Windows Analysis Report
https://sitecoresolrlb-mig.uat.ashurst.com/384ff7382de624fb94dbaf6da11977bba1ecd427

Overview

General Information

Sample URL:	https://sitecoresolrlb-mig.uat.ashurst.com/384ff7382de624fb94dbaf6da11977bba1ecd427
Analysis ID:	1541818
Infos:

Detection

HTMLPhisher

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body contains password input but no form action

HTML title does not match URL

Classification

Signatures

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 2.3.pages.csv, type: HTML
Source: Yara match	File source: 2.2.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_71, type: DROPPED

HTML body contains low number of good links

Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57...

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML title does not match URL

HTTP Parser: Title: Sign In does not match URL

HTTP Parser: <input type="password" .../> found

Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57...	HTTP Parser: No favicon
Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57...	HTTP Parser: No favicon

Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57	HTTP Parser: No <meta name="author".. found
Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57	HTTP Parser: No <meta name="author".. found

Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57...	HTTP Parser: No <meta name="copyright".. found
Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57...	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:59833 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:59975 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:57970 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:59830 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: sitecoresolrlb-mig.uat.ashurst.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_89.2.dr, chromecache_87.2.dr	String found in binary or memory: https://github.com/indutny/elliptic
Source: chromecache_89.2.dr, chromecache_87.2.dr	String found in binary or memory: https://github.com/indutny/elliptic/issues
Source: chromecache_79.2.dr	String found in binary or memory: https://www.citrix.com

Source: unknown	Network traffic detected: HTTP traffic on port 59890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59869
Source: unknown	Network traffic detected: HTTP traffic on port 59871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59987
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59993
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59871
Source: unknown	Network traffic detected: HTTP traffic on port 59954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59991
Source: unknown	Network traffic detected: HTTP traffic on port 59845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59997
Source: unknown	Network traffic detected: HTTP traffic on port 59877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59883
Source: unknown	Network traffic detected: HTTP traffic on port 59959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59880
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59881
Source: unknown	Network traffic detected: HTTP traffic on port 59888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 59943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59894
Source: unknown	Network traffic detected: HTTP traffic on port 59910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59891
Source: unknown	Network traffic detected: HTTP traffic on port 59937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59890
Source: unknown	Network traffic detected: HTTP traffic on port 59850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59893
Source: unknown	Network traffic detected: HTTP traffic on port 59982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59892
Source: unknown	Network traffic detected: HTTP traffic on port 59904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 59971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59898
Source: unknown	Network traffic detected: HTTP traffic on port 59909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 59999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59942
Source: unknown	Network traffic detected: HTTP traffic on port 59898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59950
Source: unknown	Network traffic detected: HTTP traffic on port 59852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59951
Source: unknown	Network traffic detected: HTTP traffic on port 59961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59837
Source: unknown	Network traffic detected: HTTP traffic on port 59870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59960
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59962
Source: unknown	Network traffic detected: HTTP traffic on port 59938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59848
Source: unknown	Network traffic detected: HTTP traffic on port 59857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59969
Source: unknown	Network traffic detected: HTTP traffic on port 59989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59849
Source: unknown	Network traffic detected: HTTP traffic on port 59914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59850
Source: unknown	Network traffic detected: HTTP traffic on port 59899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59853
Source: unknown	Network traffic detected: HTTP traffic on port 59908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59973
Source: unknown	Network traffic detected: HTTP traffic on port 59956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59970
Source: unknown	Network traffic detected: HTTP traffic on port 59927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59858
Source: unknown	Network traffic detected: HTTP traffic on port 59893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59983
Source: unknown	Network traffic detected: HTTP traffic on port 59876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59861
Source: unknown	Network traffic detected: HTTP traffic on port 59851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59980
Source: unknown	Network traffic detected: HTTP traffic on port 59882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59907
Source: unknown	Network traffic detected: HTTP traffic on port 59968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59906
Source: unknown	Network traffic detected: HTTP traffic on port 59951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59909
Source: unknown	Network traffic detected: HTTP traffic on port 59945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59904
Source: unknown	Network traffic detected: HTTP traffic on port 59859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59900
Source: unknown	Network traffic detected: HTTP traffic on port 59939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59915
Source: unknown	Network traffic detected: HTTP traffic on port 59891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59910
Source: unknown	Network traffic detected: HTTP traffic on port 59913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59911
Source: unknown	Network traffic detected: HTTP traffic on port 59934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59929
Source: unknown	Network traffic detected: HTTP traffic on port 59918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59928
Source: unknown	Network traffic detected: HTTP traffic on port 59991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59921
Source: unknown	Network traffic detected: HTTP traffic on port 59892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59930
Source: unknown	Network traffic detected: HTTP traffic on port 59963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59939
Source: unknown	Network traffic detected: HTTP traffic on port 59841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59936
Source: unknown	Network traffic detected: HTTP traffic on port 59858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59937
Source: unknown	Network traffic detected: HTTP traffic on port 59897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59941
Source: unknown	Network traffic detected: HTTP traffic on port 59985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59940
Source: unknown	Network traffic detected: HTTP traffic on port 60000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60000
Source: unknown	Network traffic detected: HTTP traffic on port 59957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59886 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:59833 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:59975 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@16/54@6/3

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2044,i,12257002350134918986,16338638727128233154,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sitecoresolrlb-mig.uat.ashurst.com/384ff7382de624fb94dbaf6da11977bba1ecd427"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2044,i,12257002350134918986,16338638727128233154,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved		unknown	unknown	false
142.250.186.132	www.google.com	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.214.172	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
www.google.com	142.250.186.132	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
s-part-0032.t-0009.t-msedge.net	13.107.246.60	true
sitecoresolrlb-mig.uat.ashurst.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57B_gA1&username=	false		unknown
https://sitecoresolrlb-mig.uat.ashurst.com/384ff7382de624fb94dbaf6da11977bba1ecd427	false		unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with no line terminators	AF0EC3670FA22C68E25515F21BC2DC70	29CD160FB0EA9E2E64BC641251BF0D361FFCEFA9	11FB67BE2FC0A46A748ADDF4C3406F297DF1C538914C619B3E9C97B3A249B33E
Chrome Cache Entry: 101	PNG image data, 160 x 25, 8-bit/color RGBA, non-interlaced	CF8821D2FDE59A0CB4B911311F9329B4	B53194E82394A33420AA74E0A9C0B71ABB590037	4A2CAE9A9C5A586F2BD5DC6140E34CAC6B18BE6B617C602A4A48321452C18C1C
Chrome Cache Entry: 68	JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 2560x1600, components 3	D0265879502BDBA1DDD4BD649C976615	8E837CD29EAD3501BDFD2A6FCAD00ADBA5F5BB82	17197024D7CCDB50BD23B0E4CFCD38BF818F0C1644795474460BB1B5C95906D5
Chrome Cache Entry: 69	PNG image data, 1420 x 1080, 8-bit/color RGB, non-interlaced	1AEE2235CC822DC6527BB377A4B363DB	E36089F29546687061F2EF30E2498A1E9744416D	183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD
Chrome Cache Entry: 70	ASCII text, with very long lines (514)	D70456FE0CBD36F085BE6E8022A967CC	69C836849778D2E768E4FF286E6786FC9FFCE026	6D8C5C8694245716F43ADBBE19F5231ECB3059DF98BC5CC6EBFC9151836A48AC
Chrome Cache Entry: 71	HTML document, Unicode text, UTF-8 text, with very long lines (309)	7F052BA4F1829D02878B4F8AFB3A3B17	25387592C2C463F1288D006FF10303645C77CCCC	42D370F99DF9311E557B0E881CBFCD40D33F4891C1E3C8C7D9EFBA1A3286480F
Chrome Cache Entry: 72	MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel	4C2049DAD5C78893481FC831C6338274	CECEB457F3D910AF15CB548E9FBFE2C1DBCA1242	80C297534C925E1973052B72584A929A0B68C988BFCDE7C1728AD72FC1F3E039
Chrome Cache Entry: 73	GIF image data, version 89a, 45 x 44	468BA45616591FF91C90D1FE820A37DB	F81EF447026C6E191CE552F95918E8A3B74B0D9A	111CE0995FD5170B4289D22D9BAC264FFBA149C4EDA9377A5403423A22D3B76C
