Windows Analysis Report
http://email.medallion.co/e/c/eyJlbWFpbF9pZCI6ImRnVHV0Z1lCQU4tZER0NmREZ0dTMDdJbFV0YzJKcGY0M21Dd3FVST0iLCJocmVmIjoiaHR0cHM6Ly9hcHAubWVkYWxsaW9uLmNvL2ludml0ZS9MYmRLMiIsImludGVybmFsIjoiZWViNjA2MDc4ZWI1MDFkZjlkMGUiLCJsaW5rX2lkIjo4fQ/644e50bca0199c65a87618f3a1ca1fddf5f2f611813fa881649e9517307e5464

Overview

General Information

Sample URL:	http://email.medallion.co/e/c/eyJlbWFpbF9pZCI6ImRnVHV0Z1lCQU4tZER0NmREZ0dTMDdJbFV0YzJKcGY0M21Dd3FVST0iLCJocmVmIjoiaHR0cHM6Ly9hcHAubWVkYWxsaW9uLmNvL2ludml0ZS9MYmRLMiIsImludGVybmFsIjoiZWViNjA2MDc4ZWI1MD
Analysis ID:	1545588
Infos:

Detection

Score:	3
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Detected non-DNS traffic on DNS port

Detected suspicious crossdomain redirect

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden javascript code

Invalid 'forgot password' link found

Classification

Signatures

HTML body contains low number of good links

Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=

HTTP Parser: Number of links: 1

HTML body contains password input but no form action

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden javascript code

HTTP Parser: Base64 decoded: {"icon":"https://cdn.medallion.co/img/favicon.png","assetsUrl":"","auth0Domain":"medallion.auth0.com","auth0Tenant":"medallion","clientConfigurationBaseUrl":"https://medallion.auth0.com/","callbackOnLocationHash":false,"callbackURL":"https://app.medallion...

Invalid 'forgot password' link found

HTTP Parser: Invalid link: Forgot password?

HTTP Parser: <input type="password" .../> found

Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No favicon
Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No favicon

Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No <meta name="author".. found
Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No <meta name="author".. found

Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No <meta name="copyright".. found
Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:54954 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:55066 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:65427 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:54951 -> 1.1.1.1:53

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: app.medallion.co to https://medallion.auth0.com/authorize?client_id=6n9zpv8kp7ouqrsl2mt3bkw2gdb4knsx&redirect_uri=https://app.medallion.co/complete/auth0&state=hghuxteiihcv1gts6caaexyqnc7dcwua&response_type=code&scope=openid+profile+email&medallion_login_mode=covid_signup&medallion_org_name=complexcare+solutions&medallion_signup_email=maria.casella@complexcaresolutions.com&max_age=

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /invite/LbdK2 HTTP/1.1Host: app.medallion.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signup?org_name=ComplexCare+Solutions&next=%2Fonboarding%2Fguide%2Fwelcome&signup_email=maria.casella%40complexcaresolutions.com HTTP/1.1Host: app.medallion.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __HOST-sessionid=id4mx1sb2299d7u9uagvspueowa248i1
Source: global traffic	HTTP traffic detected: GET /login/auth0?medallion_login_mode=covid_signup&next=/onboarding/guide/welcome&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella@complexcaresolutions.com HTTP/1.1Host: app.medallion.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __HOST-sessionid=id4mx1sb2299d7u9uagvspueowa248i1
Source: global traffic	HTTP traffic detected: GET /authorize?client_id=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&redirect_uri=https://app.medallion.co/complete/auth0&state=hgHUxteiIHcv1gtS6caAeXYqnc7DcwuA&response_type=code&scope=openid+profile+email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare+Solutions&medallion_signup_email=maria.casella@complexcaresolutions.com&max_age= HTTP/1.1Host: medallion.auth0.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age= HTTP/1.1Host: medallion.auth0.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: did=s%3Av0%3Ab5acef18-35af-459c-892a-f37b1643b45d.VIoLTFjq8QNyNl5Fb8Qnn4NbvV6%2BfsUUcmm%2BFaX4UAg; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOii6tqZm9ApOPtnwU7-ChHII-j3o-ilUNqoUndU5QBtLvFCoe-z4owypQsFohtPEDQYZL23q4pJpSYYf5MN06ymY29va2llg6dleHBpcmVz1__G11IAZyZW0q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6uBfv9AEsQCjqJU9LNV4pTEbzvFhrQ%2FOfLxzc5w1tIM; did_compat=s%3Av0%3Ab5acef18-35af-459c-892a-f37b1643b45d.VIoLTFjq8QNyNl5Fb8Qnn4NbvV6%2BfsUUcmm%2BFaX4UAg; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOii6tqZm9ApOPtnwU7-ChHII-j3o-ilUNqoUndU5QBtLvFCoe-z4owypQsFohtPEDQYZL23q4pJpSYYf5MN06ymY29va2llg6dleHBpcmVz1__G11IAZyZW0q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6uBfv9AEsQCjqJU9LNV4pTEbzvFhrQ%2FOfLxzc5w1tIM
Source: global traffic	HTTP traffic detected: GET /ajax/libs/antd/4.0.4/antd.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/auth0/9.12/auth0.min.js HTTP/1.1Host: cdn.auth0.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo-main.svg HTTP/1.1Host: cdn.medallion.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/polyfills/1.0/object-assign.min.js HTTP/1.1Host: cdn.auth0.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/polyfills/1.0/object-assign.min.js HTTP/1.1Host: cdn.auth0.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo-main.svg HTTP/1.1Host: cdn.medallion.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/auth0/9.12/auth0.min.js HTTP/1.1Host: cdn.auth0.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: medallion.auth0.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: did=s%3Av0%3Ab5acef18-35af-459c-892a-f37b1643b45d.VIoLTFjq8QNyNl5Fb8Qnn4NbvV6%2BfsUUcmm%2BFaX4UAg; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOii6tqZm9ApOPtnwU7-ChHII-j3o-ilUNqoUndU5QBtLvFCoe-z4owypQsFohtPEDQYZL23q4pJpSYYf5MN06ymY29va2llg6dleHBpcmVz1__G11IAZyZW0q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6uBfv9AEsQCjqJU9LNV4pTEbzvFhrQ%2FOfLxzc5w1tIM; did_compat=s%3Av0%3Ab5acef18-35af-459c-892a-f37b1643b45d.VIoLTFjq8QNyNl5Fb8Qnn4NbvV6%2BfsUUcmm%2BFaX4UAg; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOii6tqZm9ApOPtnwU7-ChHII-j3o-ilUNqoUndU5QBtLvFCoe-z4owypQsFohtPEDQYZL23q4pJpSYYf5MN06ymY29va2llg6dleHBpcmVz1__G11IAZyZW0q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6uBfv9AEsQCjqJU9LNV4pTEbzvFhrQ%2FOfLxzc5w1tIM
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /e/c/eyJlbWFpbF9pZCI6ImRnVHV0Z1lCQU4tZER0NmREZ0dTMDdJbFV0YzJKcGY0M21Dd3FVST0iLCJocmVmIjoiaHR0cHM6Ly9hcHAubWVkYWxsaW9uLmNvL2ludml0ZS9MYmRLMiIsImludGVybmFsIjoiZWViNjA2MDc4ZWI1MDFkZjlkMGUiLCJsaW5rX2lkIjo4fQ/644e50bca0199c65a87618f3a1ca1fddf5f2f611813fa881649e9517307e5464 HTTP/1.1Host: email.medallion.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: email.medallion.co
Source: global traffic	DNS traffic detected: DNS query: app.medallion.co
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: medallion.auth0.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: cdn.medallion.co
Source: global traffic	DNS traffic detected: DNS query: cdn.auth0.com

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 30 Oct 2024 16:44:10 GMTContent-Type: text/plain; charset=utf-8Content-Length: 9Connection: closeCF-Ray: 8dacde55cccd28e0-DFWCF-Cache-Status: HITAge: 218Cache-Control: public, max-age=300ETag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"Strict-Transport-Security: max-age=31536000; includeSubDomainsVary: Accept-EncodingX-Auth0-L: 0.002X-Auth0-Not-Found: 1X-Auth0-RequestId: c665c9c6fd2617f58f26X-Content-Type-Options: nosniffServer: cloudflarealt-svc: h3=":443"; ma=86400

