Windows Analysis Report
Legal Document (Vital Important).pdf

Overview

General Information

Sample name:	Legal Document (Vital Important).pdf
Analysis ID:	1543565
MD5:	bbdb184f5e47888af09df8af8f4e3a4a
SHA1:	8e95ea4b1a3a2bf2c8b0bfe37ed510de9c4bef61
SHA256:	1d202a350c52fc9203e20552c0b4b4b5b1af9f0ada47281b19246aa4976fc56f
Infos:

Detection

Score:	23
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

AI detected landing page (webpage, office document or email)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden javascript code

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

Classification

Signatures

HTML body contains low number of good links

Source: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden javascript code

Source: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt

HTTP Parser: Base64 decoded: <?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://creativecommons.org/ns#" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:svg="http://www.w3.org/2000/svg" ...

Source: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt

HTTP Parser: <input type="password" .../> found

Source: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:57054 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57055 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57091 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57126 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57287 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:57019 -> 1.1.1.1:53

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 85.214.3.151 85.214.3.151
Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=r+tw2EMu+eKkZXW&MD=BrcNGuyO HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt HTTP/1.1Host: linkshield.synaq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scan/id/1t4J5R-0008jf-IF/ts/1729851047/cnf/98739490591342865/url/OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt HTTP/1.1Host: linkshield.synaq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEttAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/3qDJzHKv HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://linkshield.synaq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scan/id/1t4J5R-0008jf-IF/ts/1729851047/cnf/98739490591342865/url/OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt HTTP/1.1Host: linkshield.synaq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendor-41d390767ba031263a65.js HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundle-cd0841a72d9fc9b59f08.css HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main-2a9d55d2c743ffce8209.js HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendor-41d390767ba031263a65.js HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main-2a9d55d2c743ffce8209.js HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /473ad7094608f924460a.woff2 HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://get.hidrive.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://get.hidrive.com/bundle-cd0841a72d9fc9b59f08.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2a947e89d2e241121d6f.woff2 HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://get.hidrive.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://get.hidrive.com/bundle-cd0841a72d9fc9b59f08.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/3qDJzHKv/index HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /144c3a3cc463b12046ef.jpg HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/3qDJzHKv/index HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/manifest.json HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /144c3a3cc463b12046ef.jpg HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/android-chrome-144x144.png HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/android-chrome-144x144.png HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=r+tw2EMu+eKkZXW&MD=BrcNGuyO HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: x1.i.lencr.org
Source: global traffic	DNS traffic detected: DNS query: linkshield.synaq.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: get.hidrive.com

Source: 77EC63BDA74BD0D0E0426DC8F80085060.1.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: 2D85F72862B55C4EADD9E66E06947F3D0.1.dr	String found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_202.10.dr	String found in binary or memory: https://get.hidrive.com
Source: chromecache_210.10.dr	String found in binary or memory: https://get.hidrive.com/i/3qDJzHKv
Source: chromecache_210.10.dr	String found in binary or memory: https://get.hidrive.com/i/3qDJzHKv"
Source: chromecache_210.10.dr	String found in binary or memory: https://securemail.synaq.com/message_listing?message_list_direction=0&id=1t4J5R-0008jf-IF
Source: chromecache_202.10.dr	String found in binary or memory: https://share.hidrive.com
Source: chromecache_202.10.dr	String found in binary or memory: https://share.hidrive.com/assets/android-chrome-256x256.png
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0010
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0011
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0012
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0013
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0020
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0021
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0022
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0023
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0030
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0031
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0032
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0033
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0040
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0041
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0042
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0043
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0050
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0051
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0052
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0053
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0060
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0061
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0062
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0063
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0070
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0071
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0072
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0073
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1010
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1011
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1012
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1013
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1014
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1020
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1021
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1022
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1023
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1024
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1030
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1031
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1032
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1033
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1034
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1040
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1041
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1042
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1043
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1044
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1050
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1051
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1052
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1053
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1054
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1060
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1061
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1062
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1063
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1064
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1070
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1072
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1073
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1074
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1101
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1111
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1121
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1131
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1141
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1151
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1161
Source: chromecache_210.10.dr	String found in binary or memory: https://www.synaq.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 57141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 57187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57247
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57248
Source: unknown	Network traffic detected: HTTP traffic on port 57106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57249
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57129
Source: unknown	Network traffic detected: HTTP traffic on port 57129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57254
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57134
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57255
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57136
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57250
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57130
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57251
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57131
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57132
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57253
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 57209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57312 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57198 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57138
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57139
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57023
Source: unknown	Network traffic detected: HTTP traffic on port 57095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57145
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57146
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57147
Source: unknown	Network traffic detected: HTTP traffic on port 57152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57268
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57263
Source: unknown	Network traffic detected: HTTP traffic on port 57301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57143
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57260
Source: unknown	Network traffic detected: HTTP traffic on port 57244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57148
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57149
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57034
Source: unknown	Network traffic detected: HTTP traffic on port 57130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57155
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57156
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57036
Source: unknown	Network traffic detected: HTTP traffic on port 57096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57157
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57037
Source: unknown	Network traffic detected: HTTP traffic on port 57153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57279
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57151
Source: unknown	Network traffic detected: HTTP traffic on port 57210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57272
Source: unknown	Network traffic detected: HTTP traffic on port 57073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57273
Source: unknown	Network traffic detected: HTTP traffic on port 57300 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57153
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57154
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57275
Source: unknown	Network traffic detected: HTTP traffic on port 57243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57270
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57150
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57271
Source: unknown	Network traffic detected: HTTP traffic on port 57186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57045
Source: unknown	Network traffic detected: HTTP traffic on port 57105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57166
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57167
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57168
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57169
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57162
Source: unknown	Network traffic detected: HTTP traffic on port 57175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57283
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57163
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57284
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57164
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57285
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57165
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57286
Source: unknown	Network traffic detected: HTTP traffic on port 57280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57160
Source: unknown	Network traffic detected: HTTP traffic on port 57221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57161
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57282
Source: unknown	Network traffic detected: HTTP traffic on port 57139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57311 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57207
Source: unknown	Network traffic detected: HTTP traffic on port 57197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57208
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57209
Source: unknown	Network traffic detected: HTTP traffic on port 57277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57203
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57213
Source: unknown	Network traffic detected: HTTP traffic on port 57174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57218
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57219
Source: unknown	Network traffic detected: HTTP traffic on port 57234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57215
Source: unknown	Network traffic detected: HTTP traffic on port 57107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57216
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57217
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57221
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57222
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57223
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57103
Source: unknown	Network traffic detected: HTTP traffic on port 57128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57224
Source: unknown	Network traffic detected: HTTP traffic on port 57074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57220
Source: unknown	Network traffic detected: HTTP traffic on port 57200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57185 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57229
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57109
Source: unknown	Network traffic detected: HTTP traffic on port 57256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57225
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57226
Source: unknown	Network traffic detected: HTTP traffic on port 57290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57227
Source: unknown	Network traffic detected: HTTP traffic on port 57233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57228
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57232
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57233
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57114
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57235
Source: unknown	Network traffic detected: HTTP traffic on port 57289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57231
Source: unknown	Network traffic detected: HTTP traffic on port 57035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57310 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57119
Source: unknown	Network traffic detected: HTTP traffic on port 57196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57236
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57116
Source: unknown	Network traffic detected: HTTP traffic on port 57140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57237
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57239
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57243
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57244
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57245
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57125
Source: unknown	Network traffic detected: HTTP traffic on port 57211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57246
Source: unknown	Network traffic detected: HTTP traffic on port 57024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57240
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57241
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57242
Source: unknown	Network traffic detected: HTTP traffic on port 57267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57096
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57099
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57093
Source: unknown	Network traffic detected: HTTP traffic on port 57075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57094
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57095
Source: unknown	Network traffic detected: HTTP traffic on port 57098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57241 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57091
Source: unknown	Network traffic detected: HTTP traffic on port 57276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57304 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57207 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57299 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57177
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57298
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57299
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57179
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57059
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57173
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57294
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57174
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57176
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57297
Source: unknown	Network traffic detected: HTTP traffic on port 57159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57290
Source: unknown	Network traffic detected: HTTP traffic on port 57302 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57314 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57170
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57291
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57171
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57292
Source: unknown	Network traffic detected: HTTP traffic on port 57136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57172
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57293
Source: unknown	Network traffic detected: HTTP traffic on port 57033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57297 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57188
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57067
Source: unknown	Network traffic detected: HTTP traffic on port 57286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57184
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57185
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57065
Source: unknown	Network traffic detected: HTTP traffic on port 57183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57062
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57183
Source: unknown	Network traffic detected: HTTP traffic on port 57265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57298 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57313 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57195
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57075
Source: unknown	Network traffic detected: HTTP traffic on port 57182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57196
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57197
Source: unknown	Network traffic detected: HTTP traffic on port 57044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57198
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57073
Source: unknown	Network traffic detected: HTTP traffic on port 57077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57194
Source: unknown	Network traffic detected: HTTP traffic on port 57220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57190
Source: unknown	Network traffic detected: HTTP traffic on port 57148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57088
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57083
Source: unknown	Network traffic detected: HTTP traffic on port 57137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57084
Source: unknown	Network traffic detected: HTTP traffic on port 57208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57080
Source: unknown	Network traffic detected: HTTP traffic on port 57250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57273 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57238 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57135 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57261 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57285 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57226 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57249 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57169 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57145 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57228 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57272 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57251 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57101 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57217 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57157 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57295 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57123 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57239 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57179 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57190 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57167 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:57054 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57055 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57091 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57126 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57287 version: TLS 1.2

Source: classification engine

Classification label: sus23.winPDF@39/83@11/5

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-28 01-40-58-389.log

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA

Jump to behavior

Source: unknown	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Legal Document (Vital Important).pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2088 --field-trial-handle=1620,i,3492531612034781886,6671070241087934824,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1988,i,11903440191422035078,3124090331478198123,262144 /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2088 --field-trial-handle=1620,i,3492531612034781886,6671070241087934824,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1988,i,11903440191422035078,3124090331478198123,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: Legal Document (Vital Important).pdf	Initial sample: PDF keyword /JS count = 0
Source: Legal Document (Vital Important).pdf	Initial sample: PDF keyword /JavaScript count = 0
Source: A91juzfw2_1hgrn6l_4yw.tmp.0.dr	Initial sample: PDF keyword /JS count = 0
Source: A91juzfw2_1hgrn6l_4yw.tmp.0.dr	Initial sample: PDF keyword /JavaScript count = 0

Source: Legal Document (Vital Important).pdf

Initial sample: PDF keyword stream count = 25

Source: Legal Document (Vital Important).pdf

Initial sample: PDF keyword /EmbeddedFile count = 0

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: PDF document	LLM: Page contains button: 'REVIEW COURT DOCUMENT' Source: 'PDF document'
Source: PDF document	LLM: PDF document contains prominent button: 'review court document'

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
85.214.3.151	get.hidrive.com	Germany	6724	STRATOSTRATOAGDE	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.196	www.google.com	United States	15169	GOOGLEUS	false
196.35.198.156	linkshield.synaq.com	South Africa	3741	ISZA	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
linkshield.synaq.com	196.35.198.156	true
get.hidrive.com	85.214.3.151	true
www.google.com	142.250.185.196	true
x1.i.lencr.org	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://get.hidrive.com/2a947e89d2e241121d6f.woff2	false	unknown
https://get.hidrive.com/assets/manifest.json	false	unknown
https://get.hidrive.com/473ad7094608f924460a.woff2	false	unknown
https://get.hidrive.com/bundle-cd0841a72d9fc9b59f08.css	false	unknown
https://get.hidrive.com/i/3qDJzHKv	false	unknown
https://get.hidrive.com/vendor-41d390767ba031263a65.js	false	unknown
https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt	false	unknown
https://get.hidrive.com/main-2a9d55d2c743ffce8209.js	false	unknown
https://get.hidrive.com/assets/android-chrome-144x144.png	false	unknown
https://get.hidrive.com/assets/favicon.ico	false	unknown
https://get.hidrive.com/api/3qDJzHKv/index	false	unknown
https://linkshield.synaq.com/scan/id/1t4J5R-0008jf-IF/ts/1729851047/cnf/98739490591342865/url/OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt	false	unknown
https://get.hidrive.com/144c3a3cc463b12046ef.jpg	false	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG	ASCII text	40347ED1C42C7CB30AF569CFC7A2C956	ADDA573B55C9FE6CC7A70E113C66E9A8E8DE366D	35E467585383E70CC395308CA939A7487D82EC6A7B9093D6EFA7F33FEE863ADC
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)	ASCII text	40347ED1C42C7CB30AF569CFC7A2C956	ADDA573B55C9FE6CC7A70E113C66E9A8E8DE366D	35E467585383E70CC395308CA939A7487D82EC6A7B9093D6EFA7F33FEE863ADC
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG	ASCII text	FB7C50EE05C70334D243D360F2234EAF	24243BA7AF28F1FDF7CB336C60107E3C05468940	ADBA0692BCB5408605C2E4D5C5ECE8A5A5FE073778D7A7EE7705858D15E08EF7
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)	ASCII text	FB7C50EE05C70334D243D360F2234EAF	24243BA7AF28F1FDF7CB336C60107E3C05468940	ADBA0692BCB5408605C2E4D5C5ECE8A5A5FE073778D7A7EE7705858D15E08EF7
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\54904465-82a5-4327-a51d-7b930ef8fe63.tmp	JSON data	ADB9676FD3D12CB560A93896B7167E04	D8A3F2174856184184C36FE0D2F116B122CFA0B7	B715501829C17A8FB05D05DE7F882B2F7DA158B04D5119DB5C44D24F4E03318B
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)	JSON data	ADB9676FD3D12CB560A93896B7167E04	D8A3F2174856184184C36FE0D2F116B122CFA0B7	B715501829C17A8FB05D05DE7F882B2F7DA158B04D5119DB5C44D24F4E03318B
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log	data	60FB7C09144F1FA5E03E6F089E251B2A	3E66E40761AD654B385D66784DB248D0F01BDA01	815C7E57EE283733C48DE55C8CB5AC14448F008D4813E1CD7F53A6BD026C761C
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG	ASCII text	03BF4EBC715630C3388EDCD52A7F3711	B58DC4912E9006E9C2CB677B426B2A0116EEEF32	40A8BDC63214218701F7CC0D864852A11418248083CA8CB30B99FA8EF8971A42
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)	ASCII text	03BF4EBC715630C3388EDCD52A7F3711	B58DC4912E9006E9C2CB677B426B2A0116EEEF32	40A8BDC63214218701F7CC0D864852A11418248083CA8CB30B99FA8EF8971A42
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241028054100Z-158.bmp	PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54	4ED92151CDFF7EFACF2C82DFAEC6696C	460589888090D190B9D86B51B3AD93145FDAC9BA	5CD128100D29F54F3F32753F21D94DE682F9255360C4F6B6A2471C570F1A7440
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages	SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 15	0798FF710F9E8C405169FC7C8E32C4B5	A0D97BD4F210EC55382AA80B517E98019D8E357A	8C1B016E39EC6EEEFE2C6B48C1197DB422489C35C4B4D6A35F43709F5AD74CDD
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal	SQLite Rollback Journal	548732FE64A2B307C8FA65EC8284A95F	526C9FD428EAFE6CF1D615148C9DB27FB5993A62	DA68B8500E4B4A4122D743A367DDB8390B11BB54F1859B673AA3DCAE5CC262F7
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D	Certificate, Version=3	0CD2F9E0DA1773E9ED864DA5E370E74E	CABD2A79A1076A31F21D253635CB039D4329A5E8	96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression	49AEBF8CBD62D92AC215B2923FB1B9F5	1723BE06719828DDA65AD804298D0431F6AFF976	B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D	data	1C9DD6FEE47F9C1389CCA1936C6545A5	3764446870712D91781E74F52240681BFD178009	B999137A5D131CED97EE2A73C44A3F0C6180BCABE8294DD6A89C5C1618F43BED
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	B673410288887E2E70628544232E1159	133AAA330DBCF3753F37055A1CF31D9DD9FD1449	5465A1038687B1A76F4E08A2DD1AC9CB7985B0845C708BA5276670DF5F2355BD
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6440	PostScript document text	94185C5850C26B3C6FC24ABC385CDA58	42F042285037B0C35BC4226D387F88C770AB5CAA	1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)	PostScript document text	94185C5850C26B3C6FC24ABC385CDA58	42F042285037B0C35BC4226D387F88C770AB5CAA	1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat	data	F5567C4FF4AB049B696D3BE0DD72A793	EBEADDE9FF0AF2C201A5F7CC747C9EA61CFA6916	D8DBFE71873929825A420F73821F3FF0254D51984FAAA82E1B89D31188F77C04
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID	JSON data	5806FA93FFFCEA213BCB3F8DB4C9ED32	9744C6A27CE68798860A5EFE097876665726E23D	A7D335D37FB1355EB7062A7663428A1C0CC58567A79BE40FE5A70F4C92B89CE4
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface	JSON data	88938AFB8FA5FDF57CB2EC4813302161	8F799F5C8741509B484FE1C1E0BCE48E97816B64	BD01852F32543ABF90C11B015FFBD2BE3BDA1E9F87680B46C19E33DD5C4E65D8
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface	JSON data	B0F4D7DEB32751E57E19D7BE79E70FE5	B170B7B1E90E8533699B7F3D6FE824D692BB491C	7BF8AB8736B10DCE83D0977DC6019CA03AAA5718E5C0D2F6C1DD16AC5D558C27
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD	JSON data	AF1914E8C67AC14137E56C1D8DC0CEB3	C29D2E01C64964138829473F15F7EF606A6B7F91	DFB132F125D755B61D43DE56D23138F07DAB7C75D16F673CEBC72EB5E019FBEF
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner	JSON data	6634F86EF4C09878F5B284B801F5C94D	F8582354B2D3D737BCAD097840B78F9739E27E9D	7CF24D4F57F21151D104E4E6C03F153F61995ED1FFA4FC51CF220061358C7FDC
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner	JSON data	B928104A77DE2C830F419D7D6C9212E6	CC141185D2C0D3B1D2442E381B13F30C332FBCB4	456413D2DA1DEDC78E42A14639101318D0E5C34D6FABAE1D09ED4CEF35C73F0A
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention	JSON data	7ABC3A39D33AD67B73BC2E9E59E45638	397B9F32A0ECC866B15F18F65697A7D56CB134EC	F968DF97ECE601E29EBCFE2C70E4099F56CB35B6D1F37F3351A584B06CCAAD75
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner	JSON data	8337F00A8446BE8CA05CE356AC01C8EA	CCFFF6AF33B600F5F35A6EAFC50710437700D27D	B01EF2F036DDE51B8AA63B3DFDE1353D2184952579C4045AE3D2E0757792540B
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner	JSON data	7B8FE1B7EB4846AC22C88089D7B4932D	2CC121D6F4605856822C3B272B64F197A1105505	B19E7141AF6FFD4751DE30184A09BBF9E9665036C2C3A14CEFFD0CBAF9EDAA73
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner	JSON data	5625F756A86199F153C573B7C5C23E93	F6BEF8D1743BF69EEA77BC524429426E2CDF8233	43FDF26AE722B15F21B169DB9868012F52A8F7DBEF108B0958F86CDD85DD070E
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner	JSON data	204F5767F3A78C39961774162EE15528	10F1557D2DCCEC56C5BDCB19A81FD40CFC6CC5EA	9266E506756384530511537EB069BE043EB9FAC6DDAB24C1C470A195D6E76021
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner	JSON data	967BFA6FD4547BDDCBA9B0C73CA66926	997AB74815C1F41491316A441F07DC01C61E014C	3E21A7EC2C5B5B0A6E6B49CA0B28F37C1882087D77B9621826B3ACC5216BBA4B
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention	JSON data	E97336993C6A4C913F989E5332F49460	829BC87382961571D49E7FC0CFD19EBC3A0C62B7	C1E2691C6AD82D9C5C20DBE33C0553267202E945401842316A767F24B29140AD
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner	JSON data	2E7D73EA9E5574D24104E511C3BA3B73	0608878EEE5DA95AB9C95FA40ADEAD3927D332CD	C723D0D825AEA7F0228BCF12544CEF383086E7315D4C885E144CE874F8E494EC
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards	JSON data	5E4416AAA968A7541763F62791D43965	205737310CFD6DB6393CD43C458A3A027772C237	5CD7C03A99529A5F4723BC9871E84130C98688E48EFF670519F7CEB468F17226
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020	JSON data	BF3FA83403FBA70ABA24CFA61D717ED1	9BA2E7A384DE5977977032BD311382C09A56695A	24839802D232B331EE19EC3EB2C4F64D9AF7ABE672E2793447C0748E09F77EE3
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING	data	DC84B0D741E5BEAE8070013ADDCC8C28	802F4A6A20CBF157AAF6C4E07E4301578D5936A2	81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json	JSON data	A1ACEF39CE0BBDF838F0FCB5A6FD1FE7	08F20A12F7978BEFC1E0C2134826C105F58D788F	C2C3EC59233FC96FF056CE0DA7697F66DFBD96754CF266DEE109E0D352B2042F
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents	SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 25	B14C151AD057B61F2FAB5B7671E133C3	A69A3E3F09BA28B67DEDECB5A7DF6C0AA6EF2BA4	8AC8236FA9AF7DD92E5067FEBA0F5AB359A0E7E23B5504CFA5A0FB26CF6AC582
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal	SQLite Rollback Journal	39DE0A3C21C4654D41649FA33FAC7BAF	1009792F1A790C2827CD869CCEE104F0193E0EFF	FBDEADB41A7D06B17E7C8377BD1E169750ED49D2D0FE66360279ED96C55D7A4F
C:\Users\user\AppData\Local\Temp\MSIcf5ad.LOG	Unicode text, UTF-16, little-endian text, with CRLF line terminators	769922C383BB30ECD2FEFB10ADB8879A	A93764E06D2E48C34D2E490884D0720D2AEB59FB	8613A6F235C3CF3D676D19B361C25FF557011DBB9243BEA3FC277E171B42206D
C:\Users\user\AppData\Local\Temp\acrobat_sbx\A91juzfw2_1hgrn6l_4yw.tmp	PDF document, version 1.6, 0 pages	20B0C933A0B06AD238EE8C37AB41C87A	1ADE1F68D7D3977A91CD06231A0ED7336C419436	D06DC865F715D22CCA33977FCD311D6E9665E9E14F1DC0DA9BAB8FA9F2467DEE
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-28 01-40-58-389.log	ASCII text, with very long lines (393)	8947C10F5AB6CFFFAE64BCA79B5A0BE3	70F87EEB71BA1BE43D2ABAB7563F94C73AB5F778	4F3449101521DA7DF6B58A2C856592E1359BA8BD1ACD0688ECF4292BA5388485
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log	ASCII text, with very long lines (393), with CRLF line terminators	3AD144F49D6C9CB33E38B2631EF8536C	3CE9548F6C5D4A2D2DBA9AFB1F0832E49A8DB693	6F4E50ECB1E7B8C2175FCC7A648DDED24CB5BCFAC3635389A743F717417766EE
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt	ASCII text, with CRLF line terminators	BD950640F68BE4A1FE50F130B765D9D3	FFF9D8C5F88EDE6B8E4E553FCC7B317BA2B150AF	EA71AA71381ADF9914BC008760DE5B23551D6F47883E19FADB49C233A15874DC
C:\Users\user\AppData\Local\Temp\acrocef_low\22d9c646-66aa-4113-bd2b-32de9f48cdef.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538	3A49135134665364308390AC398006F1	28EF4CE5690BF8A9E048AF7D30688120DAC6F126	D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
C:\Users\user\AppData\Local\Temp\acrocef_low\3137ddae-0ebd-4d80-ba10-0a0979eb9ed5.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142	18E3D04537AF72FDBEB3760B2D10C80E	B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC	BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4
C:\Users\user\AppData\Local\Temp\acrocef_low\c91e73bb-4d95-4fff-904f-5120eff1325e.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081	A0CFC77914D9BFBDD8BC1B1154A7B364	54962BFDF3797C95DC2A4C8B29E873743811AD30	81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685
C:\Users\user\AppData\Local\Temp\acrocef_low\cf933115-2503-49bf-8d71-3d77a1041a7e.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022	5C48B0AD2FEF800949466AE872E1F1E2	337D617AE142815EDDACB48484628C1F16692A2F	F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
Chrome Cache Entry: 196	Web Open Font Format (Version 2), TrueType, length 14440, version 1.0	FF9D619B59F5CB3529B100448F398AC5	F821770AF8DCAC25FD51B691BE779FB56DDE7783	A42F2EC73409F2753EF17D737714C86303FA45FC3A3D484A9B0C8ED28EF0FD6B
Chrome Cache Entry: 197	ASCII text, with very long lines (65451)	0BC9DB15DAF7B4CDE83F6BF7901534B7	C91FE6CB208D5C6CEA6E48D717FA86F2FD3998EC	C042A01D31BF3D38F5602D756EC03C222A2B6856F040DF8DC89D6430CE575D3F
Chrome Cache Entry: 198	PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced	6AC056CCBD643DF564CA72434EAF39D9	7F21BD77781D8C85A0BD6BA6D03DB0375DA575AC	E76E7AED4E183A8D373686769778A9C8DD38D332931C72889C5CED16D0118767
Chrome Cache Entry: 199	JSON data	406DE3EC39E0285053FC137B941FBE4D	390DEA168B6AA92D9B9672B84D4C16510F9B52D1	75F807A9D3697E903EBF9386FFEF0FFE8B905F7A660E25258EFBB1CE8EE359DB
Chrome Cache Entry: 200	ASCII text, with very long lines (65451)	0BC9DB15DAF7B4CDE83F6BF7901534B7	C91FE6CB208D5C6CEA6E48D717FA86F2FD3998EC	C042A01D31BF3D38F5602D756EC03C222A2B6856F040DF8DC89D6430CE575D3F
Chrome Cache Entry: 201	PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced	6AC056CCBD643DF564CA72434EAF39D9	7F21BD77781D8C85A0BD6BA6D03DB0375DA575AC	E76E7AED4E183A8D373686769778A9C8DD38D332931C72889C5CED16D0118767
Chrome Cache Entry: 202	HTML document, Unicode text, UTF-8 text, with very long lines (9552)	2E952CCC407CA8A7B68376D6F659D117	357D68DD627370663EF781F4A3043AC410B5BEFA	7B2AC9903AB4A6F5C4F8698FC8E3050ADB0132B1BB055FC3826646345341A422
Chrome Cache Entry: 203	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2500x1666, components 3	74E893BB13358AB909B716FD7026BFE9	43489BDE8F1978B75DFF170D3B3ED9836D3219CF	9194CA89B95E4877EE775EE42D8DC851635D804A7BD9D3F01A34FCFDD7E778FB
Chrome Cache Entry: 204	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2500x1666, components 3	74E893BB13358AB909B716FD7026BFE9	43489BDE8F1978B75DFF170D3B3ED9836D3219CF	9194CA89B95E4877EE775EE42D8DC851635D804A7BD9D3F01A34FCFDD7E778FB
Chrome Cache Entry: 205	ASCII text, with no line terminators	A8FDF8C72CE87B749B03C1B1909005A8	55992AAD23A1C89EC652A01FBCB4FA52BECFFC29	55113B8F496DBC7B0FF17EED9239EA85E57A7DA07CF6B58FBF9C5C4B8BD7EB41
Chrome Cache Entry: 206	MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel	4A0F41F83EB563C36D0D028D356D95B0	8ED4411530E600D5E22FF6F2273C681ECEC6CC39	6920012F17CCF77DEC688CE966E970F9E25218DA3647D3604869975BE800E0F9
Chrome Cache Entry: 207	assembler source, ASCII text, with very long lines (2378)	7F13E004C0D8108C00939B3670B0A534	7C9EA198F7EAA31E584D8C27B7B8CAE39C3DBAF2	6E9B3547B860970F9BCB1DEBC05EE7ACC118BE2B3C556B71B6BAA3C4F0E0E3B6
Chrome Cache Entry: 208	JSON data	F8C0C639A0C971559497742BC577C474	0BC6DDDBB745798B5F6342D455CD527120E155BF	D7DD8CA5158520FB2FA18FCAD604C28F82C00F8CFB9277976843B719BB9A4270
Chrome Cache Entry: 209	Unicode text, UTF-8 text, with very long lines (64994), with no line terminators	15AC2FD8FA78EAEF655C085F4AA25317	9B21B2244F72DB978E6C0CEF73AAE4D745E34107	769A4928B62AA902C161855B5D8B62FD24D34ACCAC9599CB6B64A43BE9ACA8C5
Chrome Cache Entry: 210	HTML document, Unicode text, UTF-8 text, with very long lines (32012)	01ADF243708FC2B844C1F47D42D3F424	F5D980601E145372746C970A638A072803E933AF	04D091557858C52336CA1AB77B0F209E89A98410B680C2BB4DEFB67333975ED6
Chrome Cache Entry: 211	MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel	4A0F41F83EB563C36D0D028D356D95B0	8ED4411530E600D5E22FF6F2273C681ECEC6CC39	6920012F17CCF77DEC688CE966E970F9E25218DA3647D3604869975BE800E0F9
Chrome Cache Entry: 212	JSON data	7B385074DA775478A9965E80E46BF846	22EF052B84DE445215E1B3CF4F9FACE9F2EC83A9	0AEDB187836AAD954848B7D391433C702F8740693BD150DCCE4273088E8A9DF4
Chrome Cache Entry: 213	Unicode text, UTF-8 text, with very long lines (64994), with no line terminators	15AC2FD8FA78EAEF655C085F4AA25317	9B21B2244F72DB978E6C0CEF73AAE4D745E34107	769A4928B62AA902C161855B5D8B62FD24D34ACCAC9599CB6B64A43BE9ACA8C5
Chrome Cache Entry: 214	Web Open Font Format (Version 2), TrueType, length 14956, version 1.0	4334C2753FF9F057D9DE926E66882C9E	36352B82F41B8DE16636E5DEE0C52CC70EF56080	C298433CC9EB86F4C0BE0A447B0FAF398DEE9186D2BCF26683297DE2758CDDC7
Chrome Cache Entry: 215	JSON data	8673233BF25F64B9CEE22CF45E7265DA	14C85B3F8A1A9A5F72F07B16BA063B60B4D410CA	7C1DD96A0AC1B26A8D9E305A4B3C25F315830C6E88D95603758EFA3D13E179BE
Chrome Cache Entry: 216	JSON data	634D61C284AF7A7C7FF33F89ABBCD4B0	851F4C004EF5AABE20E311BC44360AB541046E77	2FF6BB9496EC372C0F687514C578A68B81F25E203247265546EED24DD69B1622

HTML body contains low number of good links

Source: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden javascript code

Source: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt

HTTP Parser: <input type="password" .../> found

Source: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:57054 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57055 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57091 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57126 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57287 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:57019 -> 1.1.1.1:53

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 85.214.3.151 85.214.3.151
Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.45

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=r+tw2EMu+eKkZXW&MD=BrcNGuyO HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt HTTP/1.1Host: linkshield.synaq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scan/id/1t4J5R-0008jf-IF/ts/1729851047/cnf/98739490591342865/url/OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt HTTP/1.1Host: linkshield.synaq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEttAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/3qDJzHKv HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://linkshield.synaq.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scan/id/1t4J5R-0008jf-IF/ts/1729851047/cnf/98739490591342865/url/OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt HTTP/1.1Host: linkshield.synaq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendor-41d390767ba031263a65.js HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundle-cd0841a72d9fc9b59f08.css HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main-2a9d55d2c743ffce8209.js HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vendor-41d390767ba031263a65.js HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main-2a9d55d2c743ffce8209.js HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /473ad7094608f924460a.woff2 HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://get.hidrive.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://get.hidrive.com/bundle-cd0841a72d9fc9b59f08.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2a947e89d2e241121d6f.woff2 HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://get.hidrive.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://get.hidrive.com/bundle-cd0841a72d9fc9b59f08.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/3qDJzHKv/index HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /144c3a3cc463b12046ef.jpg HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/3qDJzHKv/index HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/manifest.json HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /144c3a3cc463b12046ef.jpg HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/android-chrome-144x144.png HTTP/1.1Host: get.hidrive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://get.hidrive.com/i/3qDJzHKvAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/android-chrome-144x144.png HTTP/1.1Host: get.hidrive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=r+tw2EMu+eKkZXW&MD=BrcNGuyO HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: x1.i.lencr.org
Source: global traffic	DNS traffic detected: DNS query: linkshield.synaq.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: get.hidrive.com

Source: 77EC63BDA74BD0D0E0426DC8F80085060.1.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: 2D85F72862B55C4EADD9E66E06947F3D0.1.dr	String found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_202.10.dr	String found in binary or memory: https://get.hidrive.com
Source: chromecache_210.10.dr	String found in binary or memory: https://get.hidrive.com/i/3qDJzHKv
Source: chromecache_210.10.dr	String found in binary or memory: https://get.hidrive.com/i/3qDJzHKv"
Source: chromecache_210.10.dr	String found in binary or memory: https://securemail.synaq.com/message_listing?message_list_direction=0&id=1t4J5R-0008jf-IF
Source: chromecache_202.10.dr	String found in binary or memory: https://share.hidrive.com
Source: chromecache_202.10.dr	String found in binary or memory: https://share.hidrive.com/assets/android-chrome-256x256.png
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0010
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0011
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0012
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0013
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0020
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0021
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0022
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0023
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0030
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0031
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0032
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0033
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0040
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0041
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0042
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0043
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0050
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0051
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0052
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0053
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0060
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0061
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0062
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0063
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0070
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0071
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0072
Source: chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/0073
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1010
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1011
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1012
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1013
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1014
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1020
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1021
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1022
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1023
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1024
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1030
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1031
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1032
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1033
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1034
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1040
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1041
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1042
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1043
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1044
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1050
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1051
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1052
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1053
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1054
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1060
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1061
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1062
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1063
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1064
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1070
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1072
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1073
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1074
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1101
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1111
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1121
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1131
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1141
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1151
Source: chromecache_209.10.dr, chromecache_213.10.dr	String found in binary or memory: https://static.hidrive.com/share/1161
Source: chromecache_210.10.dr	String found in binary or memory: https://www.synaq.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 57141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 57187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57247
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57248
Source: unknown	Network traffic detected: HTTP traffic on port 57106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57249
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57129
Source: unknown	Network traffic detected: HTTP traffic on port 57129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57254
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57134
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57255
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57136
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57250
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57130
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57251
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57131
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57132
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57253
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 57209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57312 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57198 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57138
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57139
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57023
Source: unknown	Network traffic detected: HTTP traffic on port 57095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57145
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57146
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57147
Source: unknown	Network traffic detected: HTTP traffic on port 57152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57268
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57263
Source: unknown	Network traffic detected: HTTP traffic on port 57301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57143
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57260
Source: unknown	Network traffic detected: HTTP traffic on port 57244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57148
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57149
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57034
Source: unknown	Network traffic detected: HTTP traffic on port 57130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57155
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57156
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57036
Source: unknown	Network traffic detected: HTTP traffic on port 57096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57157
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57037
Source: unknown	Network traffic detected: HTTP traffic on port 57153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57279
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57151
Source: unknown	Network traffic detected: HTTP traffic on port 57210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57272
Source: unknown	Network traffic detected: HTTP traffic on port 57073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57273
Source: unknown	Network traffic detected: HTTP traffic on port 57300 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57153
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57154
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57275
Source: unknown	Network traffic detected: HTTP traffic on port 57243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57270
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57150
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57271
Source: unknown	Network traffic detected: HTTP traffic on port 57186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57045
Source: unknown	Network traffic detected: HTTP traffic on port 57105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57166
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57167
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57168
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57169
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57162
Source: unknown	Network traffic detected: HTTP traffic on port 57175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57283
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57163
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57284
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57164
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57285
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57165
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57286
Source: unknown	Network traffic detected: HTTP traffic on port 57280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57160
Source: unknown	Network traffic detected: HTTP traffic on port 57221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57161
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57282
Source: unknown	Network traffic detected: HTTP traffic on port 57139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57311 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57207
Source: unknown	Network traffic detected: HTTP traffic on port 57197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57208
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57209
Source: unknown	Network traffic detected: HTTP traffic on port 57277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57203
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57213
Source: unknown	Network traffic detected: HTTP traffic on port 57174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57218
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57219
Source: unknown	Network traffic detected: HTTP traffic on port 57234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57215
Source: unknown	Network traffic detected: HTTP traffic on port 57107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57216
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57217
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57221
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57222
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57223
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57103
Source: unknown	Network traffic detected: HTTP traffic on port 57128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57224
Source: unknown	Network traffic detected: HTTP traffic on port 57074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57220
Source: unknown	Network traffic detected: HTTP traffic on port 57200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57185 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57229
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57109
Source: unknown	Network traffic detected: HTTP traffic on port 57256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57225
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57226
Source: unknown	Network traffic detected: HTTP traffic on port 57290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57227
Source: unknown	Network traffic detected: HTTP traffic on port 57233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57228
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57232
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57233
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57114
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57235
Source: unknown	Network traffic detected: HTTP traffic on port 57289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57231
Source: unknown	Network traffic detected: HTTP traffic on port 57035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57310 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57119
Source: unknown	Network traffic detected: HTTP traffic on port 57196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57236
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57116
Source: unknown	Network traffic detected: HTTP traffic on port 57140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57237
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57239
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57243
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57244
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57245
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57125
Source: unknown	Network traffic detected: HTTP traffic on port 57211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57246
Source: unknown	Network traffic detected: HTTP traffic on port 57024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57240
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57241
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57242
Source: unknown	Network traffic detected: HTTP traffic on port 57267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57096
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57099
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57093
Source: unknown	Network traffic detected: HTTP traffic on port 57075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57094
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57095
Source: unknown	Network traffic detected: HTTP traffic on port 57098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57241 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57091
Source: unknown	Network traffic detected: HTTP traffic on port 57276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57304 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57207 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57299 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57177
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57298
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57299
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57179
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57059
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57173
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57294
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57174
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57176
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57297
Source: unknown	Network traffic detected: HTTP traffic on port 57159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57290
Source: unknown	Network traffic detected: HTTP traffic on port 57302 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57314 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57170
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57291
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57171
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57292
Source: unknown	Network traffic detected: HTTP traffic on port 57136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57172
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57293
Source: unknown	Network traffic detected: HTTP traffic on port 57033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57297 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57188
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57067
Source: unknown	Network traffic detected: HTTP traffic on port 57286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57184
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57185
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57065
Source: unknown	Network traffic detected: HTTP traffic on port 57183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57062
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57183
Source: unknown	Network traffic detected: HTTP traffic on port 57265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57298 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57313 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57195
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57075
Source: unknown	Network traffic detected: HTTP traffic on port 57182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57196
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57197
Source: unknown	Network traffic detected: HTTP traffic on port 57044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57198
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57073
Source: unknown	Network traffic detected: HTTP traffic on port 57077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57194
Source: unknown	Network traffic detected: HTTP traffic on port 57220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57190
Source: unknown	Network traffic detected: HTTP traffic on port 57148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57088
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57083
Source: unknown	Network traffic detected: HTTP traffic on port 57137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57084
Source: unknown	Network traffic detected: HTTP traffic on port 57208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57080
Source: unknown	Network traffic detected: HTTP traffic on port 57250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57273 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57238 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57135 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57261 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57285 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57226 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57249 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57169 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57145 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57228 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57272 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57251 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57101 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57217 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57157 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57295 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57123 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57239 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57179 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57190 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57167 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:57054 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57055 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57091 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57126 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57287 version: TLS 1.2

Source: classification engine

Classification label: sus23.winPDF@39/83@11/5

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-28 01-40-58-389.log

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA

Jump to behavior

Source: unknown	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Legal Document (Vital Important).pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2088 --field-trial-handle=1620,i,3492531612034781886,6671070241087934824,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://linkshield.synaq.com/link?id=1t4J5R-0008jf-IF&ts=1729851047&cnf=98739490591342865&url=OfkDbmYYcm_9xQjF_wQzcURK2_8CSEtt"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1988,i,11903440191422035078,3124090331478198123,262144 /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2088 --field-trial-handle=1620,i,3492531612034781886,6671070241087934824,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1988,i,11903440191422035078,3124090331478198123,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: Legal Document (Vital Important).pdf	Initial sample: PDF keyword /JS count = 0
Source: Legal Document (Vital Important).pdf	Initial sample: PDF keyword /JavaScript count = 0
Source: A91juzfw2_1hgrn6l_4yw.tmp.0.dr	Initial sample: PDF keyword /JS count = 0
Source: A91juzfw2_1hgrn6l_4yw.tmp.0.dr	Initial sample: PDF keyword /JavaScript count = 0

Source: Legal Document (Vital Important).pdf

Initial sample: PDF keyword stream count = 25

Source: Legal Document (Vital Important).pdf

Initial sample: PDF keyword /EmbeddedFile count = 0

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: PDF document	LLM: Page contains button: 'REVIEW COURT DOCUMENT' Source: 'PDF document'
Source: PDF document	LLM: PDF document contains prominent button: 'review court document'

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

ID:	1543565
Product:	CloudBasic
Start time:	06:40:03
Start date:	28.10.2024
Sample:	Legal Document (Vital Important).pdf
Cookbook:	defaultwindowspdfcookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	bbdb184f5e47888af09df8af8f4e3a4a
SHA1:	8e95ea4b1a3a2bf2c8b0bfe37ed510de9c4bef61
SHA256:	1d202a350c52fc9203e20552c0b4b4b5b1af9f0ada47281b19246aa4976fc56f
Filetype:	Adobe Portable Document Format (5005/1) 100.00%

Windows Analysis Report
Legal Document (Vital Important).pdf

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report Legal Document (Vital Important).pdf

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
Legal Document (Vital Important).pdf