Chrome Cache Entry: 74	ASCII text, with very long lines (620)	41ACC8FB6964368646B7AF113844B590	02768CEEA678666F62869C6D50622A894437F40D	8E46F1BBFD0BC7D36CBA20C371D22DE8F90A7DF907A28A53C293C78819083D4B
Chrome Cache Entry: 75	ASCII text, with very long lines (22363), with no line terminators	CFD336AE5741808E06CB6A5820136E60	6196752733886C2B2021EB87C13C0B3EB2F1D764	040518C907CCDD4F25E74E0B377E5D39251AE6FE383E195886D6C8FE8B71B50F
Chrome Cache Entry: 76	ASCII text, with very long lines (548)	8FAEBED464C1E869BDD211469FAE85AB	21F3930DA03554989C56E99F1ECD4000232956C7	A362DD8024A2D785C91515592A6C31317FF7D96C48FCA13D5FD6E1758239B208
Chrome Cache Entry: 77	ASCII text, with very long lines (517)	366B5BB7E1A9493A85FB55C1214AC0B3	D9C66739293C205420E5BE0DE117370DD82EBE45	BA4E6AF952AD38ED336E34950AC7DD236DB7238C315418431A53263A84760305
Chrome Cache Entry: 78	ASCII text, with very long lines (579)	1C97A3016754514038CACFB844F0239C	46DEBFA332ECF1BD4925C64265C47F7258172850	9BBBEE2C65B74A02EEDE62CA5A340A0B873E50282DC26DB4AEB3A6A587CC1D95
Chrome Cache Entry: 79	HTML document, Unicode text, UTF-8 text, with very long lines (18536)	88BEE82CB1EB01D48BFFCBA99BA5D2E1	0264E414238E99501A68314784CD432CB43BDACA	277343D2C22C77870C19BD0F19525C0B2FBB06B876B09309EAF895A13C70741F
Chrome Cache Entry: 80	MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel	4C2049DAD5C78893481FC831C6338274	CECEB457F3D910AF15CB548E9FBFE2C1DBCA1242	80C297534C925E1973052B72584A929A0B68C988BFCDE7C1728AD72FC1F3E039
Chrome Cache Entry: 81	ASCII text, with no line terminators	C63BBD329146AA451DFCD7D4CD572DF5	6DEFC8FED9CD924EF3946AB5A64C472C0D998E8D	22993D2C8488DBF170D5C18CD16A5F40539C17AADBF97BA58360EFB296539335
Chrome Cache Entry: 82	ASCII text, with very long lines (869)	2656AB6ED9A9D68EB17CC5727C6F064A	4B62387E0699D7BD36191AD73328A5D3CEE11871	816810F6FDB9067CAD19AB599F6F609E9117360731C4A4F1F4CB0F2D0E998482
Chrome Cache Entry: 83	ASCII text, with very long lines (514)	D70456FE0CBD36F085BE6E8022A967CC	69C836849778D2E768E4FF286E6786FC9FFCE026	6D8C5C8694245716F43ADBBE19F5231ECB3059DF98BC5CC6EBFC9151836A48AC
Chrome Cache Entry: 84	ASCII text, with very long lines (553)	380BFFE76FFA2477589C6D56C59261B3	475741105C01281B8167C354699EA64AA601D2DC	59F99EF4BD5B400E96BDD7F65F199F7FA086C734677926B3E5F9066CD013A6B1
Chrome Cache Entry: 85	ASCII text, with very long lines (553)	380BFFE76FFA2477589C6D56C59261B3	475741105C01281B8167C354699EA64AA601D2DC	59F99EF4BD5B400E96BDD7F65F199F7FA086C734677926B3E5F9066CD013A6B1
Chrome Cache Entry: 86	ASCII text, with very long lines (548)	8FAEBED464C1E869BDD211469FAE85AB	21F3930DA03554989C56E99F1ECD4000232956C7	A362DD8024A2D785C91515592A6C31317FF7D96C48FCA13D5FD6E1758239B208
Chrome Cache Entry: 87	ASCII text, with very long lines (584)	C8216BBB297437610664D5919E196453	8752066DAD040B696E81E299B0C263139E7B2F59	8785DA23F0E565F23DF38D46EA29FF40849011FDD0BE4940CDE34279AE6D3125
Chrome Cache Entry: 88	PNG image data, 160 x 25, 8-bit/color RGBA, non-interlaced	CF8821D2FDE59A0CB4B911311F9329B4	B53194E82394A33420AA74E0A9C0B71ABB590037	4A2CAE9A9C5A586F2BD5DC6140E34CAC6B18BE6B617C602A4A48321452C18C1C
Chrome Cache Entry: 89	ASCII text, with very long lines (584)	C8216BBB297437610664D5919E196453	8752066DAD040B696E81E299B0C263139E7B2F59	8785DA23F0E565F23DF38D46EA29FF40849011FDD0BE4940CDE34279AE6D3125
Chrome Cache Entry: 90	ASCII text, with very long lines (579)	1C97A3016754514038CACFB844F0239C	46DEBFA332ECF1BD4925C64265C47F7258172850	9BBBEE2C65B74A02EEDE62CA5A340A0B873E50282DC26DB4AEB3A6A587CC1D95
Chrome Cache Entry: 91	PNG image data, 1420 x 1080, 8-bit/color RGB, non-interlaced	1AEE2235CC822DC6527BB377A4B363DB	E36089F29546687061F2EF30E2498A1E9744416D	183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD
Chrome Cache Entry: 92	ASCII text, with very long lines (517)	366B5BB7E1A9493A85FB55C1214AC0B3	D9C66739293C205420E5BE0DE117370DD82EBE45	BA4E6AF952AD38ED336E34950AC7DD236DB7238C315418431A53263A84760305
Chrome Cache Entry: 93	Unicode text, UTF-8 text, with CRLF line terminators	97D3F4A129DAB9DBD0A18296F5B833C2	DC72A652E8D9D60E291FCBEDAE5669A97FE25130	0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Chrome Cache Entry: 94	ASCII text, with very long lines (620)	41ACC8FB6964368646B7AF113844B590	02768CEEA678666F62869C6D50622A894437F40D	8E46F1BBFD0BC7D36CBA20C371D22DE8F90A7DF907A28A53C293C78819083D4B
Chrome Cache Entry: 95	JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 2560x1600, components 3	D0265879502BDBA1DDD4BD649C976615	8E837CD29EAD3501BDFD2A6FCAD00ADBA5F5BB82	17197024D7CCDB50BD23B0E4CFCD38BF818F0C1644795474460BB1B5C95906D5
Chrome Cache Entry: 96	GIF image data, version 89a, 45 x 44	468BA45616591FF91C90D1FE820A37DB	F81EF447026C6E191CE552F95918E8A3B74B0D9A	111CE0995FD5170B4289D22D9BAC264FFBA149C4EDA9377A5403423A22D3B76C
Chrome Cache Entry: 97	ASCII text, with very long lines (869)	2656AB6ED9A9D68EB17CC5727C6F064A	4B62387E0699D7BD36191AD73328A5D3CEE11871	816810F6FDB9067CAD19AB599F6F609E9117360731C4A4F1F4CB0F2D0E998482
Chrome Cache Entry: 98	ASCII text, with very long lines (615)	0C0D7E0B234A2D6FDC1B120CCDADF2E5	BA0BE0CC5F984C3681EE13D8320A402783A700C4	D7D2CCA4989B1F4201D186A8D4208A8C6CC04760849E53951C6E4F89EC7D803B
Chrome Cache Entry: 99	ASCII text, with very long lines (615)	0C0D7E0B234A2D6FDC1B120CCDADF2E5	BA0BE0CC5F984C3681EE13D8320A402783A700C4	D7D2CCA4989B1F4201D186A8D4208A8C6CC04760849E53951C6E4F89EC7D803B