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 55040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 55063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55069
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55075
Source: unknown	Network traffic detected: HTTP traffic on port 55028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55073
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55071
Source: unknown	Network traffic detected: HTTP traffic on port 54975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55070
Source: unknown	Network traffic detected: HTTP traffic on port 54998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55080
Source: unknown	Network traffic detected: HTTP traffic on port 55046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54978
Source: unknown	Network traffic detected: HTTP traffic on port 55015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54973
Source: unknown	Network traffic detected: HTTP traffic on port 54985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55027
Source: unknown	Network traffic detected: HTTP traffic on port 54962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54971
Source: unknown	Network traffic detected: HTTP traffic on port 55009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55030
Source: unknown	Network traffic detected: HTTP traffic on port 54956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55033
Source: unknown	Network traffic detected: HTTP traffic on port 55058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55032
Source: unknown	Network traffic detected: HTTP traffic on port 55035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54989
Source: unknown	Network traffic detected: HTTP traffic on port 55041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54981
Source: unknown	Network traffic detected: HTTP traffic on port 55024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55036
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54987
Source: unknown	Network traffic detected: HTTP traffic on port 55003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54985
Source: unknown	Network traffic detected: HTTP traffic on port 55030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55045
Source: unknown	Network traffic detected: HTTP traffic on port 55076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55043
Source: unknown	Network traffic detected: HTTP traffic on port 54974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55049
Source: unknown	Network traffic detected: HTTP traffic on port 55059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54993
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54998
Source: unknown	Network traffic detected: HTTP traffic on port 54968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55057
Source: unknown	Network traffic detected: HTTP traffic on port 55075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55054
Source: unknown	Network traffic detected: HTTP traffic on port 55081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 54990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 55070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 55047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55059
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55064
Source: unknown	Network traffic detected: HTTP traffic on port 55053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55062
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55061
Source: unknown	Network traffic detected: HTTP traffic on port 55008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55065
Source: unknown	Network traffic detected: HTTP traffic on port 55036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 54966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55000
Source: unknown	Network traffic detected: HTTP traffic on port 55048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54956
Source: unknown	Network traffic detected: HTTP traffic on port 55071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54954
Source: unknown	Network traffic detected: HTTP traffic on port 54983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55007
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55013
Source: unknown	Network traffic detected: HTTP traffic on port 55026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55011
Source: unknown	Network traffic detected: HTTP traffic on port 55049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55010
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54969
Source: unknown	Network traffic detected: HTTP traffic on port 55018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54962
Source: unknown	Network traffic detected: HTTP traffic on port 54961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55016
Source: unknown	Network traffic detected: HTTP traffic on port 55060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54960
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55015
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54964
Source: unknown	Network traffic detected: HTTP traffic on port 55001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55019
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55020
Source: unknown	Network traffic detected: HTTP traffic on port 54955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55021
Source: unknown	Network traffic detected: HTTP traffic on port 54972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54993 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:54954 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:55066 version: TLS 1.2

