Windows Analysis Report
https://massgrave.dev/get

Overview

General Information

Sample URL: https://massgrave.dev/get
Analysis ID: 1544860
Infos:

Detection

Score: 48
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Yara detected Powershell download and execute
Detected non-DNS traffic on DNS port

Classification

Source: https://massgrave.dev/get.ps1 HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.43:443 -> 192.168.2.4:57498 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.43:443 -> 192.168.2.4:57597 version: TLS 1.2
Detected non-DNS traffic on DNS port
Source: global traffic TCP traffic: 192.168.2.4:57497 -> 1.1.1.1:53
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET /get HTTP/1.1Host: massgrave.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /get.ps1 HTTP/1.1Host: massgrave.devConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: massgrave.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://massgrave.dev/get.ps1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic DNS traffic detected: DNS query: massgrave.dev
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: unknown HTTP traffic detected: POST /report/v4?s=vPTY0xFb3CBGMjuhF3E8dI7qHK%2BzbUneS1j45ngcVEvIjoNdt6Q5uaQRy4vsxM0XbCQGPCM3M9V29C95EBzXR3dUzzsP76dXF2zLokd%2Fcp3DAFdDHGfKMDL6FUhsK6om HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 422Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 29 Oct 2024 18:32:36 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *Cache-Control: no-storereferrer-policy: strict-origin-when-cross-originx-content-type-options: nosniffReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPTY0xFb3CBGMjuhF3E8dI7qHK%2BzbUneS1j45ngcVEvIjoNdt6Q5uaQRy4vsxM0XbCQGPCM3M9V29C95EBzXR3dUzzsP76dXF2zLokd%2Fcp3DAFdDHGfKMDL6FUhsK6om"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-EncodingCF-Cache-Status: BYPASSStrict-Transport-Security: max-age=15552000; includeSubDomains; preloadServer: cloudflareCF-RAY: 8da53fcbbfeb2cd5-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1364&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2812&recv_bytes=1167&delivery_rate=2101596&cwnd=251&unsent_bytes=0&cid=a0388e88c6136cfd&ts=239&x=0"
Source: chromecache_40.2.dr String found in binary or memory: https://dev.azure.com/massgrave/Microsoft-Activation-Scripts/_apis/git/repositories/Microsoft-Activa
Source: chromecache_40.2.dr String found in binary or memory: https://get.activated.win
Source: chromecache_40.2.dr String found in binary or memory: https://git.activated.win/massgrave/Microsoft-Activation-Scripts/raw/commit/52d4c52dba8e29a3c1fb295c
Source: chromecache_40.2.dr String found in binary or memory: https://massgrave.dev/get
Source: chromecache_40.2.dr String found in binary or memory: https://massgrave.dev/troubleshoot
Source: chromecache_40.2.dr String found in binary or memory: https://raw.githubusercontent.com/massgravel/Microsoft-Activation-Scripts/52d4c52dba8e29a3c1fb295c89
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 57594 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57571 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57622 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57513 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57645 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57536 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57498
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57499
Source: unknown Network traffic detected: HTTP traffic on port 57559 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown Network traffic detected: HTTP traffic on port 57616 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 57507 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57639 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57656 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57547 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown Network traffic detected: HTTP traffic on port 57576 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57530 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57604 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57582 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57565 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57611 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57502 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57657 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57577 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57554 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57628 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57640 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57609 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57560 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57583 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57541 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57501 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57524 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57599 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57662 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57518 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57623 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57535 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57588 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57529 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57617 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57634 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57651 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57598 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57569 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57575 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57552 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57603 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57566
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57567
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57568
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57569
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57573
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57574
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57575
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57576
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57570
Source: unknown Network traffic detected: HTTP traffic on port 57581 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57571
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57572
Source: unknown Network traffic detected: HTTP traffic on port 57612 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57543 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57503 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57520 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57635 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57652 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57526 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57593 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57498 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57577
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57578
Source: unknown Network traffic detected: HTTP traffic on port 57646 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57579
Source: unknown Network traffic detected: HTTP traffic on port 57608 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57629 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57584
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57585
Source: unknown Network traffic detected: HTTP traffic on port 57537 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57586
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57587
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57580
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57581
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57582
Source: unknown Network traffic detected: HTTP traffic on port 57586 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57558 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57583
Source: unknown Network traffic detected: HTTP traffic on port 57548 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57525 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57630 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57592 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57531 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57663 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57588
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57589
Source: unknown Network traffic detected: HTTP traffic on port 57647 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57624 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57595
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57596
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57597
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57598
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57591
Source: unknown Network traffic detected: HTTP traffic on port 57587 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57592
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57593
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57594
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57590
Source: unknown Network traffic detected: HTTP traffic on port 57618 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57658 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57570 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57553 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57602 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57599
Source: unknown Network traffic detected: HTTP traffic on port 57641 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57514 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57542 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57613 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57508 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown Network traffic detected: HTTP traffic on port 57607 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57526
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57647
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57527
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57648
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57528
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57649
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57529
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57522
Source: unknown Network traffic detected: HTTP traffic on port 57533 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57643
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57523
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57644
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57524
Source: unknown Network traffic detected: HTTP traffic on port 57642 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57645
Source: unknown Network traffic detected: HTTP traffic on port 57499 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57510 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57525
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57646
Source: unknown Network traffic detected: HTTP traffic on port 57585 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57650
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57530
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57651
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57531
Source: unknown Network traffic detected: HTTP traffic on port 57562 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57652
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57532