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 2.3.pages.csv, type: HTML
Source: Yara match	File source: 2.2.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_71, type: DROPPED

HTML body contains low number of good links

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML title does not match URL

HTTP Parser: Title: Sign In does not match URL

HTTP Parser: <input type="password" .../> found

Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57...	HTTP Parser: No favicon
Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57...	HTTP Parser: No favicon

Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57	HTTP Parser: No <meta name="author".. found
Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57	HTTP Parser: No <meta name="author".. found

Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57...	HTTP Parser: No <meta name="copyright".. found
Source: https://sitecoresolrlb-mig.uat.ashurst.com/adfs/ls/?client-request-id=59c3ecb4-848b-44a9-8e3c-1bf8ae7eb812&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAjZLPa9NgAEATu25zP4tehCFM8DDQrsmXNGmKA61NmrZr3PKz-TxI8iVd2rRN1ibtlrOIoIjnHb3Ng4yhF72InpyXgXjxJDvJEPG4ozt6Ev-ABw_em8GKS14UhcNiLmcN29bIaa9aQy8eDKNVFPQGl2Yyr39-NJ883C8_u7V09mr7_uxLfOUfRA5ttXNDq9e14sj7gF97UCBpxFE2wxU4qsUBx6UolyUJLk9ZFGFzzDGO_8DxbxfSyjkE9lJPL5iUTG-oJaZR4WRIRKbSi3q6sVOHoJColdrAAlxdN0hP73qxCUIdaRGpiiVysx8Q97QQrBtcaKqbkSuEwOVDqQEkxdFgAokw1n0pgobDo6ZXazRLgupHVUsjW7q_taM1NRpqsCKXJdEQS7zVlfumFiSuJsim74WSBkm3Avt2uUHru0TSELhyI6mNFR56kiAoRk8XJBDVZb4rmB2eMITC7rnjrko5UNWFCIlyX9YaidKUoL5VChxRHqMkGK0DIbEMAcCKH5tNKXCatcS5m-_YgBgdpq4Tts1YNkJZi0Z2lm65IMvZeZB1KMtmbMvlCJI-SV1mOYbNs9ztv1ocT8ydTswR6eL09Exm8crUMnY2gb9Inzc9XEm9MVL7pUcLy_LV2Q52lM7JhU5tmygETrRRCGXHU7tSB8WdOmI9EVYYNM7RwnjEu_IdYo0pks8n548msd-T-OMpbG8Ke3vxv6d4P4-dLZx8_vL14NO7X-Lp4k3Y61ddxb-h13gom2HVQQTf5pUdUmdjumXDHOiz2ghtDvzq2kEG-57...	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:59833 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:59975 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:57970 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:59830 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: sitecoresolrlb-mig.uat.ashurst.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_89.2.dr, chromecache_87.2.dr	String found in binary or memory: https://github.com/indutny/elliptic
Source: chromecache_89.2.dr, chromecache_87.2.dr	String found in binary or memory: https://github.com/indutny/elliptic/issues
Source: chromecache_79.2.dr	String found in binary or memory: https://www.citrix.com