Source: classification engine

Classification label: clean3.win@22/19@20/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1980,i,3801360068097129798,1310475227643198074,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://email.medallion.co/e/c/eyJlbWFpbF9pZCI6ImRnVHV0Z1lCQU4tZER0NmREZ0dTMDdJbFV0YzJKcGY0M21Dd3FVST0iLCJocmVmIjoiaHR0cHM6Ly9hcHAubWVkYWxsaW9uLmNvL2ludml0ZS9MYmRLMiIsImludGVybmFsIjoiZWViNjA2MDc4ZWI1MDFkZjlkMGUiLCJsaW5rX2lkIjo4fQ/644e50bca0199c65a87618f3a1ca1fddf5f2f611813fa881649e9517307e5464"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1980,i,3801360068097129798,1310475227643198074,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
18.172.112.7	unknown	United States	3	MIT-GATEWAYSUS	false
35.227.225.220	edge-east.customer.io	United States	15169	GOOGLEUS	false
35.163.9.155	app.medallion.co	United States	16509	AMAZON-02US	false
13.33.223.41	dp0wn1kjwhg75.cloudfront.net	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
18.172.112.82	cdn.medallion.co	United States	3	MIT-GATEWAYSUS	false
142.250.186.164	www.google.com	United States	15169	GOOGLEUS	false
104.17.254.182	medallion.auth0.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.214.172	true
medallion.auth0.com	104.17.254.182	true
cdn.medallion.co	18.172.112.82	true
edge-east.customer.io	35.227.225.220	true
cdnjs.cloudflare.com	104.17.24.14	true
s-part-0017.t-0009.fb-t-msedge.net	13.107.253.45	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
www.google.com	142.250.186.164	true
app.medallion.co	35.163.9.155	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
dp0wn1kjwhg75.cloudfront.net	13.33.223.41	true
email.medallion.co	unknown	unknown
cdn.jsdelivr.net	unknown	unknown
cdn.auth0.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://app.medallion.co/signup?org_name=ComplexCare+Solutions&next=%2Fonboarding%2Fguide%2Fwelcome&signup_email=maria.casella%40complexcaresolutions.com	false	unknown
https://medallion.auth0.com/favicon.ico	false	unknown
https://app.medallion.co/login/auth0?medallion_login_mode=covid_signup&next=/onboarding/guide/welcome&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella@complexcaresolutions.com	false	unknown
https://medallion.auth0.com/authorize?client_id=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&redirect_uri=https://app.medallion.co/complete/auth0&state=hgHUxteiIHcv1gtS6caAeXYqnc7DcwuA&response_type=code&scope=openid+profile+email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare+Solutions&medallion_signup_email=maria.casella@complexcaresolutions.com&max_age=	false	unknown
https://cdn.auth0.com/js/polyfills/1.0/object-assign.min.js	false	unknown
https://cdn.medallion.co/img/logo-main.svg	false	unknown
https://cdnjs.cloudflare.com/ajax/libs/antd/4.0.4/antd.min.css	false	unknown
https://app.medallion.co/invite/LbdK2	false	unknown
https://cdn.auth0.com/js/auth0/9.12/auth0.min.js	false	unknown
https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	false	unknown
http://email.medallion.co/e/c/eyJlbWFpbF9pZCI6ImRnVHV0Z1lCQU4tZER0NmREZ0dTMDdJbFV0YzJKcGY0M21Dd3FVST0iLCJocmVmIjoiaHR0cHM6Ly9hcHAubWVkYWxsaW9uLmNvL2ludml0ZS9MYmRLMiIsImludGVybmFsIjoiZWViNjA2MDc4ZWI1MDFkZjlkMGUiLCJsaW5rX2lkIjo4fQ/644e50bca0199c65a87618f3a1ca1fddf5f2f611813fa881649e9517307e5464	false	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 113	ASCII text	DBF1248779DC682A91BA529B5EFE0FFC	0EEDCC3D0EC69D1A1B09F1AF9C03F852A6F94152	32CC4A47B370E278072A6440249872E681EFA1D992600420C03A9631DA885D70
Chrome Cache Entry: 114	ASCII text, with very long lines (65454)	ECB248624DD7139C2466D882429D947F	3E209F92AE5747942CD3D87CE9CE3E6F8C7DCC1B	BDB05134260268F1EFE9E05F37035EC76A6880C065F11FA806A6BD9C4657382B
Chrome Cache Entry: 115	gzip compressed data, max compression, from Unix, original size modulo 2^32 8249	1C45A78E13172A730DC469B0D2B502E2	680716C438AD277013D0D790A0B5866AC1F21B92	7D6BFBD185DCC7745706B3FB5BF1EDC49B26EE883B3071AB6A287B66399E6C87
Chrome Cache Entry: 116	Web Open Font Format, TrueType, length 106812, version 1.0	DF7DE9FE96A30F78C7F652F5B00AE016	1B10CE080E2562A8B7E8395044D3CA83DC112999	011AE1FE8E56C310D82EC3795CB8F86B9DEA521DD0BC560A0AE0C2E87BAEDD4B
Chrome Cache Entry: 117	ASCII text, with no line terminators	9D1EAD73E678FA2F51A70A933B0BF017	D205CBD6783332A212C5AE92D73C77178C2D2F28	0019DFC4B32D63C1392AA264AED2253C1E0C2FB09216F8E2CC269BBFB8BB49B5
Chrome Cache Entry: 118	ASCII text, with very long lines (65435)	8CC54350FBD28B1AA717C222BC4B9B55	E13C49BAEE4A742420DA2754B5B02AA3630B66AB	F1B47DC9978C0FFF53F9063E71D8D176A82F26988708C94E97F56AA722CD1A35
Chrome Cache Entry: 119	ASCII text, with no line terminators	4DFAAFAAB07B1C6C2314BFE79A1BAA81	AF22ECE46132415173DF9163EB19ED2D736B8CC4	2E3281CE824BC83F86243254926E320D7A51FD34E310D76F38DDF5CA4430BCD8
Chrome Cache Entry: 120	ASCII text, with very long lines (65454)	ECB248624DD7139C2466D882429D947F	3E209F92AE5747942CD3D87CE9CE3E6F8C7DCC1B	BDB05134260268F1EFE9E05F37035EC76A6880C065F11FA806A6BD9C4657382B
Chrome Cache Entry: 121	ASCII text, with no line terminators	4DFAAFAAB07B1C6C2314BFE79A1BAA81	AF22ECE46132415173DF9163EB19ED2D736B8CC4	2E3281CE824BC83F86243254926E320D7A51FD34E310D76F38DDF5CA4430BCD8
Chrome Cache Entry: 122	gzip compressed data, max compression, from Unix, original size modulo 2^32 8249	1C45A78E13172A730DC469B0D2B502E2	680716C438AD277013D0D790A0B5866AC1F21B92	7D6BFBD185DCC7745706B3FB5BF1EDC49B26EE883B3071AB6A287B66399E6C87
Chrome Cache Entry: 123	ASCII text, with no line terminators	E2A751F3B26707F7F94E3C88D8E2038D	D8344B8DE8EB9F56037F730A07E5D33CCA945B61	193CFD04F7ED162428FCF53B9B4B9A1941E259ABC64E837C0972ECD1BA1B6284

