Windows Analysis Report
https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr08rfzwKOlRYPL38hs-2FGE63s-3Dnybj_bNJYK7cPgMYSOVqZX8hsFRQ-2BUiS6nEFqdz2nSISnYBvQlR46zPXi1Chyc1-2FE-2B2

Overview

General Information

Sample URL:	https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr0
Analysis ID:	1540576
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Detected non-DNS traffic on DNS port

Classification

Signatures

Source: https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr08rfzwKOlRYPL38hs-2FGE63s-3Dnybj_bNJYK7cPgMYSOVqZX8hsFRQ-2BUiS6nEFqdz2nSISnYBvQlR46zPXi1Chyc1-2FE-2B2YbB8Rrx1Xr8hLfzq0DX

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61503 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61564 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61578 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:61500 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr08rfzwKOlRYPL38hs-2FGE63s-3Dnybj_bNJYK7cPgMYSOVqZX8hsFRQ-2BUiS6nEFqdz2nSISnYBvQlR46zPXi1Chyc1-2FE-2B2YbB8Rrx1Xr8hLfzq0DX HTTP/1.1Host: email.sg.on24event.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: email.sg.on24event.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr08rfzwKOlRYPL38hs-2FGE63s-3Dnybj_bNJYK7cPgMYSOVqZX8hsFRQ-2BUiS6nEFqdz2nSISnYBvQlR46zPXi1Chyc1-2FE-2B2YbB8Rrx1Xr8hLfzq0DXAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: email.sg.on24event.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 23 Oct 2024 21:08:05 GMTContent-Type: text/htmlContent-Length: 564Connection: close

Source: unknown	Network traffic detected: HTTP traffic on port 61522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 61568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61509
Source: unknown	Network traffic detected: HTTP traffic on port 61580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61583 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61503
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61504
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61505
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61506
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61508
Source: unknown	Network traffic detected: HTTP traffic on port 61539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61581
Source: unknown	Network traffic detected: HTTP traffic on port 61516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61582
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61583
Source: unknown	Network traffic detected: HTTP traffic on port 61577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61584
Source: unknown	Network traffic detected: HTTP traffic on port 61531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61585
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61586
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 61554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61587
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61588
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61504 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61512
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61513
Source: unknown	Network traffic detected: HTTP traffic on port 61557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61511 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61515
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61516
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61517
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61518
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61519
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61574 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61510
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61511
Source: unknown	Network traffic detected: HTTP traffic on port 61519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61510 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61523
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61524
Source: unknown	Network traffic detected: HTTP traffic on port 61533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61525
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61527
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61529
Source: unknown	Network traffic detected: HTTP traffic on port 61552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61575 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61518 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61521
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61522
Source: unknown	Network traffic detected: HTTP traffic on port 61569 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61586 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61534
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61539
Source: unknown	Network traffic detected: HTTP traffic on port 61530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61530
Source: unknown	Network traffic detected: HTTP traffic on port 61555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61531
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61532
Source: unknown	Network traffic detected: HTTP traffic on port 61538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61572 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61533
Source: unknown	Network traffic detected: HTTP traffic on port 61503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61545
Source: unknown	Network traffic detected: HTTP traffic on port 61558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61547
Source: unknown	Network traffic detected: HTTP traffic on port 61512 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61548
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61549
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61540
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61542
Source: unknown	Network traffic detected: HTTP traffic on port 61550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61573 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61543
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61544
Source: unknown	Network traffic detected: HTTP traffic on port 61546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61581 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61557
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61558
Source: unknown	Network traffic detected: HTTP traffic on port 61584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61559
Source: unknown	Network traffic detected: HTTP traffic on port 61515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61550
Source: unknown	Network traffic detected: HTTP traffic on port 61578 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61552
Source: unknown	Network traffic detected: HTTP traffic on port 61532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61553
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61554
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61553 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61555
Source: unknown	Network traffic detected: HTTP traffic on port 61570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61520 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61567
Source: unknown	Network traffic detected: HTTP traffic on port 61508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61569
Source: unknown	Network traffic detected: HTTP traffic on port 61585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61560
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61561
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61562
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61563
Source: unknown	Network traffic detected: HTTP traffic on port 61556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61564
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61565
Source: unknown	Network traffic detected: HTTP traffic on port 61537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61566
Source: unknown	Network traffic detected: HTTP traffic on port 61571 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61580
Source: unknown	Network traffic detected: HTTP traffic on port 61540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61506 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61578
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61579
Source: unknown	Network traffic detected: HTTP traffic on port 61582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61570
Source: unknown	Network traffic detected: HTTP traffic on port 61576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61571
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61572
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61573
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61574
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61575
Source: unknown	Network traffic detected: HTTP traffic on port 61517 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61576
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61577

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61503 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61564 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61578 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@21/4@4/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=2136,i,1293478387212524177,9404733510419667675,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr08rfzwKOlRYPL38hs-2FGE63s-3Dnybj_bNJYK7cPgMYSOVqZX8hsFRQ-2BUiS6nEFqdz2nSISnYBvQlR46zPXi1Chyc1-2FE-2B2YbB8Rrx1Xr8hLfzq0DX"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=2136,i,1293478387212524177,9404733510419667675,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.186.132	www.google.com	United States	15169	GOOGLEUS	false
199.83.44.68	r-email.sg.on24event.com	United States	18742	ON24-SACUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
s-part-0044.t-0009.fb-t-msedge.net	13.107.253.72	true
www.google.com	142.250.186.132	true
r-email.sg.on24event.com	199.83.44.68	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
s-part-0032.t-0009.t-msedge.net	13.107.246.60	true
email.sg.on24event.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://email.sg.on24event.com/favicon.ico	false		unknown
https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr08rfzwKOlRYPL38hs-2FGE63s-3Dnybj_bNJYK7cPgMYSOVqZX8hsFRQ-2BUiS6nEFqdz2nSISnYBvQlR46zPXi1Chyc1-2FE-2B2YbB8Rrx1Xr8hLfzq0DX	false		unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 104	HTML document, ASCII text, with CRLF line terminators	8E325DC2FEA7C8900FC6C4B8C6C394FE	1B3291D4EEA179C84145B2814CB53E6A506EC201	0B52C5338AF355699530A47683420E48C7344E779D3E815FF9943CBFDC153CF2
Chrome Cache Entry: 105	HTML document, ASCII text, with no line terminators	F0C66914A58FC74FC98A7C9BB4C288F2	3E0E43F567138623CABFF91C14100D144AC56949	54E173BE753D03B2C163CEBBEE02BE7F4BDC1D6663154D4D60A3833F7BA3436B