Source: unknown	Network traffic detected: HTTP traffic on port 59890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59869
Source: unknown	Network traffic detected: HTTP traffic on port 59871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59987
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59993
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59871
Source: unknown	Network traffic detected: HTTP traffic on port 59954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59991
Source: unknown	Network traffic detected: HTTP traffic on port 59845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59997
Source: unknown	Network traffic detected: HTTP traffic on port 59877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59883
Source: unknown	Network traffic detected: HTTP traffic on port 59959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59880
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59881
Source: unknown	Network traffic detected: HTTP traffic on port 59888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 59943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59894
Source: unknown	Network traffic detected: HTTP traffic on port 59910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59891
Source: unknown	Network traffic detected: HTTP traffic on port 59937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59890
Source: unknown	Network traffic detected: HTTP traffic on port 59850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59893
Source: unknown	Network traffic detected: HTTP traffic on port 59982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59892
Source: unknown	Network traffic detected: HTTP traffic on port 59904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 59971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59898
Source: unknown	Network traffic detected: HTTP traffic on port 59909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 59999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59942
Source: unknown	Network traffic detected: HTTP traffic on port 59898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59950
Source: unknown	Network traffic detected: HTTP traffic on port 59852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59951
Source: unknown	Network traffic detected: HTTP traffic on port 59961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59837
Source: unknown	Network traffic detected: HTTP traffic on port 59870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59960
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59962
Source: unknown	Network traffic detected: HTTP traffic on port 59938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59848
Source: unknown	Network traffic detected: HTTP traffic on port 59857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59969
Source: unknown	Network traffic detected: HTTP traffic on port 59989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59849
Source: unknown	Network traffic detected: HTTP traffic on port 59914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59850
Source: unknown	Network traffic detected: HTTP traffic on port 59899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59853
Source: unknown	Network traffic detected: HTTP traffic on port 59908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59973
Source: unknown	Network traffic detected: HTTP traffic on port 59956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59970
Source: unknown	Network traffic detected: HTTP traffic on port 59927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59858
Source: unknown	Network traffic detected: HTTP traffic on port 59893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59983
Source: unknown	Network traffic detected: HTTP traffic on port 59876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59861
Source: unknown	Network traffic detected: HTTP traffic on port 59851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59980
Source: unknown	Network traffic detected: HTTP traffic on port 59882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59907
Source: unknown	Network traffic detected: HTTP traffic on port 59968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59906
Source: unknown	Network traffic detected: HTTP traffic on port 59951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59909
Source: unknown	Network traffic detected: HTTP traffic on port 59945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59904
Source: unknown	Network traffic detected: HTTP traffic on port 59859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59900
Source: unknown	Network traffic detected: HTTP traffic on port 59939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59915
Source: unknown	Network traffic detected: HTTP traffic on port 59891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59910
Source: unknown	Network traffic detected: HTTP traffic on port 59913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59911
Source: unknown	Network traffic detected: HTTP traffic on port 59934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59929
Source: unknown	Network traffic detected: HTTP traffic on port 59918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59928
Source: unknown	Network traffic detected: HTTP traffic on port 59991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59921
Source: unknown	Network traffic detected: HTTP traffic on port 59892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59930
Source: unknown	Network traffic detected: HTTP traffic on port 59963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59939
Source: unknown	Network traffic detected: HTTP traffic on port 59841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59936
Source: unknown	Network traffic detected: HTTP traffic on port 59858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59937
Source: unknown	Network traffic detected: HTTP traffic on port 59897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59941
Source: unknown	Network traffic detected: HTTP traffic on port 59985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59940
Source: unknown	Network traffic detected: HTTP traffic on port 60000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60000
Source: unknown	Network traffic detected: HTTP traffic on port 59957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59886 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:59833 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:59975 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@16/54@6/3

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2044,i,12257002350134918986,16338638727128233154,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sitecoresolrlb-mig.uat.ashurst.com/384ff7382de624fb94dbaf6da11977bba1ecd427"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2044,i,12257002350134918986,16338638727128233154,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1541818
Product:	CloudBasic
Start time:	07:42:13
Start date:	25.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://sitecoresolrlb-mig.uat.ashurst.com/384ff7382de624fb94dbaf6da11977bba1ecd427

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://sitecoresolrlb-mig.uat.ashurst.com/384ff7382de624fb94dbaf6da11977bba1ecd427

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://sitecoresolrlb-mig.uat.ashurst.com/384ff7382de624fb94dbaf6da11977bba1ecd427