBFQllTZVQzaE9PR3V2X01iZVQtbjJ5NGc_cnRpbWU9QmY3LXdDVDAzRWc&CID=41ae2d81-d6a2-4d5a-bc24-bef3a325b0a4&_SRM=0:G:39	true	unknown
https://mohrhydrokultur.adaradocumentfolder.top/&step=f253efe302d32ab264a76e0ce65be769671a397785458verify&uid=671a39778547a	true	unknown
https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	true	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:09:46 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	6173022101C452E29CB8E58C35688CA8	93C49259A88968B7D1B5BC26BD4FFDF0CBB6722C	DF2A754C40F34FF62139FE28ADEEED7FF6EE6993025FCAF0D64ABD8BCB6242E4
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:09:46 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	435A16CC83EC13158A4165DD9FC42651	ECE011ED57CB285F11AC152019B406D7EF93239E	7B5FE2730ED7839B700C6157F91EF3C2A41186D444B861333FC8A62CD17095E2
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	5131600F1D49F2AC14F9DE734F5DBF13	6384C403495630D154FF833549848273BEEFACD2	02234BA8D47FD0228C014A8EB38AD805A83C5BEF403A3CBEFC2BB522B91CEA95
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:09:46 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	512036C5245E0E6A6777184BD02B7032	F8AD26FB097855073D124450F3C5610BF1CB0D34	EF219EFA9EFE6F7594759EE77304B08CBD4652020354C90232F47A17DE603161
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:09:46 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	C94E4E86E3A8768FD04BBDD447121E16	C9243B68E89EFC013B26707D5D42358D4F801194	ADCFB0644CAC2DBBBAD1BE438064411E5882BDA815AEF9C63D0F76AC3AD3F023
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:09:45 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide	982781B6CCD18DDB3366C6E818B6C0FB	71C1BA6F34952AFECB5C421867F125E53B47BB3A	E096DE35C91041AAFB43A51D7287FDFB496ACBA391BFE4A1BFC2B0420E97414D
Chrome Cache Entry: 254	ASCII text, with very long lines (5949), with no line terminators	BBF6A2B6E77972F0718F99C86AE3FE92	806E8C002AE178B41819BEAFE123AE09202DF966	78FF6158246E4FA25F994827F90ED69FEEF349AA57449CB404E35C3026BD4B8A
Chrome Cache Entry: 256	ASCII text, with very long lines (38617), with no line terminators	FE1E3F510D9B8C6F79E1E5E52362BC6E	5E3B968543A37E7AD3AA50B2536420DEE762C069	82C1D484D2DD8CC012FC9DED6FE545E4D83C6232337038B1A57BCEDEEFF70193
Chrome Cache Entry: 257	ASCII text, with very long lines (65536), with no line terminators	65F960810895837B06B1D3AE1CCEAEF3	0673F80A70CFB78AD7018E161E3201E80CB71307	F452E6287DAFD3B632CBFF8533ED5DFC2F6F476C8672B468CF6DCFE321B8C889
Chrome Cache Entry: 258	ASCII text, with very long lines (31803)	6470A918BA1FD4B8D0882DF0269DDB82	97814FDAB64AA7D1B30F082F9EB272D4B1CE18A2	FD4CE12A87594281AFCEE9C73A40FE7ACC282BCC9E764FBB3AFA1481A96A091E
Chrome Cache Entry: 259	HTML document, ASCII text, with CRLF line terminators	D29FA9F2AB3A72F2608E8E82C8C3D1C6	8B21CC06752837B4B6B8FEF8D54F50EB2C7CCA8F	E1B0A10649C4B92F828523EFC2EBE135EA9488179A2816888D1E84F786202DBF
Chrome Cache Entry: 264	JSON data	13A96D45E8F678BAC100CFFE9610F047	E9A245A2CE1A5B70137AE23FC6EEE3C7F6C25944	E2B4883B2C79928E940202FACF0AF3674A0801EC7F378FC321A4088879E4D746
Chrome Cache Entry: 268	HTML document, ASCII text, with very long lines (337), with CRLF line terminators	A72F31E94CAB68999A7E522F25CAAE32	004C0800C3683B22C15C997E7FC09B8B0FF895B7	66D8C20B8A57C7AD0318B7B2120422B0517A6C684462CD90F5BF70F135C48661
Chrome Cache Entry: 269	ASCII text, with very long lines (57788)	BC93B7FD04F68A94312B547CEF297451	59EA29125AD34035D985DA7C32668D1570BA2FE0	E55ED51D4941518F0B995EDF3557D3845DB5B91E0EA9F7BA771DC14A312871A1
Chrome Cache Entry: 272	ASCII text, with very long lines (65536), with no line terminators	6D65897ADB16447C6CA38DF7EF5C62F3	527058146A95BAD856D5FF78238568507BFCC185	B82EC4FEBA0212A5367C85FDA50406BE8B014826E7826251FBE79AFF398B7566
Chrome Cache Entry: 273	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel	7A7A4890CAAA77025E1B33A6D6E474EE	DC735B99D9EF0C76B4A7AEAE8BAA4CBD9551BA77	9E1DA5BF715135491519A188CAD977DB6CBA414071E2407B69D63221379D8802
Chrome Cache Entry: 277	ASCII text, with very long lines (65536), with no line terminators	9747CFD352DC4A728F7197577D939A01	A86856D0FB47046A9578FBCF1B3F4846684C10FF	776C63720217ABF62AB3945E9AD5FD66C97CEBB88F5A2AD225867B85D9BA08F3
Chrome Cache Entry: 279	ASCII text, with very long lines (60197)	E01FFDF881BE6EE55465D981D9A932CF	D30134C757C94DB9D8F18EFEB14432DA60468D39	563FBA440CB645E242FE821A24B50E6F5D26CA248765E29DAFC2EDCA7299410E
Chrome Cache Entry: 280	JSON data	BC37636DB83AD0CF7D7FEF34D060EBDF	EF0020804B3A08871B8158130A9E74433C607EE2	999A9E6CE76DE70BD8E46F052D3119F82EAE0CC4EA9AFAA8F790326DAC4C797F
Chrome Cache Entry: 282	PNG image data, 222 x 204, 8-bit/color RGBA, non-interlaced	5D71229F6CA9EBFF5F7972F01B547C7C	4D71B33506E6F0EBA1C783DE37E36480F2E392BE	ABC0FA95B72F082CF4FBB18267CDBD282F2909B65B1B479D7F339DB41769946E
Chrome Cache Entry: 284	ASCII text, with very long lines (65536), with no line terminators	9DECB0C734D0ECAD3E60A93F23DB8F39	96BC3698D305077A5A5CF09303BE1195FA65824C	54C618DE71735F3693D0DF3ACD1A36DD17AFF1655D09A0F2A23A314F9BA92765
Chrome Cache Entry: 287	ASCII text, with very long lines (29173), with no line terminators	F6228139447C795F72C09114F8289A8C	0D0499DC74723111C0B78792B40BF5B8D04A2FB2	E6108C2F14C08CE48EB243728C24011A8E70E60DCA21BFA51FFFC6B1B8A999C7
Chrome Cache Entry: 288	PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced	D212459353E8FD1D2514C77703D44F1F	A0CABB548A218E87FBCB4D4ADDEA47068A4288D3	7AD89A907BFE47019D905B92D0C203082AA75852D39B480E6FBE1718A8EA3647
Chrome Cache Entry: 289	ASCII text, with very long lines (32038)	F03E5A3BF534F4A738BC350631FD05BD	37B1DB88B57438F1072A8EBC7559C909C9D3A682	AEC3D419D50F05781A96F223E18289AEB52598B5DB39BE82A7B71DC67D6A7947
Chrome Cache Entry: 292	JSON data	DFE3652C1EA0FC667C2E2A4261CD64DF	943F0D0650C11D8386406397701B0CEF5E759AA3	784545063730163ED3F249AA0285F8B06553C65E8BCA1AA01FE1C699175845F1
Chrome Cache Entry: 293	ASCII text, with CRLF line terminators	72D9A825554620C51BF0018A457E7F2E	23400E26C69A1F8A47236FFAD4BC80FC80BA773E	365009220D893F07B356C7F253CECD5A9F7E06D6207A3DD7A148FC73812B4FE6
Chrome Cache Entry: 296	Unicode text, UTF-8 text, with very long lines (28488)	1E4F97EA439FFDD90F9546620038D5D4	E36215A823445A6CA7E0C9AB4E4C3C04C44289AB	DDF9B6FBE337192EE7334115B15D604DB9778202B7D28FAABB96E10D8F55E3C8
Chrome Cache Entry: 298	ASCII text, with very long lines (27024), with CRLF line terminators	A230E20FEECBB758D7C13303A657EEDD	F12606CCE8600D9DFB5316610EE5177BA51B0CE9	816A0F42A2BF473213A47BE1DDE62215811D54AF1151A1E9916DC215DF6EC776
Chrome Cache Entry: 299	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 304	ASCII text, with very long lines (65536), with no line terminators	8017EFC165ED5E4071013E77982A10E7	503B6090E3741A1423D1C03962304A5128ADACC2	9AFD741D5FF23189871E012B80CEBFBB8E220044555372CA0FE0979C94707624
Chrome Cache Entry: 307	ASCII text, with very long lines (65536), with no line terminators	D0088929A1883CDCE38D9FF173DA5D0E	525C99223C38786C06433DD7C18AD4C7731A950F	DA5BE621BA6D7C6398D682ADF7B923924C904B2593190FF0DF8E8679EAA02788
Chrome Cache Entry: 309	ASCII text, with very long lines (63604)	ACDFECB80B06F30C59B48F9B2140E6F5	C46873F855BDABF9943DA278813B53B4DD6FB6D6	CA46523D06A57712685B5C6B01430B530FE76F8FD5803179FCAA3466770E93A0
Chrome Cache Entry: 315	ASCII text, with very long lines (616)	00A1160C879D7DC00D9A8693B6899A2F	6B8E243B8B5B44EFDA496BBE178DC8153B4F982E	0FB5855C124A1DC24D40900CF3C8A1F2091088394A28612BC9C3E2DCC06E1D3B
Chrome Cache Entry: 316	ASCII text, with very long lines (41569), with no line terminators	345BFF8D2E34511694D9D12A008F5F5D	B3F35302052C26C285C43B935BCE972904E62E28	DD4039F8AFAC6FD76B462C4FD4F90374B18DB762719108491AC2E365196D71AC
Chrome Cache Entry: 318	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 320	ASCII text, with very long lines (35936), with CRLF line terminators	1997228D20EACA8AA1C9D666E58CBCDB	B7FAD772EDC427D672F2911D5FCC4AF5151606BF	B873715A8705C515974A714B92EF7AD138EA308D972E407DEFD77F2078DB2BA5
Chrome Cache Entry: 322	Unicode text, UTF-8 text, with very long lines (65340), with no line terminators	F7E1D4D211A0B61997EA97964BD14E5A	2145B0FD252CD3AB2225ED0AF171C179B8CD6099	B8FDD85B0B87E9C2971C6DF817D1023D9E489A821F1F3B7293876B4CD0A82FF6
Chrome Cache Entry: 324	XML 1.0 document, ASCII text	03FD32F2E28EBDE4EC38156C83EEEE10	518410F8BC555BC44E361CD50A4F20366896A36E	3CB6C640746A34590CC7FAA34E0FF24804AA947927DCAB6E50CDE0902033E421
Chrome Cache Entry: 328	JSON data	5C0933030B9469EFE64356E6E9B81B9C	28714D05D594D123E8723911C32E689AA1360D19	DE55687574CFE646B7157274119BAE759FE34C5ED75468C3E2BEA4798FC73324
Chrome Cache Entry: 330	XML 1.0 document, ASCII text, with CRLF line terminators	C2EE1D789CF6FC61AEB0B76399FB0E64	E55F7A87DD76AECBEDFB84347F07A75F283D58C6	AFACB4EBFE0700B8192FDBC3B0F1D776C4B3C73E1B192F955C47C870DDD73989
Chrome Cache Entry: 331	ASCII text, with very long lines (3527), with no line terminators	DF2E618F66E5DE074A8070BC09CA3C4F	38F67C978761E4AEAA5341A4FF39C59C1DED221C	BD0DD2B15855BE52CBA496CC6E8F0FF65FBBA6ADDBA92282E53CECA6B27BFCC9
Chrome Cache Entry: 333	ASCII text, with very long lines (627)	1C61FE06C85D5FFC9CF7D5B86223536C	344E99D68E02BB0FA288771EC17854808296FB4F	F2D4A670C00B7D9D0A78E95BF95FDA4F5C70B9972450E08A75E1BB021E580C91
Chrome Cache Entry: 335	ASCII text, with no line terminators	E0AA021E21DDDBD6D8CECEC71E9CF564	9CE3BD4224C8C1780DB56B4125ECF3F24BF748B7	565339BC4D33D72817B583024112EB7F5CDF3E5EEF0252D6EC1B9C9A94E12BB3
Chrome Cache Entry: 337	Unicode text, UTF-8 text, with very long lines (65530), with no line terminators	2C09ECEDCC26D01D2BF6EB26E7B00702	CDC426462849F616786AD8ACD1BD9EA3E474248F	41D3F17294A627E15FFA2323AB0F58925D2353255C532BCBAE87E9090E604D01
Chrome Cache Entry: 340	ASCII text, with very long lines (64817)	D3CD36D061148A303F8E1DFC47F6B2CB	DADE1F0E4A9E31351C121442A7AFEBDE21787D45	1473F3E79F0EF7F34E3E5AABC1B4209D16F40124F35AECBA6BB26B91372C43C5
Chrome Cache Entry: 341	ASCII text, with very long lines (50758)	67176C242E1BDC20603C878DEE836DF3	27A71B00383D61EF3C489326B3564D698FC1227C	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
Chrome Cache Entry: 343	ASCII text, with very long lines (1922), with no line terminators	3E3CD75B07B521BC61C01450E2C7873A	57D7881E0E878CABE74B1021CF86126148928DE7	2882BF4B22D0AD63E6F8877EB5C22353921E8C87B197911462933B7D1A7A44B8
Chrome Cache Entry: 344	JSON data	B22CAC36842DCB642F5BFF86C0FF2FB9	7F0557D5258453F55C1DB5DD40AB7F1C31932655	E25ABD11267B28557444D53A9A3BF52A796DF20A14205FDE0B19C6B8287976B3
Chrome Cache Entry: 345	HTML document, ASCII text, with CRLF line terminators	50184382895464D3782CF48A1D676CBE	54F93E2BB549E843B9C6BB6994C38CE0938BD071	38D4AD4AADD096DA25EA5A3BFDB1C8CB156A51EBF18CC9CD72CA4B15EE795C90
Chrome Cache Entry: 346	ASCII text, with very long lines (61584), with CRLF line terminators	95AA78CD619069BCDE235DEDC3AF5F41	6CD1FB538E2AEF2D14C5D88E905C72713DE7A8D4	3994D1ABCC40B2E17CF88747F45CB06238F0458DFC1EF57196BBC44065A69C6D
Chrome Cache Entry: 350	Unicode text, UTF-8 text, with very long lines (58392)	64CF57DDEFEE6B6909C89A150D729583	027B6EDDE1688950000D6CA19E997C79E03E2C77	9AFCD14B4FC43E6D091C9A73564E28CA513FB536C19F78C7CA483DF29E610B44
Chrome Cache Entry: 353	ASCII text, with very long lines (672)	EEB61E4E3B09AB99B1BDB48A68DE3B0F	474B169E13CF3BB1AC0101E915B59612AC025649	9305C186BFA36C3F54D99504658E9B49840DCEB94B9AE62699AA93766D665AA0
Chrome Cache Entry: 354	ASCII text, with no line terminators	D6B82198AF25D0139723AF9E44D3D23A	D60DEEF1847EEEF1889803E9D3ADC7EDA220F544	A5C8CC49FA6649BE393EF22C2B31F1C46B671F8D763F783ED6D7B4E33669BDA3
Chrome Cache Entry: 355	ASCII text, with very long lines (65536), with no line terminators	41357E3B962E967BC44D72B3DA22478A	C92D60811E9BB815D32F61E55E9EAF491546FA5D	08DBB36DDCA31F436328FF92E111186CAB0BE844E91A287AAF1274F4D0B9B3C7
Chrome Cache Entry: 359	ASCII text, with no line terminators	292452D9158CA5211CEB7B3FB1D71E28	DE9347FB1604A4AADB4230CA87B9D9CADC98629E	D6700E797D44FC7A78934BB9FC6C435027F1D23587B097003E3A84BD1B4E3333
Chrome Cache Entry: 360	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators	4753311527A079EC0CC7E95D043B12C4	ECDDDE593B9BB99B9AF52572ACE99AE8668D23D8	E1A86909453E1BFDB18F961D9148601D54308E5C7A7826DFD79A7264A53B6E6A
Chrome Cache Entry: 363	ASCII text, with very long lines (65443)	9F5073B64B56A4C8D0B1B596C3D05FFD	CAFAD76BE15AC0B9E3B48AF173D2EFE02B5C416F	8B6BA39147DC3BA407A6D00A31C665194A425D95BC3F8F6284C52A2008E73C5E
Chrome Cache Entry: 364	JSON data	99914B932BD37A50B983C5E7C90AE93B	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
Chrome Cache Entry: 368	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators	1DC889AC693F912C263AA6D27A258A93	B2100EA2AEE5ED5FD90E0331F26160CDD5D1B002	9224E5240ABC039D55CB765EA6611F07BA95F5E59C05DA325C968470946C6E52
Chrome Cache Entry: 374	HTML document, ASCII text, with CRLF line terminators	8475129A8EEA7CC6AB0677093AEEE597	38CC0DBD6A1FD57106B0E21DF43AE7EEACF351C9	BF8288FFF3B25E34DF7DF001B0F6F32614D6CC81B6886854E68A8911C08DB535
Chrome Cache Entry: 376	SVG Scalable Vector Graphics image	A9CC2824EF3517B6C4160DCF8FF7D410	8DB9AEBAD84CA6E4225BFDD2458FF3821CC4F064	34F9DB946E89F031A80DFCA7B16B2B686469C9886441261AE70A44DA1DFA2D58
Chrome Cache Entry: 379	HTML document, ASCII text, with CRLF line terminators	11CA4578CB026A23713AEA6781B8ECE3	A05AE51B4A3E2E0076222CBCBE9C58833CDEF108	C55F527E536DE44C7980FECECE7428AE5A765647495E47008A8A54FA1E434736
Chrome Cache Entry: 380	Unicode text, UTF-8 (with BOM) text, with very long lines (18992), with CRLF line terminators	D9604CC18F364A6ADE707B7FAAEC642C	F38F0B94764184D4373886FDA1CA87D352BFCE5A	F282423F48F12F56419363384F3B10002C8D3D106BC1AC8FF721602AA2B2FD9B
Chrome Cache Entry: 381	ASCII text, with very long lines (65536), with no line terminators	76328F92AA8FCDC94FBCB570CE57D76C	CA9D64B517CD0E8474F8FCFF4101B3A88E5F9EB2	E15A3B74A760F470FE602177F03B496FED3243E19CCD6BC359AD48DE7E5C4F11
Chrome Cache Entry: 385	PNG image data, 452 x 444, 8-bit/color RGBA, non-interlaced	ECA50172A6583B16E553E9917FB710FB	2FD7FB2FF5C10E17E9066CE6BD2393E1F6B93CC0	FFF5919A2CBACEAE0528522B6C73E4F1D549CA8EE13C680B50ED377DFD2B61F0
Chrome Cache Entry: 386	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 387	ASCII text, with no line terminators	011B17B116126E6E0C4A9B0DE9145805	DF63A6EB731FFCE96F79802EFF6D53D00CDA42BC	3418E6E704387A99F1611EB7BB883328A438BA600971E6D692E8BEA60F10B179
Chrome Cache Entry: 388	PNG image data, 31 x 70, 8-bit/color RGB, non-interlaced	C9CA61D710AD4C8975E02BF24014F209	BEAB3DB40B43D03F851D9CEF6D76117BB2111C73	99D4A35DCD60312F894ED6AD05ACAB97E030D27CD96062E41FDF2C1372223839
Chrome Cache Entry: 389	ASCII text, with very long lines (47531)	808A57CAE0B6FEE71F46EFDDED44B348	DD570A24C8BDA1B391AA1DDEA6004125818E579A	5B75AC6F98994352699841DFFA6E562725EBBD0005C539946AD3625EC550EB0F
Chrome Cache Entry: 392	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced	084E7612635DFCF69A16255B41E70CAA	0D9721AA70B01487D3340B864C0BD49FB1D95206	7B389747818635BCA6FE76F5E3226EDA36AF53D8F27526796BC975EBD440A395
Chrome Cache Entry: 395	Unicode text, UTF-8 text, with very long lines (65526), with no line terminators	A07BBD93F7642473051CB1CF69C08472	E52DD5ECC98629978B277B7A41326AD1B6BCD75F	1C6285973A69887718A02AC335C5119F5B591F41F262C99A59C680D7F5D17700