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61503 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61564 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61578 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:61500 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr08rfzwKOlRYPL38hs-2FGE63s-3Dnybj_bNJYK7cPgMYSOVqZX8hsFRQ-2BUiS6nEFqdz2nSISnYBvQlR46zPXi1Chyc1-2FE-2B2YbB8Rrx1Xr8hLfzq0DX HTTP/1.1Host: email.sg.on24event.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: email.sg.on24event.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr08rfzwKOlRYPL38hs-2FGE63s-3Dnybj_bNJYK7cPgMYSOVqZX8hsFRQ-2BUiS6nEFqdz2nSISnYBvQlR46zPXi1Chyc1-2FE-2B2YbB8Rrx1Xr8hLfzq0DXAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: email.sg.on24event.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 23 Oct 2024 21:08:05 GMTContent-Type: text/htmlContent-Length: 564Connection: close

Source: unknown	Network traffic detected: HTTP traffic on port 61522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 61568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61509
Source: unknown	Network traffic detected: HTTP traffic on port 61580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61583 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61503
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61504
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61505
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61506
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61508
Source: unknown	Network traffic detected: HTTP traffic on port 61539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61581
Source: unknown	Network traffic detected: HTTP traffic on port 61516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61582
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61583
Source: unknown	Network traffic detected: HTTP traffic on port 61577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61584
Source: unknown	Network traffic detected: HTTP traffic on port 61531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61585
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61586
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 61554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61587
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61588
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61504 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61512
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61513
Source: unknown	Network traffic detected: HTTP traffic on port 61557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61511 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61515
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61516
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61517
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61518
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61519
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61574 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61510
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61511
Source: unknown	Network traffic detected: HTTP traffic on port 61519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61510 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61523
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61524
Source: unknown	Network traffic detected: HTTP traffic on port 61533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61525
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61527
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61529
Source: unknown	Network traffic detected: HTTP traffic on port 61552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61575 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61518 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61521
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61522
Source: unknown	Network traffic detected: HTTP traffic on port 61569 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61586 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61534
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61539
Source: unknown	Network traffic detected: HTTP traffic on port 61530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61530
Source: unknown	Network traffic detected: HTTP traffic on port 61555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61531
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61532
Source: unknown	Network traffic detected: HTTP traffic on port 61538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61572 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61533
Source: unknown	Network traffic detected: HTTP traffic on port 61503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61545
Source: unknown	Network traffic detected: HTTP traffic on port 61558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61547
Source: unknown	Network traffic detected: HTTP traffic on port 61512 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61548
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61549
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61540
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61542
Source: unknown	Network traffic detected: HTTP traffic on port 61550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61573 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61543
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61544
Source: unknown	Network traffic detected: HTTP traffic on port 61546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61581 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61557
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61558
Source: unknown	Network traffic detected: HTTP traffic on port 61584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61559
Source: unknown	Network traffic detected: HTTP traffic on port 61515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61550
Source: unknown	Network traffic detected: HTTP traffic on port 61578 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61552
Source: unknown	Network traffic detected: HTTP traffic on port 61532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61553
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61554
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61553 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61555
Source: unknown	Network traffic detected: HTTP traffic on port 61570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61520 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61567
Source: unknown	Network traffic detected: HTTP traffic on port 61508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61569
Source: unknown	Network traffic detected: HTTP traffic on port 61585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61560
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61561
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61562
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61563
Source: unknown	Network traffic detected: HTTP traffic on port 61556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61564
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61565
Source: unknown	Network traffic detected: HTTP traffic on port 61537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61566
Source: unknown	Network traffic detected: HTTP traffic on port 61571 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61580
Source: unknown	Network traffic detected: HTTP traffic on port 61540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61506 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61578
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61579
Source: unknown	Network traffic detected: HTTP traffic on port 61582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61570
Source: unknown	Network traffic detected: HTTP traffic on port 61576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61571
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61572
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61573
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61574
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61575
Source: unknown	Network traffic detected: HTTP traffic on port 61517 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61576
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61577

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61503 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61564 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.4:61578 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@21/4@4/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=2136,i,1293478387212524177,9404733510419667675,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiH5NrSUgUqLrnQzdPXw8nHK6ugnD9lNS4JGfbwwuDDUiEhi9XGNxapWSDRGNOoS15h5cE95bcWlZ9IH4azvql6lGHtJRUi7rtn-2Fzb0tBcnr08rfzwKOlRYPL38hs-2FGE63s-3Dnybj_bNJYK7cPgMYSOVqZX8hsFRQ-2BUiS6nEFqdz2nSISnYBvQlR46zPXi1Chyc1-2FE-2B2YbB8Rrx1Xr8hLfzq0DX"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=2136,i,1293478387212524177,9404733510419667675,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1540576
Product:	CloudBasic
Start time:	23:07:06
Start date:	23.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs