Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://prettylearning.com

Overview

General Information

Sample URL:https://prettylearning.com
Analysis ID:1559004
Infos:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Detected non-DNS traffic on DNS port

Classification

  • System is w10x64
  • chrome.exe (PID: 3484 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3568 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2512,i,4426542172027379820,7800885087021766653,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6360 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://prettylearning.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://prettylearning.com/HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:64445 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:64446 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:64513 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:64530 version: TLS 1.2
Source: global trafficTCP traffic: 192.168.2.4:64444 -> 1.1.1.1:53
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: prettylearning.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: prettylearning.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://prettylearning.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: prettylearning.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=xzUnkZ4GwYzRY4B&MD=3zpw3bkR HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=xzUnkZ4GwYzRY4B&MD=3zpw3bkR HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: prettylearning.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Nov 2024 02:10:28 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeexpires: Wed, 20 Nov 2024 03:10:28 GMTstrict-transport-security: max-age=15724800; preloadtiming-allow-origin: *vary: Accept-Encodingx-buildname: hoothootx-buildnumber: 1528792020x-content-type-options: nosniffx-datacenter: gce-us-east1x-hostname: fen-hoothoot-us-east1-chmcvia: 1.1 googlealt-svc: h3=":443"; ma=86400CF-Cache-Status: MISSServer: cloudflareCF-RAY: 8e54e75d09240f46-EWR
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 64559 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64460
Source: unknownNetwork traffic detected: HTTP traffic on port 64513 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64581
Source: unknownNetwork traffic detected: HTTP traffic on port 64536 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64580
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64462
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64583
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64461
Source: unknownNetwork traffic detected: HTTP traffic on port 64507 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64582
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64485 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64462 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64571 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64594 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64453
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64574
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64452
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64573
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64455
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64576
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64454
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64575
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64457
Source: unknownNetwork traffic detected: HTTP traffic on port 64491 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64578
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64456
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64577
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64459
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64458
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64579
Source: unknownNetwork traffic detected: HTTP traffic on port 64451 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64560 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64590
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64471
Source: unknownNetwork traffic detected: HTTP traffic on port 64531 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64592
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64470
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64591
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64473
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64594
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64472
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64593
Source: unknownNetwork traffic detected: HTTP traffic on port 64468 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64577 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64525 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64519 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64542 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64464
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64585
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64463
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64584
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64466
Source: unknownNetwork traffic detected: HTTP traffic on port 64479 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64587
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64465
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64586
Source: unknownNetwork traffic detected: HTTP traffic on port 64496 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64468
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64589
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64467
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64588
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64469
Source: unknownNetwork traffic detected: HTTP traffic on port 64588 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64480
Source: unknownNetwork traffic detected: HTTP traffic on port 64582 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64482
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64481
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64484
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64483
Source: unknownNetwork traffic detected: HTTP traffic on port 64576 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64599 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64486 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64501 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64543 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64520 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64475
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64596
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64474
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64595
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64477
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64598
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64476
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64597
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64479
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64478
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64599
Source: unknownNetwork traffic detected: HTTP traffic on port 64474 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64457 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64600 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64491
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64490
Source: unknownNetwork traffic detected: HTTP traffic on port 64497 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64493
Source: unknownNetwork traffic detected: HTTP traffic on port 64506 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64537 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64512 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64495
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64494
Source: unknownNetwork traffic detected: HTTP traffic on port 64554 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64593 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64449 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64480 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64463 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64605 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64548 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64486
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64485
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64488
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64487
Source: unknownNetwork traffic detected: HTTP traffic on port 64565 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64489
Source: unknownNetwork traffic detected: HTTP traffic on port 64475 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64452 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64498 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64469 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64503 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64481 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64538
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64537
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64539
Source: unknownNetwork traffic detected: HTTP traffic on port 64606 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64541 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64530
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64532
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64531
Source: unknownNetwork traffic detected: HTTP traffic on port 64564 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64534
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64533
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64536
Source: unknownNetwork traffic detected: HTTP traffic on port 64587 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64535
Source: unknownNetwork traffic detected: HTTP traffic on port 64535 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64581 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64508 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64514 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64550
Source: unknownNetwork traffic detected: HTTP traffic on port 64552 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64598 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64464 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64546 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64549
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64548
Source: unknownNetwork traffic detected: HTTP traffic on port 64570 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64541
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64540
Source: unknownNetwork traffic detected: HTTP traffic on port 64529 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64543
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64542
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64545
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64544
Source: unknownNetwork traffic detected: HTTP traffic on port 64458 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64547
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64546
Source: unknownNetwork traffic detected: HTTP traffic on port 64530 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64561
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64560
Source: unknownNetwork traffic detected: HTTP traffic on port 64553 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64592 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64448 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64559
Source: unknownNetwork traffic detected: HTTP traffic on port 64547 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64518 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64524 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64552
Source: unknownNetwork traffic detected: HTTP traffic on port 64470 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64493 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64551
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64554
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64553
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64556