HTML body contains low number of good links

HTTP Parser: Number of links: 1

HTML body contains password input but no form action

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden javascript code

Invalid 'forgot password' link found

HTTP Parser: Invalid link: Forgot password?

HTTP Parser: <input type="password" .../> found

Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No favicon
Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No favicon

Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No <meta name="author".. found
Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No <meta name="author".. found

Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No <meta name="copyright".. found
Source: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:54954 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:55066 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:65427 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:54951 -> 1.1.1.1:53

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /invite/LbdK2 HTTP/1.1Host: app.medallion.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signup?org_name=ComplexCare+Solutions&next=%2Fonboarding%2Fguide%2Fwelcome&signup_email=maria.casella%40complexcaresolutions.com HTTP/1.1Host: app.medallion.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __HOST-sessionid=id4mx1sb2299d7u9uagvspueowa248i1
Source: global traffic	HTTP traffic detected: GET /login/auth0?medallion_login_mode=covid_signup&next=/onboarding/guide/welcome&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella@complexcaresolutions.com HTTP/1.1Host: app.medallion.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __HOST-sessionid=id4mx1sb2299d7u9uagvspueowa248i1
Source: global traffic	HTTP traffic detected: GET /authorize?client_id=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&redirect_uri=https://app.medallion.co/complete/auth0&state=hgHUxteiIHcv1gtS6caAeXYqnc7DcwuA&response_type=code&scope=openid+profile+email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare+Solutions&medallion_signup_email=maria.casella@complexcaresolutions.com&max_age= HTTP/1.1Host: medallion.auth0.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age= HTTP/1.1Host: medallion.auth0.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: did=s%3Av0%3Ab5acef18-35af-459c-892a-f37b1643b45d.VIoLTFjq8QNyNl5Fb8Qnn4NbvV6%2BfsUUcmm%2BFaX4UAg; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOii6tqZm9ApOPtnwU7-ChHII-j3o-ilUNqoUndU5QBtLvFCoe-z4owypQsFohtPEDQYZL23q4pJpSYYf5MN06ymY29va2llg6dleHBpcmVz1__G11IAZyZW0q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6uBfv9AEsQCjqJU9LNV4pTEbzvFhrQ%2FOfLxzc5w1tIM; did_compat=s%3Av0%3Ab5acef18-35af-459c-892a-f37b1643b45d.VIoLTFjq8QNyNl5Fb8Qnn4NbvV6%2BfsUUcmm%2BFaX4UAg; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOii6tqZm9ApOPtnwU7-ChHII-j3o-ilUNqoUndU5QBtLvFCoe-z4owypQsFohtPEDQYZL23q4pJpSYYf5MN06ymY29va2llg6dleHBpcmVz1__G11IAZyZW0q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6uBfv9AEsQCjqJU9LNV4pTEbzvFhrQ%2FOfLxzc5w1tIM
Source: global traffic	HTTP traffic detected: GET /ajax/libs/antd/4.0.4/antd.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/auth0/9.12/auth0.min.js HTTP/1.1Host: cdn.auth0.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo-main.svg HTTP/1.1Host: cdn.medallion.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/polyfills/1.0/object-assign.min.js HTTP/1.1Host: cdn.auth0.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/polyfills/1.0/object-assign.min.js HTTP/1.1Host: cdn.auth0.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo-main.svg HTTP/1.1Host: cdn.medallion.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/auth0/9.12/auth0.min.js HTTP/1.1Host: cdn.auth0.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: medallion.auth0.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://medallion.auth0.com/login?state=hKFo2SBSb1VjbEFZZ0NiU0NQR2hkTnU5UXdtV09NTWRlaFlzS6FupWxvZ2luo3RpZNkgWlQ5aUs0ckxtbmNPcC0tcS05VGs5VmEzMV9ZeDVWREGjY2lk2SA2bjl6UFY4a1A3T1VRUnNsMm10M0JrdzJnZEI0a25TWA&client=6n9zPV8kP7OUQRsl2mt3Bkw2gdB4knSX&protocol=oauth2&redirect_uri=https%3A%2F%2Fapp.medallion.co%2Fcomplete%2Fauth0&response_type=code&scope=openid%20profile%20email&medallion_login_mode=covid_signup&medallion_org_name=ComplexCare%20Solutions&medallion_signup_email=maria.casella%40complexcaresolutions.com&max_age=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: did=s%3Av0%3Ab5acef18-35af-459c-892a-f37b1643b45d.VIoLTFjq8QNyNl5Fb8Qnn4NbvV6%2BfsUUcmm%2BFaX4UAg; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOii6tqZm9ApOPtnwU7-ChHII-j3o-ilUNqoUndU5QBtLvFCoe-z4owypQsFohtPEDQYZL23q4pJpSYYf5MN06ymY29va2llg6dleHBpcmVz1__G11IAZyZW0q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6uBfv9AEsQCjqJU9LNV4pTEbzvFhrQ%2FOfLxzc5w1tIM; did_compat=s%3Av0%3Ab5acef18-35af-459c-892a-f37b1643b45d.VIoLTFjq8QNyNl5Fb8Qnn4NbvV6%2BfsUUcmm%2BFaX4UAg; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOii6tqZm9ApOPtnwU7-ChHII-j3o-ilUNqoUndU5QBtLvFCoe-z4owypQsFohtPEDQYZL23q4pJpSYYf5MN06ymY29va2llg6dleHBpcmVz1__G11IAZyZW0q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6uBfv9AEsQCjqJU9LNV4pTEbzvFhrQ%2FOfLxzc5w1tIM
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /e/c/eyJlbWFpbF9pZCI6ImRnVHV0Z1lCQU4tZER0NmREZ0dTMDdJbFV0YzJKcGY0M21Dd3FVST0iLCJocmVmIjoiaHR0cHM6Ly9hcHAubWVkYWxsaW9uLmNvL2ludml0ZS9MYmRLMiIsImludGVybmFsIjoiZWViNjA2MDc4ZWI1MDFkZjlkMGUiLCJsaW5rX2lkIjo4fQ/644e50bca0199c65a87618f3a1ca1fddf5f2f611813fa881649e9517307e5464 HTTP/1.1Host: email.medallion.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: email.medallion.co
Source: global traffic	DNS traffic detected: DNS query: app.medallion.co
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: medallion.auth0.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: cdn.medallion.co
Source: global traffic	DNS traffic detected: DNS query: cdn.auth0.com