Chrome Cache Entry: 396	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators	4DE42314D6EDDA70DF9779762ACC12B8	2AF63137ABC68C0910107F8598B7DE48FD5BBD9C	7E86DF2AC06E3524CB7BC6F0B8EB07565BA6D103EAF3CF1A30AC4C78F11A4EAA
Chrome Cache Entry: 397	ASCII text, with very long lines (59425)	5238C6C5C1CBD7F3EB1095E46AD72D30	DAD44C1B0E5F936A92771EFD231A20D0D9C79D41	73AF98C00BFBC6937101E8E207DCDD7F7564FAB05F844FBE31011C9913B17284
Chrome Cache Entry: 398	XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators	5FBC6BB137EA2316DEFE300913A950DF	29464B148AE54621A4AAD4F7742A2A05BE6517E3	82553839D3ECC08D5F9DDF58F9F466B88BFC614F9613DB9525B0E7037BF6843C
Chrome Cache Entry: 400	ASCII text, with very long lines (1917), with no line terminators	FFC175D47F55E17139466B8D5F7B5597	F179CDF25E0F3F02E6A7506628136EC2BC61EB31	038A2421C537F9A7FEFA0CBB8FD7A907D53952B424870ACC7939D6A3BCBB7B14
Chrome Cache Entry: 401	ASCII text, with no line terminators	FF55249D55143D5EB2DF396FA8A34EE8	D2B08C91DD9FCC8D49BAE85476308230D0BC591F	216A9426D94326E483B2C11154DE2E303385366841111A4A3DAD5590FF89F0BC
Chrome Cache Entry: 402	XML 1.0 document, ASCII text, with CRLF line terminators	5E6EDC73470FF3E746BC8BDAC6FB38B2	7DFA441D001FE0B50A5F6ED6102479662D2497DF	71344C4AACBC26401DD2CFDCDB7C16625B423B4E710A0030A65D90B7E16F602D
Chrome Cache Entry: 403	XML 1.0 document, ASCII text, with CRLF line terminators	BCB0C4305749B10C7E9F428F8199CAF5	B0AFC5BE5ABE6F91286C5F15784EC25FB318BADF	996A3022BDB1C69A264B5E164E4596169D81A91DC6114F7B971FBCD2A218E69C
Chrome Cache Entry: 407	ASCII text, with very long lines (58562)	E978BE49E42EDD7F2EDFC219B7607279	1BBC808263DC64117ADAEDF0E265D35728917DD5	7634B978111B5E70BF0CB418D76059674EE3D5ADD569F69406F509AD056367C7
Chrome Cache Entry: 408	Unicode text, UTF-8 text, with very long lines (56385)	BC553108CB200A9A9036DD8FC379767F	F5C8EA36367061664B738BC1C46C8192E3C8B97A	A8A93A5AD7BFEBE0381A319F2681457CB386F9B645C594FB443640677F5857B5
Chrome Cache Entry: 409	ASCII text, with very long lines (64762), with CRLF line terminators	3B3F77A1F2990107C99E7788B6991302	B81E8B10377BC751AED6715856AF401F2D88234A	C5AF99636CFE83E04A749B90DA4D4F7D75B8E8E2D43B29A7258F578735C5C34E
Chrome Cache Entry: 411	ASCII text, with very long lines (65536), with no line terminators	65B80C88DE560F779A84639D0F9AC31B	9B982BFE1677E45A60651F369656C390FE15D51A	C27EAC3A4384958AD7787D0C4CA7841DA0B911814C8D023C345D7C3096A404CB
Chrome Cache Entry: 417	ASCII text, with very long lines (1837)	4407169B6C6BE1315CB8BBCF664D6C13	D3930B118CACB9CB54F380896499A627D43A12D2	805C4A9707CDA2C8FAB9D20C477C14CE783D37B739809A5601860465036549F2
Chrome Cache Entry: 418	ASCII text, with no line terminators	435B48C70ACA2DC80F8B34B5FDEB2789	FFE2C8567607568F939FA1A6F9888639B98B400C	6468AC9F9BCA964F3910FC967B80781C1C8634300E36F95AE49056D91A2734BF
Chrome Cache Entry: 425	Unicode text, UTF-8 text, with very long lines (65530), with no line terminators	A79F48E6E75920EAC571FFBAEDAD667A	1058C1417B1C18C127EE477CF250A2BBD2D7C211	C34867173151FBA54D6453846BE6B4028397018A76D7ECB70CF38A0AFDA072DF
Chrome Cache Entry: 426	Web Open Font Format, TrueType, length 3052, version 4.-22282	A11193DEB0B6BA33E4782396F19F3D0C	6200BCA8CB8A8C7B8C2AA7E8665E464ED5D15194	FE05188DA3C5A767088355C5FB1229BA979AEDC8727AD8FCF9C170267C52B786
Chrome Cache Entry: 427	ASCII text, with very long lines (4615)	20B673F9D2064C78B2CC2C7A7DDBC46D	3CC9E0F095D93B38481BE3D0137741D97C1978C3	83C5CCAF7404DF012ACED39092D0982EB73E9DC942BCE6991956C7B2F10957D8
Chrome Cache Entry: 429	PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced	73E4A57308882BB368A1E2F49E58497F	99CEF0948C0A6114982E66D28AD311CA95D6F09C	759C1FA1BBE8316C91FE672EE390CA824622A3CB5D4F6FE74B996677B6417D9C
Chrome Cache Entry: 430	Web Open Font Format, TrueType, length 151924, version 0.0	E80FF72E03E780056CFDBD85C63404CE	C450A1A6233F0FBC6DBFFB7FEE251E378F64EF32	05828D625DCB5781D0A3CC67A2429CED535FDF848B8B8075D49751EB5B30C7AF
Chrome Cache Entry: 434	PNG image data, 82 x 258, 8-bit/color RGBA, non-interlaced	2443F04DFD8CE58264835F7CD477799C	E798EF676A42AA8F723246C95FA6A918010223B2	77DD1463FE34BE51528C6535C5AAF5590EE90BBD3B76AE8E362657C45E9F90FD
Chrome Cache Entry: 438	HTML document, ASCII text, with CRLF line terminators	110868F9EC11E396D97ED9289064D046	3E5FF538A088C9D06F1ADC9F0E82E30FB9D6E3A1	C1DC3E248A3C0494BBF760B8E2A6B3E38A3507043FCC4CCBEB533B90EAE45F50
Chrome Cache Entry: 439	ASCII text, with very long lines (6620), with no line terminators	570CA8828BF44260F82D8821D04997D9	A760059FFD51D0D71BBC47083ADFAED5E4B9366D	BBEF62C43DB44E91F7D7C5B7C5DF62084B437DAD604DDAB36DFE563DFE271B79
Chrome Cache Entry: 440	ASCII text, with no line terminators	DA69159E7EC38222D30F02FAE3F5B795	A25E1C206C6EF0DC1E82AB5D715E56A1EFE3BDE4	77E2C43DFDEBA7EA496189A7D4DA3A22EDA4CCE35B6246260698A60B141972EE
Chrome Cache Entry: 442	ASCII text, with very long lines (6068), with no line terminators	A151A153E9EABEC2F8254BDFEBDD913B	D2FD38AD14E8DF1BC70292D92E06DA6F287F64F8	CAF6E98D6E3DA1C2AA7AE184E0D0ADB65B3CEA05C59D1CAF13134FC5FF08A144
Chrome Cache Entry: 446	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 450	JSON data	3A60051CD6CA060A515E1ED573152E25	7B9CC35159DEE664492531F4A94C089348095528	864D10FD5CAB9FFFA8F4FE32CB525809D3A7F195B4CE0CA72B01FE01F24659C2
Chrome Cache Entry: 451	ASCII text, with no line terminators	825644F747BAAB2C00E420DBBC39E4B3	10588307553E766AB3C7D328D948DC6754893CEF	7C41B898C5DA0CFA4AA049B65EF50248BCE9A72D24BEF4C723786431921B75AA
Chrome Cache Entry: 453	ASCII text, with very long lines (2936)	4F1D12D57F5342C2B9B0ED43E73C39B8	C0C2E9B165076D27558A37C55B1E14CE9728FCEF	5B1487ECD05FC0A7192742055E471EE39845AD39D20CFF2EF746FE5B62C5CB3C
Chrome Cache Entry: 457	ASCII text, with very long lines (20082), with no line terminators	58A30E58FBE0165292F0425B04256E46	420050FE7E6034D52094B2F769FDB12A3591A748	534ECF698946529FF99C868DA810DAB8E1E9C7491EBDC873BDF95D34ABF75C4E
Chrome Cache Entry: 460	XML 1.0 document, ASCII text, with CRLF line terminators	605C6BD48B2AB0262C0113445494FF4C	00CC6621252EB4930486F4837638A0524E5C77E9	405497AC72ADA72A30277E2493A9B00B999DF6CE1B425167B8C405AF45EF0338
Chrome Cache Entry: 462	GIF image data, version 89a, 24 x 24	648AD2F7EEA95A9B5491DCD2203B2F54	5FFA99938410AEBAB10B32308F242437B9432B53	A3596C17DAD9A003D0BFBE0B7BA6765F51391B5C3943660316F01C8E77B323DB
Chrome Cache Entry: 463	ASCII text, with very long lines (11252)	5497DFC3FD0E40DB230E1D59B34797DD	170F2C748BEDED58B7DAE3C6A3F8A5019A4534C1	BA445B74289601E54A8FEBA0951364685EA140F0A0B9FBE2A355F1001A16FBE5
Chrome Cache Entry: 466	ASCII text, with very long lines (20946), with CRLF line terminators	92A3DDF4C14AF9EB4DB2939A2B2712AC	81B322775A3E9E9335FB780179B6B922759CE6FF	5B6D3F98F8A755878F226B38FDB1F7C31E67B456221F253B70F95AA331668594
Chrome Cache Entry: 467	ASCII text, with very long lines (24306), with CRLF line terminators	AC459993971D136B5C420665B272E101	3C84797F6C43434519212E1AE74E84C4BC9E133A	883922A710E857E94B35FD6748792782280A859E154E4DB2E4C0B4876DFA61AE
Chrome Cache Entry: 469	ASCII text, with very long lines (33654)	B6E215C559C24CAFD09273E9BFAFD357	ECCF0B92955DACEAF6FAD3A9DE7C36EB65B341CB	DAF0C5F563BBD6915BEA269FA160B52176BAE7AA972FFA7F0D9345165A4825F3
Chrome Cache Entry: 470	ASCII text, with very long lines (14666), with no line terminators	8880E957219B056B26B67D88CB7FFFF5	BE024ABFE99C2DC447191E2C59DD96FD9352E2C4	4BBB0DBB03A136E993BB2FB363455E7DCABF84CBB17DE37AD6168B9326E56909
Chrome Cache Entry: 472	ASCII text, with very long lines (65536), with no line terminators	669A6FE594693F2596A28853D92FB309	FE5DE41CFEFAC7DDEFAD06322238D30FAFEEC580	60DD865806D547201402D473A6C7C2635477A33F3E871428557143273872F13C
Chrome Cache Entry: 473	ASCII text, with very long lines (3379)	59087D72EEDCB7650C9D5D6088440DD3	97B607FCE11F640E5764699038E50A76EB98944B	E0E3FB0FE5CA541950CF8DD213FBE9E8957A3DB0010B515AD01ADFF6CA908A3E
Chrome Cache Entry: 474	ASCII text, with very long lines (65437)	1F17361FB29A6080C472FE5C698043C9	871666BDC70C55EFAAD11AF36162CE91A65956EF	CC4307363023A70100271E492118FCE784D287479B2AC86BDB3DBD1FB2BAAF9F
Chrome Cache Entry: 477	ASCII text, with very long lines (8369), with no line terminators	3650AB0863890CA0F8ED7CB854D03F2B	86530F1BDFE32F6EE2C0B3770C648E13929A22D5	A77B85A1922F1E45FA8610E3D68CA6CA1EE887499F3148D5922A304D44E03EDF
Chrome Cache Entry: 479	ASCII text, with very long lines (22010)	C5E5AF3E566863CC521E9AC58F82305F	EF9A8CE0980E73F7DF4FF51D8CFF68E8FCA2F6E2	5AD6073D9E96064AFF3B050FC9CBF896878BE17457DC02130FCFA63937E334F0
Chrome Cache Entry: 480	ASCII text, with very long lines (65536), with no line terminators	28AE8A97F4ABA21B7C2E35059829E3A2	B7B1145ADB4697AD6D781BF6D63F9C6F7FBF3A93	6DEFAE634ACD4E2356838DEE0DD0213411310C26A2D9720C2C85058B7771B1BE
Chrome Cache Entry: 485	ASCII text, with very long lines (65536), with no line terminators	4C674D8D4294C4A6B763AA1FC836827C	88DEC91B36CAD6555FB73B9ED28D6FDC7A944467	99855F2433E80A925CE4CABD975E2DD7A9FE01FAB8E164B26F67010FF5769EC0
Chrome Cache Entry: 486	ASCII text, with very long lines (65536), with no line terminators	4015DAD6F999BE9E8CD244F9697DBB6D	F33976CAA136D6C90B73F1BCB4908C3BB06FD0ED	3AC57C0E9D926E64A8E2A561B29B739327CC2007357612B507D72FAF6FC06A08
Chrome Cache Entry: 487	ASCII text, with very long lines (11667), with no line terminators	A1D892F1368C7F3B1DFB75057B936B66	91EC4980BFA5B301199B574E6240A618247679F9	2DB70125E37F651D09A6D03D593A65E09668E6267CCA1257251328517F7EAEFC
Chrome Cache Entry: 488	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 489	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 492	ASCII text, with very long lines (65451)	12108007906290015100837A6A61E9F4	1D6AE46F2FFA213DEDE37A521B011EC1CD8D1AD3	C4DCCDD9AE25B64078E0C73F273DE94F8894D5C99E4741645ECE29AEEFC9C5A4
Chrome Cache Entry: 493	Unicode text, UTF-8 text, with very long lines (12695)	2FCED6E6CD0963580F963BC4C20EE1B6	92AE09CA220AEBB5DB448911AAABEEB28D688E9E	2D409FB1116C9A18791011CAF0B2AB2AB5C5F19CAF91C54BBF39BF7FF5DED27D
Chrome Cache Entry: 496	Unicode text, UTF-8 text, with very long lines (1592)	A3B491174EF1CC7968AF33188A522977	25A4AAA9E8F1D47F22286B8E427FABA5C0AB8BB9	AACE481226BEADED455E66DE87D25ED7371ED604E313ABC44EADA8DE5CD58E51
Chrome Cache Entry: 497	HTML document, ASCII text, with very long lines (5060)	0102AF3198EC93CB425E809E25E2834A	B12F506C2EBBB7BF1B08E68AC2F5A01921178C7E	D03FB9D3F59BFB1B0DD79258DB1C5184E070223D69D597466CB8DF5796F09FAC
Chrome Cache Entry: 499	ASCII text, with very long lines (20116), with no line terminators	EDF023B23DC08C7C90BA27A3BDE7480B	0F03EDBE6BDA20C20251EFF9DB86359EB5155F66	7337ED6220111758E61F3BE5060AE9A807D83EDF05D5F7CC92B0B85E34A5FEF3
Chrome Cache Entry: 501	ASCII text, with very long lines (65536), with no line terminators	E1FD17FCEC2CB35FD213E85B52850C2F	0287D09192300AA91E7C6AFA684B4EF80D536CAF	5C1A339B057F4356DA637C136C76F77BF98CA7680958AC271CE0E1657C8EAB5F
Chrome Cache Entry: 502	ASCII text, with very long lines (7694)	BB351812C3D14ECD554D52D4EA634BE8	D36B85C4C5D4E37AA0EBDDBF2AC97DF9B0B7FE3B	DD5BEF510ABB01291BE7FA75E16B6F26CBA20EE62ADBBAC8E09E3205BF5B5084
Chrome Cache Entry: 506	ASCII text, with very long lines (65536), with no line terminators	2F1D74149F052D3354358E9856375219	8019F7A2EA824930F91C3EC375D926B650FB1CFF	66C70312DE6CA4E1D7EF1E858307764C241A80E7411CEE686EA2FC2D74152749
Chrome Cache Entry: 507	ASCII text, with very long lines (14762)	3807223F69B81F8B802488A647F3F03B	F7449911C1FE49B8B536DD9D9A14A659D924279B	38D5ADF71F9E522CA10B22FDA7BE148F0B2537E8B06F8981EFACB58B937B72CD
Chrome Cache Entry: 509	ASCII text, with CRLF line terminators	9CFEFB2D46D6102DAC2A24C606F47FEA	076B63F4F46CE28648201E2507BBC67FB4F990C5	43C5939CB732D8AA2D20FCE97F359F46B7C3B937E60ED576B752AE0A2E73314F
Chrome Cache Entry: 510	ASCII text, with no line terminators	32F8A2D4D61357364546360BB6C0210A	BC533ED423C94263B914F46408EEFEC4C2EE1810	9EE89043D0DC68F73D36FD5DE75068E5FF66C7745A144E2CD7FB09D43952AA52
Chrome Cache Entry: 511	ASCII text, with very long lines (65536), with no line terminators	8E9FFFA7BE90F048F46B6CCA399661F2	9E8F440BA763918EF08D4FC523E2C11073677A4C	67CB3AFF2EBBF18F67B2823712560A8103771722010E9EAE0D91840AB407F539
Chrome Cache Entry: 512	ASCII text, with CRLF line terminators	4DF9B0011F8AE623E26116BC635CFB36	0D68BBCB58D190F6E2803043A1823A3826325F33	47D6DBDB766BD7EA675F68A5CE5A22654554001EFC7007A0B8C484069D9E2638
Chrome Cache Entry: 513	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	1BF11FC2DBDB5C48B7D60F5005583417	DF52B131F6B151E674204CBA77082EFAEFBC3F8C	172E218E70CC419328B7AAB580615DA2A562E1508EAC9AC3014C52C51F2F50EC
Chrome Cache Entry: 516	PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced	C9F31E87400C46F9F8FB580602328C72	4B538CA736FB2A88A89214AD5EB0B2B80640B5AB	DDE1ACEFE23281E3715BDEE565CF1FD7064370D4BB751AB92C4ADD7D42932BBE
Chrome Cache Entry: 518	ASCII text, with very long lines (65536), with no line terminators	3309FB05681E22B6802DDA0759839080	C2E778DA54300AD0CBAE065147E4E255068CADC5	316FA5C7EA4EDF117C79E2447E95506068FAE35FB15E302D15F3822417C7C321
Chrome Cache Entry: 523	ASCII text, with very long lines (65536), with no line terminators	7E93C384B574C1D19DF910D525EC3789	EDF6EBFAF4A1F29E76B4094BB5B9DFB57388ECA6	16AB414F8B420754EB7D8095EF2E2953C18C442E173B1CBC1603CB0E19F1CC95
Chrome Cache Entry: 524	ASCII text, with very long lines (41116)	08FBFF79B5EEC28DDFF4D772223B81A9	AAABD7E0B32698E8295139C4868E9AEE5EDBD112	773A678845579E6334F19D4E62F29446E7898BD816359C74574E37884503F909
Chrome Cache Entry: 527	ASCII text, with very long lines (30497), with no line terminators	E55F3C2F2F2F2A339E4B0A08030E9803	729D608C534829E07F5DCDBBD75BBC031A9E9D9A	40CBE329851D4261E0E4A3B3665FD1025747AAC3CBFD87689CF3F2689CACF4E9
Chrome Cache Entry: 529	MS Windows cursor resource - 1 icon, 32x32, hotspot @16x16	04D59A1FFDA7020CBDA1BB9FCBF0BCA0	E0CACE5751F02AF9E12B3C066FFD542F3D12A279	EDC250E23E06AE7D15C1C19FDF9C6759129796B0A2F76DC82DF665C823C7B495
Chrome Cache Entry: 531	HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (4207), with CRLF line terminators	5780200B7FE28C3F2C46864A012246E5	03A13FDC8A8CC7DBECE15E23105EA6E870105133	0EF96689F29280B58D5024539DFE352EC9DD520CA1EDA5E24F0AEBD31DE0A560
Chrome Cache Entry: 532	ASCII text, with very long lines (2224), with no line terminators	96EC242EA2E25558F7EC13FA88D9D793	B0BB7F6BD5206CC1FFB572CBD4A6AD2F88D42433	850C54CE960E710757379C19601C65C00CF7D485063115F34AA30AE193CCEA43
Chrome Cache Entry: 535	ASCII text, with very long lines (65457)	122C9E4338794A3EE4A5E74D9777BC0F	98EF50E42CE81E5A7DB198EB3370252DE9A8BEBC	3BDAE7D8720DA0DCD5883C72A02762CF728F2392BAD92716FCEE190CA5AF2C53
Chrome Cache Entry: 538	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 539	ASCII text, with very long lines (65536), with no line terminators	641ED2F088E8590E8A1FA338B988EE64	84B6C315096AE4CAF1EB06FA25AABA97FA3A19D7	3E5143BA7FDD5C2AAEAE9B33D0B816CE31010263F46B4404F0757E7815904004
Chrome Cache Entry: 540	ASCII text, with very long lines (32011), with CRLF line terminators	5A8ED3646A340A247CD48F5732BAEA69	8A961A2C1461EB5CD8A9009911970824602F8B79	C459EC1608D98A847AB4C83723E1C4B2DC6E58A7006D5566C529A93113C2EE62
Chrome Cache Entry: 541	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 543	ASCII text, with very long lines (7708)	DDD63B48AF585746957581C2465786B8	D57B0B43445D410B476B2FE9EB6C685E297851AE	1F40B9A806FAA70C1C142A9AD7EB4EAA84A3F3A18184ADFF6AEA4B21A2C60A9D

Phishing

AI detected phishing page

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	LLM: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'mohrhydrokultur.adaradocumentfolder.top' does not match the legitimate domain for Microsoft., The domain 'adaradocumentfolder.top' is unusual and not associated with Microsoft., The presence of unrelated words like 'mohrhydrokultur' and 'adaradocumentfolder' in the URL is suspicious., The use of a '.top' domain extension is uncommon for a well-known brand like Microsoft and can be a red flag for phishing. DOM: 4.15.pages.csv
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known global technology company., The legitimate domain for Microsoft is 'microsoft.com'., The provided URL 'mohrhydrokultur.adaradocumentfolder.top' does not match the legitimate domain for Microsoft., The URL contains unusual elements such as 'adaradocumentfolder.top', which is not associated with Microsoft., The presence of a password input field on a non-Microsoft domain is suspicious and indicative of phishing. DOM: 5.19.pages.csv

HTML page contains obfuscated javascript

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: var a0_0x36091f=a0_0x4f90;function a0_0x4f90(_0x5c77f4,_0x5e295b){var _0x24fcb4=a0_0x1e61();re
Source: https://mohrhydrokultur.adaradocumentfolder.top/js_/671a394a1ba96-069e1219415fe70482935df3ce64b451	HTTP Parser: const a0_0x3073bc=a0_0x3920;(function(_0x286f0d,_0x4566b6){const _0x46dd23=a0_0x3920,_0x1f2b9f=_0x28
Source: https://mohrhydrokultur.adaradocumentfolder.top/js2_/671a3964cb686-18422c97909c69491844ce8ab555f730	HTTP Parser: const a0_0x2a5fe5=a0_0x46e1;(function(_0x32bc40,_0xe0232c){const _0x2b1141=a0_0x46e1,_0x5d3f16=_0x32
Source: https://mohrhydrokultur.adaradocumentfolder.top/&step=f253efe302d32ab264a76e0ce65be769671a397785458verify&uid=671a39778547a	HTTP Parser: var a0_0x242969=a0_0x220f;(function(_0x51e62b,_0x10a54b){var _0x11f018=a0_0x220f,_0xe565a2=_0x5
Source: https://mohrhydrokultur.adaradocumentfolder.top/js2_/671a39791f8f6-73c3fa6f5f1f491ea7041c79078cc674	HTTP Parser: const a0_0x2a5fe5=a0_0x46e1;(function(_0x32bc40,_0xe0232c){const _0x2b1141=a0_0x46e1,_0x5d3f16=_0x32

Phishing site detected (based on favicon image match)

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98

Matcher: Template: microsoft matched with high similarity

Phishing site detected (based on image similarity)

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	Matcher: Found strong image similarity, brand: MICROSOFT
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	Matcher: Found strong image similarity, brand: MICROSOFT

HTML body contains low number of good links

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: Number of links: 0
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: Number of links: 0

HTML body with high number of embedded images detected

HTTP Parser: Total embedded image size: 56838

HTML page contains hidden javascript code

HTTP Parser: Base64 decoded: {"siteid":"8c4f37b4-180c-47a5-bd62-049c455972c2","aud":"00000003-0000-0ff1-ce00-000000000000/onedrive.live.com@9188040d-6c67-4c5b-b112-36a304b66dad","exp":"1730200189"}

HTML title does not match URL

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: Title: a3609aa6e6c3453a45d858f7b7ee50f2671a39485d592 does not match URL
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: Title: a3609aa6e6c3453a45d858f7b7ee50f2671a39485d592 does not match URL

Invalid 'forgot password' link found

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd

HTTP Parser: Invalid link: reset it now.

Invalid 'sign-in options' or 'sign-up' link found

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98

HTTP Parser: Invalid link: get a new Microsoft account

Invalid T&C link found

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: Invalid link: Terms of use
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: Invalid link: Privacy & cookies
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: Invalid link: Terms of use
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: Invalid link: Privacy & cookies

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd

HTTP Parser: <input type="password" .../> found

Source: https://onedrive.live.com/view.aspx?resid=3E563D3FB2A98D1C!sa5e46869611b4483bcab4817eed24b41&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL28vYy8zZTU2M2QzZmIyYTk4ZDFjL0VtbG81S1ViWVlORXZLdElGLTdTUzBFQllTZVQzaE9PR3V2X01iZVQtbjJ5NGc_ZT1IUGpxVW4&wd=target%28Quick%20Notes.one%7C087bc1e6-1071-4924-97c8-9c06613cae25%2FMohr%20HYDROKULTUR%7Ca61e7bae-8de5-48ea-9575-302832b9824d%2F%29&wdorigin=NavigationUrl	HTTP Parser: No favicon
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: No favicon

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: No <meta name="author".. found
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: No <meta name="author".. found

Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=d9e0656dd064d478791a812104e166b4c7e5a6d4main&uid=f253efe302d32ab264a76e0ce65be769671a3949b9c98	HTTP Parser: No <meta name="copyright".. found
Source: https://mohrhydrokultur.adaradocumentfolder.top/&redirect=106a29b3e748b6cd676b5dfdea5376c1sec&uid=f253efe302d32ab264a76e0ce65be769671a39630f4bd	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49981 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 20MB

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:50247 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27

Source: global traffic	DNS traffic detected: DNS query: 1drv.ms
Source: global traffic	DNS traffic detected: DNS query: onedrive.live.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: common.online.office.com
Source: global traffic	DNS traffic detected: DNS query: onenoteonline.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: messaging.engagement.office.com
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com
Source: global traffic	DNS traffic detected: DNS query: mohrhydrokultur.adaradocumentfolder.top
Source: global traffic	DNS traffic detected: DNS query: www.onenote.com
Source: global traffic	DNS traffic detected: DNS query: fa000000012.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000096.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000110.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000111.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000128.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: fa000000138.resources.office.net
Source: global traffic	DNS traffic detected: DNS query: augloop.office.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: spoprod-a.akamaihd.net
Source: global traffic	DNS traffic detected: DNS query: westeurope-pa00.augloop.office.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msauthimages.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50154 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 50120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 50062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 50210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 50187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50293 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50144 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 50209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 50281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50236 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50199 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50216
Source: unknown	Network traffic detected: HTTP traffic on port 50277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50218
Source: unknown	Network traffic detected: HTTP traffic on port 50254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50217
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50219
Source: unknown	Network traffic detected: HTTP traffic on port 50139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50212
Source: unknown	Network traffic detected: HTTP traffic on port 50225 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50213
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50227
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50226
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50229
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50228
Source: unknown	Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 50186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50221
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50220
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50223
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 50243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50225
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50224
Source: unknown	Network traffic detected: HTTP traffic on port 50289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50237
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50239
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50232
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50231
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50233
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50236
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50235
Source: unknown	Network traffic detected: HTTP traffic on port 50288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50249
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 50255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50240
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 50150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50243
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50242
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50245
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50244
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 50224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50246
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50250
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50223 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50207
Source: unknown	Network traffic detected: HTTP traffic on port 50196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50209
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50208
Source: unknown	Network traffic detected: HTTP traffic on port 50245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50201
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50200
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50202
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50176
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50179
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50180
Source: unknown	Network traffic detected: HTTP traffic on port 50263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50182
Source: unknown	Network traffic detected: HTTP traffic on port 50286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50251 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50188
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 50205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50195
Source: unknown	Network traffic detected: HTTP traffic on port 50227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50197
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50196
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50139
Source: unknown	Network traffic detected: HTTP traffic on port 50170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50138
Source: unknown	Network traffic detected: HTTP traffic on port 50193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50131
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50251
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50254
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50132
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50253
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50255
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50136
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50260
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50149
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50143
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50146
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50145
Source: unknown	Network traffic detected: HTTP traffic on port 50226 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50148
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50269
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50147
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50268
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50270
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50151
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50272
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50150
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50271
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50153
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50154
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50156
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50279
Source: unknown	Network traffic detected: HTTP traffic on port 50182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 50137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50162
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50283
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50282
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50164
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50284
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50165
Source: unknown	Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50286
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50168
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50167
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50169
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50292
Source: unknown	Network traffic detected: HTTP traffic on port 50160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50170
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50291
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50294
Source: unknown	Network traffic detected: HTTP traffic on port 50287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50293
Source: unknown	Network traffic detected: HTTP traffic on port 50231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50145 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50237 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50133 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443

Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49981 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.troj.win@26/145@97/505

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1928,i,2509791596793076584,592649922223633577,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://1drv.ms/o/c/3e563d3fb2a98d1c/Emlo5KUbYYNEvKtIF-7SS0EBYSeT3hOOGuv_MbeT-n2y4g?e=HPjqUn"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1928,i,2509791596793076584,592649922223633577,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Data Obfuscation

Yara detected Html Dropper

Source: Yara match

File source: 4.15.pages.csv, type: HTML

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

LLM: Page contains button: 'FREIGEGBENES DOKUMENT ANZEIGEN' Source: '1.1.pages.csv'

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

ID:	1541149
Product:	CloudBasic
Start time:	14:09:03
Start date:	24.10.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://1drv.ms/o/c/3e563d3fb2a98d1c/Emlo5KUbYYNEvKtIF-7SS0EBYSeT3hOOGuv_MbeT-n2y4g?e=HPjqUn

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://1drv.ms/o/c/3e563d3fb2a98d1c/Emlo5KUbYYNEvKtIF-7SS0EBYSeT3hOOGuv_MbeT-n2y4g?e=HPjqUn

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://1drv.ms/o/c/3e563d3fb2a98d1c/Emlo5KUbYYNEvKtIF-7SS0EBYSeT3hOOGuv_MbeT-n2y4g?e=HPjqUn