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57653
Source: unknown Network traffic detected: HTTP traffic on port 57597 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57551 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57568 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57537
Source: unknown Network traffic detected: HTTP traffic on port 57625 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57658
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57538
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57659
Source: unknown Network traffic detected: HTTP traffic on port 57516 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57539
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57533
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57654
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57534
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57655
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57535
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57656
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57536
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57657
Source: unknown Network traffic detected: HTTP traffic on port 57660 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57540
Source: unknown Network traffic detected: HTTP traffic on port 57619 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57661
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57541
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57662
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57542
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57663
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57543
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57660
Source: unknown Network traffic detected: HTTP traffic on port 57579 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57527 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57544 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57653 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57636 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57596 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57548
Source: unknown Network traffic detected: HTTP traffic on port 57601 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57549
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57544
Source: unknown Network traffic detected: HTTP traffic on port 57515 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57545
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57546
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57547
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57551
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57552
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57553
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57554
Source: unknown Network traffic detected: HTTP traffic on port 57509 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57557 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57538 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57550
Source: unknown Network traffic detected: HTTP traffic on port 57637 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57614 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57654 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57606 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57631 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57549 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57574 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57559
Source: unknown Network traffic detected: HTTP traffic on port 57591 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57648 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57555
Source: unknown Network traffic detected: HTTP traffic on port 57532 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57556
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57557
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57558
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57562
Source: unknown Network traffic detected: HTTP traffic on port 57620 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57563
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57565
Source: unknown Network traffic detected: HTTP traffic on port 57563 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57560
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57561
Source: unknown Network traffic detected: HTTP traffic on port 57580 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57659 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57521 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57504 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57500 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57632 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57523 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57655 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57607
Source: unknown Network traffic detected: HTTP traffic on port 57546 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57608
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57609
Source: unknown Network traffic detected: HTTP traffic on port 57517 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57603
Source: unknown Network traffic detected: HTTP traffic on port 57649 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57604
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57605
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57606
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57600
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57601
Source: unknown Network traffic detected: HTTP traffic on port 57661 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57602
Source: unknown Network traffic detected: HTTP traffic on port 57626 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57566 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57578 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57572 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57618
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57619
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57614
Source: unknown Network traffic detected: HTTP traffic on port 57555 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57615
Source: unknown Network traffic detected: HTTP traffic on port 57589 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57600 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57616
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57617
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57610
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57611
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57612
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57613
Source: unknown Network traffic detected: HTTP traffic on port 57643 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57512 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57561 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57620
Source: unknown Network traffic detected: HTTP traffic on port 57506 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57540 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57615 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57573 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57550 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57605 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57508
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57629
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57509
Source: unknown Network traffic detected: HTTP traffic on port 57567 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57504
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57625
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57505
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57626
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57506
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57627
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57507
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57628
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57500
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57621
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57501
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57622
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57502
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57623
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57503
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57624
Source: unknown Network traffic detected: HTTP traffic on port 57621 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57630
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57510
Source: unknown Network traffic detected: HTTP traffic on port 57534 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57631
Source: unknown Network traffic detected: HTTP traffic on port 57505 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57650 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57528 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57522 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57633 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57610 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57545 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57595 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57515
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57636
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57516
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57637
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57517
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57638
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57518
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57639
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57511
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57632
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57512
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57633
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57513
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57634
Source: unknown Network traffic detected: HTTP traffic on port 57511 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57514
Source: unknown Network traffic detected: HTTP traffic on port 57627 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57635
Source: unknown Network traffic detected: HTTP traffic on port 57644 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57640
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57520
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57641
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57521
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57642
Source: unknown Network traffic detected: HTTP traffic on port 57539 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57556 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57590 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57584 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57638 -> 443
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.43:443 -> 192.168.2.4:57498 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.43:443 -> 192.168.2.4:57597 version: TLS 1.2
Source: classification engine Classification label: mal48.evad.win@16/2@6/5
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 --field-trial-handle=2372,i,12420559780093315104,12576080289001828152,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://massgrave.dev/get"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 --field-trial-handle=2372,i,12420559780093315104,12576080289001828152,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected

HIPS / PFW / Operating System Protection Evasion
barindex
Yara detected Powershell download and execute
Source: Yara match File source: dropped/chromecache_40, type: DROPPED
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1544860 URL: https://massgrave.dev/get Startdate: 29/10/2024 Architecture: WINDOWS Score: 48 24 Yara detected Powershell download and execute 2->24 6 chrome.exe 1 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.4, 138, 443, 49723 unknown unknown 6->14 16 239.255.255.250 unknown Reserved 6->16 11 chrome.exe 6->11         started        process5 dnsIp6 18 www.google.com 142.250.186.100, 443, 49742, 57586 GOOGLEUS United States 11->18 20 a.nel.cloudflare.com 35.190.80.1, 443, 49746, 49748 GOOGLEUS United States 11->20 22 massgrave.dev 104.21.22.3, 443, 49736, 49737 CLOUDFLARENETUS United States 11->22
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
239.255.255.250
 unknown Reserved
unknown unknown false
104.21.22.3
 massgrave.dev United States
13335 CLOUDFLARENETUS false
142.250.186.100
 www.google.com United States
15169 GOOGLEUS false
35.190.80.1
 a.nel.cloudflare.com United States
15169 GOOGLEUS false

Private

IP
192.168.2.4

Contacted Domains

Name IP Active
a.nel.cloudflare.com 35.190.80.1 true
massgrave.dev 104.21.22.3 true
s-part-0015.t-0009.t-msedge.net 13.107.246.43 true
s-part-0017.t-0009.t-msedge.net 13.107.246.45 true
www.google.com 142.250.186.100 true
fp2e7a.wpc.phicdn.net 192.229.221.95 true

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://massgrave.dev/get false
    		unknown
    https://massgrave.dev/get.ps1 false
      		unknown
      https://massgrave.dev/favicon.ico false
        		unknown
        https://a.nel.cloudflare.com/report/v4?s=vPTY0xFb3CBGMjuhF3E8dI7qHK%2BzbUneS1j45ngcVEvIjoNdt6Q5uaQRy4vsxM0XbCQGPCM3M9V29C95EBzXR3dUzzsP76dXF2zLokd%2Fcp3DAFdDHGfKMDL6FUhsK6om false
          		unknown