Source: Town Of Castle Rock Eligible Finance Insurance Benefits Open Enrollment Plan.shtml |
HTTP Parser: No favicon |
Source: file:///C:/Users/user/Desktop/Town%20Of%20Castle%20Rock%20Eligible%20Finance%20Insurance%20Benefits%20Open%20Enrollment%20Plan.shtml |
HTTP Parser: No favicon |
Source: unknown |
HTTPS traffic detected: 2.20.204.113:443 -> 192.168.2.8:49713 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 2.20.204.113:443 -> 192.168.2.8:49714 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.8:49717 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.8:49759 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.8:49760 version: TLS 1.2 |
Source: Joe Sandbox View |
IP Address: 205.139.111.117 205.139.111.117 |
Source: Joe Sandbox View |
IP Address: 239.255.255.250 239.255.255.250 |
Source: Joe Sandbox View |
JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.206.229.226 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.206.229.226 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.206.229.226 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.206.229.226 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.206.229.226 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 2.20.204.113 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.63 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.63 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.63 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 52.149.20.212 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /s/bsrcCxkw9pCLRZmZS8foHypG0I?domain=sherwin.cw1.ro HTTP/1.1Host: url.us.m.mimecastprotect.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /r/i8y2r7ZsgyInosyoQR7z1Aiw5oRPpAGnbzcNYkwt_nR-NedUWV6D3xovyi2pcXUHYYsEGB7I5HkHAUuX1qr5c7LNS0pD3cPEjfdxVHk7wlGWcn_q_zEE4xmTxjVf4SHy98XMsK-E6xcsuUas-55gBKXdKTOx7RL9FxYkLl4IGKrHLjhoraBFy58bt8BRawBVBkXSvBKEemVsi83E5tnydAyD_eDXPlX0Uco4gOeglyn5z3o9oOWoea9RbLAeREW4iHRajynUuR9VIoIir7xd3opO-hUuJujLCyg-HyPX3a5bTe7nbxde87B51PrSEs7i4iIRHAUZ2pXU6fQRCXv9o4X57RxtAb8wi-57VIC4NqB6y4GR-R9E0lDt-OlKBbk73WdHoFE4BqcXRZ_HkNZnaZFDgzsUNwCgpSjU_nznMBMgsOxpI_IYeWjjIeS4vACiGosEBMZCBih3jACJMJbzDamukId7ZGXHlOtODCJqgrlYvAjPaY_5w-wOdlEcpe9HVPaMHJXKV2pOIoLp3ui58lmhVh1AnnyDOgsdDU7xnQ5EQTJIC--o7wlXs2VJEyLB2eFTQu9kTgyvNOf1jBEJxYrolvRzp7P-Qq7Fs4qS1D9gAapr0pundMq1Wr0U76ao0d73DjPEd1YSVEZnbVQHYu5N_PI9B31vQZPNjqeAKp_qD3Lr5DbL6Mm_xH8Zy_RyrXldNJWRImMbWmv2H_-qPXKZAZpLHB8eHTWTov4q8yV4JLjExpzbNtG-3FCEqWrigAumI2mO88txIkL_7gEYhe6vxwa3tlSnK0aqEoFgGvTKLBY2M4tinASSa6-WvXr_pEiaO5FMDI--JZEMuxPpVbbhD6f7wf4-cqxIJQI_qVTqSmhg1zu-2zpe3KBlLTGkY_kaz75o08_VemYmEZg4ovmf5CAcrYNkat7A0cI56-QD5mDvyxF1Jv9l5uz2-QSXIndWeP3oepHi9VmzrW932885xrAM6yCK77oh9KD6fiL6jIfERs1Zs00Ps5cxDJZT8lIsADqXY4VX9TYLxNch_dAxgBiNdDKKBrn1U3DmYdH2CVKAbeF0MkxHWKsuWI8co2xrgu160HmfgvQ8Ui0_S_mOp5EVkmyfiIdogdmzJlfmoqtPtK3TyYOGd33khXs3deiq11J0QjTtPOToBiQ_SywQLx4YuGK-78sGGS7VLasdbEuddK5PQNzqzZL-QA3xo_0SSi2cwXsajCjTobLwIT-dChb5thmz5zWy4zW4CqOT6E2ycoDJOpqjGVX55drmfo6VlYOP9YDrL2NO0Jh70h8B75H1jmZwATERdqbliyOZG8rCbilsJkifaMc2NY7-5hkvP7vY2tWLgBRuPL3ElYlwkmtXoO116j0a4kChhvdHbPIcxTkW59gLogK_Z1ehHpTs0HcjmlNaQtDfdN_NYD_xSaT4Kl4kon3TlC2MCe10z3W77FlWRkIg0FY1rRF6ge85ALpeqLGLAWRNeaeEfIGXSGw_79j-tVUMMYO1z8c68Xrp3_bMeb5iYnHV_0aCP4h6Xbkgzpvmk0hz88hzMBnLqyao_1uVdVtzr8B0ha_w-LzUFOVPXMlVUACy1MZD6ujKel05D7YN3DCsI_Ny_U49e6ghr8Tx7rVzYerHgOWhJ8RHfxAButd671EKMEwnLqKHnMzzD8pOdQqBiY5epBx2hwgUP50yLtfu_FVOn6CPY84jZ13H8C4rjEOGtMVx64mNb12ptm7vpu_WTes-4gdDLK4xriEA1uBLhjXGH8tX6X4Cu5y2-w1EivUgrEZArSYC_E3LySxwG96ZhvJORRcIZvbkOvLEr15RiuZiF6Nls8C4hsnxTnwIpd4XkZbiAJ1zoteTnH7yF46-SHLuUbSoIy4FqkQd3gkkZulrIgltoUye3NCsSgMywYrBHS-dJftrB2WIul58CLm4M1jJlMXKQZdso3jT1aDccZBTDRJcCPRpqNyq1E1B2OlaeJMgqhpadkE6K6d5rnQV3i39jU5rarSS4dWbUpp_3pmOjzC_SjaHXhnDNdFlWm4-aCpk7ryBZq9OdwqPNpgMLxBFCdv-zuxOS7NZ-CECX7qtwsM8ZNl12mRAEFySh8FYwsxd3HsPKoXbj26iXWQ6JBgdjdprdyp4kz0yhbxvpurq4DUtbDaPl7REzNrfuuWR7lLJofvhM2goNK7VMo9zn0m1nHlop09spBXrb7NP9CDTHoYC8QVpnrmkf-lQz5v8TzkdgahgQdqDunoaNcKJFLC3FhmknL54xY1Y7vtlCzTkurNeJOJ60tBMJOxCFBIeXh3mmG6y698ORcbkDwiPcQebE2hvjosfUg6qtyF_QYU5gJjErVSEfQoJhHo-YF61ONbo2uvdo4XHO8PPMH7_ACs2Ootf7fvXG7GSTDdgiJZwRBDJ5ehVNM6O0F7NJoZByqd1uvqNhU0bIaG |