hxxp://08/02/2024 - Ip relates to a Cloudflare CDN server[.] - passive dns records - (enter number and source) have been observed, which some have malicious tags[.] Threat dash shows[:] - no events in the waf logs - no events in the inbound FW traffic[.] - no events in the outbound FW logs - DNS logs show a url for this user which relates to a power automate blog from a Matthew Devaney[.] - ran the url through a sandbox and OSINT checkers, came back clean and legitimate site[.] - no attack signatures have been observed[.] Benign[.]

Sharing

Target

http://08/02/2024 - Ip relates to a Cloudflare CDN server. - passive dns records - (enter number and source) have been observed, which some have malicious tags. Threat dash shows: - no events in the waf logs - no events in the inbound FW traffic. - no events in the outbound FW logs - DNS logs show a url for this user which relates to a power automate blog from a Matthew Devaney. - ran the url through a sandbox and OSINT checkers, came back clean and legitimate site. - no attack signatures have been observed. Benign.