Source: unknownNetwork traffic detected: HTTP traffic on port 64453 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64555
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64558
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64557
Source: unknownNetwork traffic detected: HTTP traffic on port 64558 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64476 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64570
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64451
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64572
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64450
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64571
Source: unknownNetwork traffic detected: HTTP traffic on port 64502 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64575 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64487 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64449
Source: unknownNetwork traffic detected: HTTP traffic on port 64569 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64563
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64562
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64565
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64564
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64446
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64567
Source: unknownNetwork traffic detected: HTTP traffic on port 64586 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64445
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64566
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64448
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64569
Source: unknownNetwork traffic detected: HTTP traffic on port 64601 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64447
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64568
Source: unknownNetwork traffic detected: HTTP traffic on port 64580 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64574 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64465 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64597 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64522 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64545 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64488 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64516 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64459 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64602 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64568 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64499 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64510 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64556 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64504 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64591 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64539 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64447 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64482 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64505
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64504
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64507
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64506
Source: unknownNetwork traffic detected: HTTP traffic on port 64607 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64509
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64508
Source: unknownNetwork traffic detected: HTTP traffic on port 64563 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64454 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64501
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64500
Source: unknownNetwork traffic detected: HTTP traffic on port 64471 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64503
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64502
Source: unknownNetwork traffic detected: HTTP traffic on port 64509 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64534 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64557 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64515 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64540 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64460 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64483 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64516
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64515
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64518
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64517
Source: unknownNetwork traffic detected: HTTP traffic on port 64573 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64608 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64519
Source: unknownNetwork traffic detected: HTTP traffic on port 64528 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64510
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64512
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64511
Source: unknownNetwork traffic detected: HTTP traffic on port 64585 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64514
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64513
Source: unknownNetwork traffic detected: HTTP traffic on port 64562 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64466 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64579 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64596 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64527
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64526
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64529
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64528
Source: unknownNetwork traffic detected: HTTP traffic on port 64517 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64551 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64523 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64494 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64521
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64520
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64523
Source: unknownNetwork traffic detected: HTTP traffic on port 64477 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64522
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64525
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64524
Source: unknownNetwork traffic detected: HTTP traffic on port 64584 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64555 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64561 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64532 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64590 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64446 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64578 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64526 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64497
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64496
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64499
Source: unknownNetwork traffic detected: HTTP traffic on port 64495 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64498
Source: unknownNetwork traffic detected: HTTP traffic on port 64472 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64478 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64549 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64455 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64461 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64595 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64521 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64489 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64500 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64567 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64603 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64511 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64450 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64505 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64538 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64467 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64604 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64550 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64566 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64589 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64583 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64533 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64445 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64484 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64604
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64603
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64606
Source: unknownNetwork traffic detected: HTTP traffic on port 64572 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64605
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64608
Source: unknownNetwork traffic detected: HTTP traffic on port 64544 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64607
Source: unknownNetwork traffic detected: HTTP traffic on port 64527 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64600
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64602
Source: unknownNetwork traffic detected: HTTP traffic on port 64456 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64473 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 64490 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 64601
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:64445 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:64446 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:64513 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:64530 version: TLS 1.2
Source: classification engineClassification label: clean0.win@16/5@6/5
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2512,i,4426542172027379820,7800885087021766653,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://prettylearning.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2512,i,4426542172027379820,7800885087021766653,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Process Injection
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://prettylearning.com0%Avira URL Cloudsafe
https://prettylearning.com0%VirustotalBrowse
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://prettylearning.com/favicon.ico0%Avira URL Cloudsafe
NameIPActiveMaliciousAntivirus DetectionReputation
prettylearning.com
104.18.24.111
truefalse
    unknown
    www.google.com
    142.250.186.132
    truefalse
      high
      NameMaliciousAntivirus DetectionReputation
      https://prettylearning.com/false
        unknown
        https://prettylearning.com/favicon.icofalse
        • Avira URL Cloud: safe
        unknown
        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs
        IPDomainCountryFlagASNASN NameMalicious
        104.18.25.111
        unknownUnited States
        13335CLOUDFLARENETUSfalse
        239.255.255.250
        unknownReserved
        unknownunknownfalse
        142.250.186.132
        www.google.comUnited States
        15169GOOGLEUSfalse
        104.18.24.111
        prettylearning.comUnited States
        13335CLOUDFLARENETUSfalse
        IP
        192.168.2.4
        Joe Sandbox version:41.0.0 Charoite
        Analysis ID:1559004
        Start date and time:2024-11-20 03:09:27 +01:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 2m 59s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:browseurl.jbs
        Sample URL:https://prettylearning.com
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:8
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • HCA enabled
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Detection:CLEAN
        Classification:clean0.win@16/5@6/5
        EGA Information:Failed
        HCA Information:
        • Successful, ratio: 100%
        • Number of executed functions: 0
        • Number of non-executed functions: 0
        • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
        • Excluded IPs from analysis (whitelisted): 216.58.212.163, 142.250.184.206, 74.125.133.84, 34.104.35.123, 199.232.214.172, 192.229.221.95, 216.58.206.35
        • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, dns.msftncsi.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com
        • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
        • Not all processes where analyzed, report is missing behavior information
        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
        No simulations