Source: global traffic

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 55040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 55063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55069
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55075
Source: unknown	Network traffic detected: HTTP traffic on port 55028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55073
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55071
Source: unknown	Network traffic detected: HTTP traffic on port 54975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55070
Source: unknown	Network traffic detected: HTTP traffic on port 54998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55080
Source: unknown	Network traffic detected: HTTP traffic on port 55046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54978
Source: unknown	Network traffic detected: HTTP traffic on port 55015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54973
Source: unknown	Network traffic detected: HTTP traffic on port 54985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55027
Source: unknown	Network traffic detected: HTTP traffic on port 54962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54971
Source: unknown	Network traffic detected: HTTP traffic on port 55009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55030
Source: unknown	Network traffic detected: HTTP traffic on port 54956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55033
Source: unknown	Network traffic detected: HTTP traffic on port 55058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55032
Source: unknown	Network traffic detected: HTTP traffic on port 55035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54989
Source: unknown	Network traffic detected: HTTP traffic on port 55041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54981
Source: unknown	Network traffic detected: HTTP traffic on port 55024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55036
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54987
Source: unknown	Network traffic detected: HTTP traffic on port 55003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54985
Source: unknown	Network traffic detected: HTTP traffic on port 55030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55045
Source: unknown	Network traffic detected: HTTP traffic on port 55076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55043
Source: unknown	Network traffic detected: HTTP traffic on port 54974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55049
Source: unknown	Network traffic detected: HTTP traffic on port 55059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54993
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54998
Source: unknown	Network traffic detected: HTTP traffic on port 54968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55057
Source: unknown	Network traffic detected: HTTP traffic on port 55075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55054
Source: unknown	Network traffic detected: HTTP traffic on port 55081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 54990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 55070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 55047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55059
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55064
Source: unknown	Network traffic detected: HTTP traffic on port 55053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55062
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55061
Source: unknown	Network traffic detected: HTTP traffic on port 55008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55065
Source: unknown	Network traffic detected: HTTP traffic on port 55036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 54966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55000
Source: unknown	Network traffic detected: HTTP traffic on port 55048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54956
Source: unknown	Network traffic detected: HTTP traffic on port 55071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54954
Source: unknown	Network traffic detected: HTTP traffic on port 54983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55007
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55013
Source: unknown	Network traffic detected: HTTP traffic on port 55026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55011
Source: unknown	Network traffic detected: HTTP traffic on port 55049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55010
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54969
Source: unknown	Network traffic detected: HTTP traffic on port 55018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54962
Source: unknown	Network traffic detected: HTTP traffic on port 54961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55016
Source: unknown	Network traffic detected: HTTP traffic on port 55060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54960
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55015
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54964
Source: unknown	Network traffic detected: HTTP traffic on port 55001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55019
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55020
Source: unknown	Network traffic detected: HTTP traffic on port 54955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55021
Source: unknown	Network traffic detected: HTTP traffic on port 54972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54993 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:54954 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:55066 version: TLS 1.2

Source: classification engine

Classification label: clean3.win@22/19@20/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1980,i,3801360068097129798,1310475227643198074,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://email.medallion.co/e/c/eyJlbWFpbF9pZCI6ImRnVHV0Z1lCQU4tZER0NmREZ0dTMDdJbFV0YzJKcGY0M21Dd3FVST0iLCJocmVmIjoiaHR0cHM6Ly9hcHAubWVkYWxsaW9uLmNvL2ludml0ZS9MYmRLMiIsImludGVybmFsIjoiZWViNjA2MDc4ZWI1MDFkZjlkMGUiLCJsaW5rX2lkIjo4fQ/644e50bca0199c65a87618f3a1ca1fddf5f2f611813fa881649e9517307e5464"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1980,i,3801360068097129798,1310475227643198074,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1545588
Product:	CloudBasic
Start time:	17:43:00
Start date:	30.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs