Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
Ashdown Phillips & Partners Ltd.eml

Overview

General Information

Sample name:Ashdown Phillips & Partners Ltd.eml
Analysis ID:1644101
MD5:fe7eb57f97dc20adf01daac9a3b4593d
SHA1:37d525c693484c793e7d728ecc965468d4f291aa
SHA256:fb4e16f2724d4fdddfad9e1dc494cc53cad378dd1b7a9f8518e5d7d26bee4c67
Infos:

Detection

Score:23
Range:0 - 100
Confidence:80%

Signatures

AI detected suspicious elements in Email content
Creates files inside the system directory
Deletes files inside the Windows folder
Detected suspicious crossdomain redirect
Queries the volume information (name, serial number etc) of a device
Sigma detected: Office Autorun Keys Modification
Stores large binary data to the registry

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • OUTLOOK.EXE (PID: 5128 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\Ashdown Phillips & Partners Ltd.eml" MD5: 91A5292942864110ED734005B7E005C0)
    • ai.exe (PID: 6728 cmdline: "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "4D22FDF9-9D63-48B8-953E-50C89A9800A5" "5DB5BCA1-32BA-401E-AACA-3D69517E09F3" "5128" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD)
    • chrome.exe (PID: 6852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://eu-west-1.protection.sophos.com/?d=powr.io&u=aHR0cHM6Ly93d3cucG93ci5pby9mb3JtLWJ1aWxkZXIvaS8zOTMyNTE0OSNwYWdl&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=ellqTS81Y0JaOWNoL2gvdjVRaUVOSWNBSUVud0FnR2pxcXAwSEs0ZThmZz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ MD5: E81F54E6C1129887AEA47E7D092680BF)
      • chrome.exe (PID: 7068 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2028,i,18231612226826594610,10402936109378397168,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2064 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 5128, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin\1

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Software Vulnerabilities
  • Networking
  • System Summary
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: EmailJoe Sandbox AI: Detected potential phishing email: The email contains a suspicious link to powr.io form builder masked through Sophos protection links. The email is vague about the 'proposal' and tries to get the recipient to click on an external link. Multiple instances of the same signature block and redundant images suggest poor formatting typical of phishing attempts
Source: EmailClassification: Lure-Based Attack
Source: https://www.powr.io/form-builder/i/39325149#pageHTTP Parser: No favicon
Source: https://www.powr.io/form-builder/i/39325149#pageHTTP Parser: No favicon
Source: https://www.powr.io/form-builder/i/39325149#pageHTTP Parser: No favicon
Source: https://www.powr.io/form-builder/i/39325149#pageHTTP Parser: No favicon
Source: https://www.powr.io/form-builder/i/39325149#pageHTTP Parser: No favicon
Source: https://www.powr.io/form-builder/i/39325149#pageHTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.17:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 108.138.128.50:443 -> 192.168.2.17:49786 version: TLS 1.2
Source: unknownHTTPS traffic detected: 108.138.128.50:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknownHTTPS traffic detected: 108.138.128.50:443 -> 192.168.2.17:49788 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.22.51.245:443 -> 192.168.2.17:49802 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49821 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49819 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49820 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49818 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49822 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.17:49823 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.16.79.73:443 -> 192.168.2.17:49825 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49831 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.247.243.39:443 -> 192.168.2.17:49844 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.5.146:443 -> 192.168.2.17:49846 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.40.196:443 -> 192.168.2.17:49847 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.247.243.29:443 -> 192.168.2.17:49856 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.5.146:443 -> 192.168.2.17:49862 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.65.164:443 -> 192.168.2.17:49867 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.35.164:443 -> 192.168.2.17:49870 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.5.146:443 -> 192.168.2.17:49879 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.40.164:443 -> 192.168.2.17:49918 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 12MB later: 42MB
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: eu-west-1.protection.sophos.com to https://www.powr.io/form-builder/i/39325149#page
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120600v5s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /?d=powr.io&u=aHR0cHM6Ly93d3cucG93ci5pby9mb3JtLWJ1aWxkZXIvaS8zOTMyNTE0OSNwYWdl&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=ellqTS81Y0JaOWNoL2gvdjVRaUVOSWNBSUVud0FnR2pxcXAwSEs0ZThmZz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ HTTP/1.1Host: eu-west-1.protection.sophos.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /form-builder/i/39325149 HTTP/1.1Host: www.powr.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/style_packs/views-71ed2e30abf93461.css HTTP/1.1Host: public.powrcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/apps/views/formBuilder-d58d4a00c7f3e2b9.css HTTP/1.1Host: public.powrcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/apps-view-42a2d7cac8c06236.js HTTP/1.1Host: public.powrcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/apps/formBuilder-f29b7217873957ec.js HTTP/1.1Host: public.powrcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/fontawesome/fontawesome/all-8e10a187476579e4.js HTTP/1.1Host: public.powrcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bootstrap/3.0.0/css/bootstrap.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-aliveOrigin: https://www.powr.iosec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /fonts/gordita/gordita-regular-webfont-woff.woff HTTP/1.1Host: public.powrcdn.comConnection: keep-aliveOrigin: https://www.powr.iosec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/style_packs/views-71ed2e30abf93461.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /nr-1184.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api.js?onload=onCaptchaLoadCallback&render=explicit HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=4020&ck=1&ref=https://www.powr.io/form-builder/i/39325149&be=2929&fe=3431&dc=3209&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1742465773428,%22n%22:0,%22f%22:1177,%22dn%22:1179,%22dne%22:1279,%22c%22:1279,%22s%22:1286,%22ce%22:1499,%22rq%22:1499,%22rp%22:2024,%22rpe%22:2342,%22dl%22:2039,%22di%22:3206,%22ds%22:3209,%22de%22:3210,%22dc%22:3431,%22l%22:3431,%22le%22:3435%7D,%22navigation%22:%7B%7D%7D&fp=3532&fcp=3532&jsonp=NREUM.setToken HTTP/1.1Host: bam.nr-data.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /39325149 HTTP/1.1Host: counter.powr.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.1002575903.1742465778; _gid=GA1.2.193151818.1742465778
Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&co=aHR0cHM6Ly93d3cucG93ci5pbzo0NDM.&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=p3owzhnvr0or HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLf3ygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /public-assets/crypto.min.js HTTP/1.1Host: www.powr.ioConnection: keep-alivesec-ch-ua-platform: "Windows"X-CSRF-Token: Am1UNUyHa6fyQCuUiwfmzhP5o0KhPSEUiNYAoXMjih8H2L7SBP64PUmuGtGWKHp19crVTehYe7zw584M174wTAX-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.powr.io/form-builder/i/39325149Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ahoy_visit=72ba4321-8230-40ac-b240-3026bf094629; ahoy_visitor=2863c80c-ea2b-4cd2-917a-a3215463a935; ahoy_unique_39325149=true; _ga=GA1.2.1002575903.1742465778; _gid=GA1.2.193151818.1742465778
Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /public-assets/crypto.min.js HTTP/1.1Host: www.powr.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ahoy_visit=72ba4321-8230-40ac-b240-3026bf094629; ahoy_visitor=2863c80c-ea2b-4cd2-917a-a3215463a935; ahoy_unique_39325149=true; _ga=GA1.2.1002575903.1742465778; _gid=GA1.2.193151818.1742465778
Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89 HTTP/1.1Host: www.google.comConnection: keep-aliveAccept: */*X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&co=aHR0cHM6Ly93d3cucG93ci5pbzo0NDM.&hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&size=invisible&cb=p3owzhnvr0orUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLf3ygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.powr.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5L9XU3cQUrr1kp7c78akOxNepeGibokl9M8YgQFk1PmuLhjlhLHAlFTMnJYj9mZmjcRLf_g6FipoxcAI5CU3SGJBKdLtE9tjKGTNJKjgAg8JpPM8WX78bs1xrRJOuu-uNPOOoyluP6L5FOlIfV-RwudU-kODRK1O9ODdPrZSlpO1Dpmfb0c8qdjpmne-yTL5JPZeZe&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/reload?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5L9XU3cQUrr1kp7c78akOxNepeGibokl9M8YgQFk1PmuLhjlhLHAlFTMnJYj9mZmjcRLf_g6FipoxcAI5CU3SGJBKdLtE9tjKGTNJKjgAg8JpPM8WX78bs1xrRJOuu-uNPOOoyluP6L5FOlIfV-RwudU-kODRK1O9ODdPrZSlpO1Dpmfb0c8qdjpmne-yTL5JPZeZe&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5s_LT-bV_7Al-1PgKkYqB6tH9-jFZF4bAZ8MYz1e_Tb53Rdle60WzbfOFthktoRA1VCrXFbQrnSn1DkzzcBCpw906TXlOV8sBi6TIHk8bwbJpHY0zDSE-Ua91GSRFY1iqB1UeM4MY8HiGmhB2pgtRo8GpWYOOz_paL9vhn2IRCBD_n46ZiDbdLu9zAKMA3_aZx7iJ6&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=a8171e44693ff8b9 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5s_LT-bV_7Al-1PgKkYqB6tH9-jFZF4bAZ8MYz1e_Tb53Rdle60WzbfOFthktoRA1VCrXFbQrnSn1DkzzcBCpw906TXlOV8sBi6TIHk8bwbJpHY0zDSE-Ua91GSRFY1iqB1UeM4MY8HiGmhB2pgtRo8GpWYOOz_paL9vhn2IRCBD_n46ZiDbdLu9zAKMA3_aZx7iJ6&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=a8171e44693ff8b9 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7TwW7Bf9_dyNkHgWGa6pk_vUKXNR9Bv4Lqp6x91lvnsPxhFp4SOPQwRJnj8DWOQCR2x_9zlfpBSc7ey14rotKZ6vXKJPeXHvUE3cCAYekbxG2ihUb72MNC7N-cDhklBwpiCzcTcCqyAMKWlyNZidMc-QMtgLzs-Ilq5SwGNL2irXuyYkaO4oYKTzuY3_b2HY808fn9&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=3da5c7e98ef5c7ff HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7TwW7Bf9_dyNkHgWGa6pk_vUKXNR9Bv4Lqp6x91lvnsPxhFp4SOPQwRJnj8DWOQCR2x_9zlfpBSc7ey14rotKZ6vXKJPeXHvUE3cCAYekbxG2ihUb72MNC7N-cDhklBwpiCzcTcCqyAMKWlyNZidMc-QMtgLzs-Ilq5SwGNL2irXuyYkaO4oYKTzuY3_b2HY808fn9&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=3da5c7e98ef5c7ff HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6WnAZS4kHVzjbTjz-ZKkSPg_my1OzLZJDeUtpp0SofX-PDs5J_d-cXTso6IxeylTODbTMtUQmE2yU66G2YjmTCSeXuFH2uD0BjO8Ik1TQ6DiB0peCBze_6LLwIJ2Lhgz__Hfcoh6Be7XiqvL7N7ZYSjg2knVe06VHv12IqLLyjQ46Huqo2qrHarR2ZmJDA7jDzYiT5&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=30dd531c5008ee9d HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA6WnAZS4kHVzjbTjz-ZKkSPg_my1OzLZJDeUtpp0SofX-PDs5J_d-cXTso6IxeylTODbTMtUQmE2yU66G2YjmTCSeXuFH2uD0BjO8Ik1TQ6DiB0peCBze_6LLwIJ2Lhgz__Hfcoh6Be7XiqvL7N7ZYSjg2knVe06VHv12IqLLyjQ46Huqo2qrHarR2ZmJDA7jDzYiT5&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=30dd531c5008ee9d HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4RmnP5W5Nj5SPWu0Lqf0p_Q2aZL8Zhifdk8TptfuhbQV6eN4QNsKnwcWlwzJ5yznZzLOXveXG3C5KWgp3b2rRIRBfJSVbBg_ehxWMlXgtyO-pfcYXoyZbbUI2LQUoMwxToIjppEZYlnU2KHynokPyOOI0Ff4xpWouTsm86WyP7KEKlCHxpLl5uyutjQ7Y6Z0zWJLdm&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=bad8f971391e2e18 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4RmnP5W5Nj5SPWu0Lqf0p_Q2aZL8Zhifdk8TptfuhbQV6eN4QNsKnwcWlwzJ5yznZzLOXveXG3C5KWgp3b2rRIRBfJSVbBg_ehxWMlXgtyO-pfcYXoyZbbUI2LQUoMwxToIjppEZYlnU2KHynokPyOOI0Ff4xpWouTsm86WyP7KEKlCHxpLl5uyutjQ7Y6Z0zWJLdm&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=bad8f971391e2e18 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA50cwLOvnbeJLzIQ0pmkgtKhT379SUhrrkV8CSSSgP2_GCcpEzhvZHZpHC-eaaSlNKOCPC_ZNLer2CYujkTFpK8OMkbkdVRgl3PbW7ttyUIE7WL4Sc1_ntWEOW5FHw0d1je2W-ECVF1YcPi5ztCM-VSHUnGlvRv9rVfj5VryoGdeGrrbdc7-13n_F6DE4QTzYkAQVkU&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=4a2578afd3df3a71 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA50cwLOvnbeJLzIQ0pmkgtKhT379SUhrrkV8CSSSgP2_GCcpEzhvZHZpHC-eaaSlNKOCPC_ZNLer2CYujkTFpK8OMkbkdVRgl3PbW7ttyUIE7WL4Sc1_ntWEOW5FHw0d1je2W-ECVF1YcPi5ztCM-VSHUnGlvRv9rVfj5VryoGdeGrrbdc7-13n_F6DE4QTzYkAQVkU&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=4a2578afd3df3a71 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/userverify?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4GZ0-b2QtIeYHguuLsyzs9MmwVmNI6r1bhGtJCSRbpz41XpUnN0dLZe-g6A09lEqsTzpdRaeCOndI81muoWjZThMHozJInbNfdlxc7_JUZ0MMMLy0gpzk2w7jdZd_YCS9sczUsV1w-w3wikrO94zxs7qrIpxh838LGEYsKQbgudyAICZiCKmfe3YHdiDa5xR1x5YGy&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4GZ0-b2QtIeYHguuLsyzs9MmwVmNI6r1bhGtJCSRbpz41XpUnN0dLZe-g6A09lEqsTzpdRaeCOndI81muoWjZThMHozJInbNfdlxc7_JUZ0MMMLy0gpzk2w7jdZd_YCS9sczUsV1w-w3wikrO94zxs7qrIpxh838LGEYsKQbgudyAICZiCKmfe3YHdiDa5xR1x5YGy&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5ykIztXMw9ifmfqdUHVVxODGhcze3p-ADNacwxMZ_d4QjDLnl6cjRAFGToeOlRLNU7BuGIjkz58Z-HKi_ab22FjqiBEZW0V-EkjJbWtkdgcPZ1gIG3gTABL2wA4Kr08aqS1SSjHIc2gNkgch7jcJ4hfSFDgHkRDVk6E7vhooz6-3r9zC5BqkNdCXaStG1joZmSty_I&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=f0818c0c2743a669 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA5ykIztXMw9ifmfqdUHVVxODGhcze3p-ADNacwxMZ_d4QjDLnl6cjRAFGToeOlRLNU7BuGIjkz58Z-HKi_ab22FjqiBEZW0V-EkjJbWtkdgcPZ1gIG3gTABL2wA4Kr08aqS1SSjHIc2gNkgch7jcJ4hfSFDgHkRDVk6E7vhooz6-3r9zC5BqkNdCXaStG1joZmSty_I&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=f0818c0c2743a669 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7VHlbTLMn77Z3mnpOOJHIpxKbzZE51mmBtl5OAIdxMJBJ7t7ROpEqimuzJxJpm1Sthb_NWm4YqYA7ns2Iac4mg4WvFauNZxE8DuxOW8l-5yxXvnuGePqxDS8rlMbQceHL9zKe7ysK_8pMaTqRj7bQaFyLVXD3O9MK-IPYAmQdRL2cXCz944jezcw17AmvLHdlZf-Jj&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=636d5e9aad441738 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7VHlbTLMn77Z3mnpOOJHIpxKbzZE51mmBtl5OAIdxMJBJ7t7ROpEqimuzJxJpm1Sthb_NWm4YqYA7ns2Iac4mg4WvFauNZxE8DuxOW8l-5yxXvnuGePqxDS8rlMbQceHL9zKe7ysK_8pMaTqRj7bQaFyLVXD3O9MK-IPYAmQdRL2cXCz944jezcw17AmvLHdlZf-Jj&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=636d5e9aad441738 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4BQmhPLRRVZSnIm6PpASZPNUWBP11Q7V3i-GpU-Bbt2la4FlFFPurpj0FEYdbdSECKTS9OdJuT_7-9jneQkm66cegmtcreQ6loeEOjNyYQ5mUmNXeg8xAB3mWxuwFFwRJxOf71V1ZQZ9gZPJUnYVCGuny0_wDtCDYCAbqYXpOUdTGYBB9zkzgNAugmqM9Bqj23zax7&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=c328e9f9499991e1 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA4BQmhPLRRVZSnIm6PpASZPNUWBP11Q7V3i-GpU-Bbt2la4FlFFPurpj0FEYdbdSECKTS9OdJuT_7-9jneQkm66cegmtcreQ6loeEOjNyYQ5mUmNXeg8xAB3mWxuwFFwRJxOf71V1ZQZ9gZPJUnYVCGuny0_wDtCDYCAbqYXpOUdTGYBB9zkzgNAugmqM9Bqj23zax7&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=c328e9f9499991e1 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/replaceimage?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7rfOkDRsp_ChBSjxh0lVxJb1uG1wcqb0kG54vI8sbSy2slINkUDcDANHrS2J8vpSr-46WAEdNZf9RbH2dPYcNf9mhPZUIF10UyZ2Uzt9vJ7pwfBtNLzLUqurD125KdIzwA_kcoyZl_ShjIOpB6csR5AfQO9g4KZ38oNXiatQjD__Ljg7gVaX7PXCk7WIL8QVo-FLMH&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=9ccb1d1222af1e50 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLf3ygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficHTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7rfOkDRsp_ChBSjxh0lVxJb1uG1wcqb0kG54vI8sbSy2slINkUDcDANHrS2J8vpSr-46WAEdNZf9RbH2dPYcNf9mhPZUIF10UyZ2Uzt9vJ7pwfBtNLzLUqurD125KdIzwA_kcoyZl_ShjIOpB6csR5AfQO9g4KZ38oNXiatQjD__Ljg7gVaX7PXCk7WIL8QVo-FLMH&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=9ccb1d1222af1e50 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLf3ygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09ALcxeyq_47pafjNjiqrz1OT_AUBaX_lEe1_hNwnTmmoSGvVUvjpxmtQQa_kODeMdISDXFdobneXoOckx0JaJ2t4
Source: global trafficDNS traffic detected: DNS query: eu-west-1.protection.sophos.com
Source: global trafficDNS traffic detected: DNS query: www.powr.io
Source: global trafficDNS traffic detected: DNS query: public.powrcdn.com
Source: global trafficDNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global trafficDNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global trafficDNS traffic detected: DNS query: js-agent.newrelic.com
Source: global trafficDNS traffic detected: DNS query: counter.powr.io
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: bam.nr-data.net
Source: global trafficDNS traffic detected: DNS query: beacons.gcp.gvt2.com
Source: global trafficDNS traffic detected: DNS query: beacons.gvt2.com
Source: global trafficDNS traffic detected: DNS query: beacons2.gvt2.com
Source: unknownHTTP traffic detected: POST /cdn-cgi/rum? HTTP/1.1Host: www.powr.ioConnection: keep-aliveContent-Length: 1642sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"content-type: application/jsonsec-ch-ua-mobile: ?0Accept: */*Origin: https://www.powr.ioSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.powr.io/form-builder/i/39325149Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ahoy_visit=72ba4321-8230-40ac-b240-3026bf094629; ahoy_visitor=2863c80c-ea2b-4cd2-917a-a3215463a935; ahoy_unique_39325149=true
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49682 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50050 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49677
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50067
Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50033
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50036
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50035
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
Source: unknownNetwork traffic detected: HTTP traffic on port 50066 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownHTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.17:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 108.138.128.50:443 -> 192.168.2.17:49786 version: TLS 1.2
Source: unknownHTTPS traffic detected: 108.138.128.50:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknownHTTPS traffic detected: 108.138.128.50:443 -> 192.168.2.17:49788 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.22.51.245:443 -> 192.168.2.17:49802 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49821 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49819 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49820 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49818 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49822 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.17:49823 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.16.79.73:443 -> 192.168.2.17:49825 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.40:443 -> 192.168.2.17:49831 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.247.243.39:443 -> 192.168.2.17:49844 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.5.146:443 -> 192.168.2.17:49846 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.40.196:443 -> 192.168.2.17:49847 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.247.243.29:443 -> 192.168.2.17:49856 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.5.146:443 -> 192.168.2.17:49862 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.65.164:443 -> 192.168.2.17:49867 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.35.164:443 -> 192.168.2.17:49870 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.5.146:443 -> 192.168.2.17:49879 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.40.164:443 -> 192.168.2.17:49918 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6852_213912009
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6852_213912009
Source: classification engineClassification label: sus23.winEML@24/21@62/223
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20250320T0615460618-5128.etl
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\Ashdown Phillips & Partners Ltd.eml"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "4D22FDF9-9D63-48B8-953E-50C89A9800A5" "5DB5BCA1-32BA-401E-AACA-3D69517E09F3" "5128" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "4D22FDF9-9D63-48B8-953E-50C89A9800A5" "5DB5BCA1-32BA-401E-AACA-3D69517E09F3" "5128" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://eu-west-1.protection.sophos.com/?d=powr.io&u=aHR0cHM6Ly93d3cucG93ci5pby9mb3JtLWJ1aWxkZXIvaS8zOTMyNTE0OSNwYWdl&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=ellqTS81Y0JaOWNoL2gvdjVRaUVOSWNBSUVud0FnR2pxcXAwSEs0ZThmZz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2028,i,18231612226826594610,10402936109378397168,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2064 /prefetch:3
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://eu-west-1.protection.sophos.com/?d=powr.io&u=aHR0cHM6Ly93d3cucG93ci5pby9mb3JtLWJ1aWxkZXIvaS8zOTMyNTE0OSNwYWdl&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=ellqTS81Y0JaOWNoL2gvdjVRaUVOSWNBSUVud0FnR2pxcXAwSEs0ZThmZz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2028,i,18231612226826594610,10402936109378397168,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2064 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: apphelp.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: c2r64.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: rsaenh.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: gpapi.dll
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{F959DBBB-3867-41F2-8E5F-3B8BEFAA81B3}\InprocServer32
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow found: window name: SysTabControl32
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common
Source: Ashdown Phillips & Partners Ltd.emlStatic file information: File size 1235297 > 1048576
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935} DeviceTicket
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information queried: ProcessInformation
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeQueries volume information: C:\Program Files (x86)\Microsoft Office\root\Office16\AI\WordCombinedFloatieLreOnline.onnx VolumeInformation
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation11
Browser Extensions		1
Process Injection		11
Masquerading		OS Credential Dumping1
Process Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		1
DLL Side-Loading		1
Modify Registry		LSASS Memory12
System Information Discovery		Remote Desktop ProtocolData from Removable Media1
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		1
Process Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture4
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
File Deletion		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Extra Window Memory Injection		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/apps-view-42a2d7cac8c06236.js0%Avira URL Cloudsafe
https://eu-west-1.protection.sophos.com/?d=powr.io&u=aHR0cHM6Ly93d3cucG93ci5pby9mb3JtLWJ1aWxkZXIvaS8zOTMyNTE0OSNwYWdl&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=ellqTS81Y0JaOWNoL2gvdjVRaUVOSWNBSUVud0FnR2pxcXAwSEs0ZThmZz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ0%Avira URL Cloudsafe
https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/style_packs/views-71ed2e30abf93461.css0%Avira URL Cloudsafe
https://public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff0%Avira URL Cloudsafe
https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/apps/views/formBuilder-d58d4a00c7f3e2b9.css0%Avira URL Cloudsafe
https://www.powr.io/cdn-cgi/rum?0%Avira URL Cloudsafe
https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/fontawesome/fontawesome/all-8e10a187476579e4.js0%Avira URL Cloudsafe
https://bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=4020&ck=1&ref=https://www.powr.io/form-builder/i/39325149&be=2929&fe=3431&dc=3209&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1742465773428,%22n%22:0,%22f%22:1177,%22dn%22:1179,%22dne%22:1279,%22c%22:1279,%22s%22:1286,%22ce%22:1499,%22rq%22:1499,%22rp%22:2024,%22rpe%22:2342,%22dl%22:2039,%22di%22:3206,%22ds%22:3209,%22de%22:3210,%22dc%22:3431,%22l%22:3431,%22le%22:3435%7D,%22navigation%22:%7B%7D%7D&fp=3532&fcp=3532&jsonp=NREUM.setToken0%Avira URL Cloudsafe
https://counter.powr.io/393251490%Avira URL Cloudsafe
https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/apps/formBuilder-f29b7217873957ec.js0%Avira URL Cloudsafe
https://js-agent.newrelic.com/nr-1184.min.js0%Avira URL Cloudsafe
https://www.google.com/recaptcha/api2/reload?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr0%Avira URL Cloudsafe
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5L9XU3cQUrr1kp7c78akOxNepeGibokl9M8YgQFk1PmuLhjlhLHAlFTMnJYj9mZmjcRLf_g6FipoxcAI5CU3SGJBKdLtE9tjKGTNJKjgAg8JpPM8WX78bs1xrRJOuu-uNPOOoyluP6L5FOlIfV-RwudU-kODRK1O9ODdPrZSlpO1Dpmfb0c8qdjpmne-yTL5JPZeZe&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr0%Avira URL Cloudsafe
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6WnAZS4kHVzjbTjz-ZKkSPg_my1OzLZJDeUtpp0SofX-PDs5J_d-cXTso6IxeylTODbTMtUQmE2yU66G2YjmTCSeXuFH2uD0BjO8Ik1TQ6DiB0peCBze_6LLwIJ2Lhgz__Hfcoh6Be7XiqvL7N7ZYSjg2knVe06VHv12IqLLyjQ46Huqo2qrHarR2ZmJDA7jDzYiT5&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=30dd531c5008ee9d0%Avira URL Cloudsafe
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5ykIztXMw9ifmfqdUHVVxODGhcze3p-ADNacwxMZ_d4QjDLnl6cjRAFGToeOlRLNU7BuGIjkz58Z-HKi_ab22FjqiBEZW0V-EkjJbWtkdgcPZ1gIG3gTABL2wA4Kr08aqS1SSjHIc2gNkgch7jcJ4hfSFDgHkRDVk6E7vhooz6-3r9zC5BqkNdCXaStG1joZmSty_I&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=f0818c0c2743a6690%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
fastly-tls12-bam.nr-data.net
162.247.243.29
truefalse
    		high
    counter.powr.io
    		172.67.5.146
    		truefalse
      		unknown
      static.cloudflareinsights.com
      		104.16.79.73
      		truefalse
        		high
        beacons-handoff.gcp.gvt2.com
        		108.177.122.94
        		truefalse
          		high
          js-agent.newrelic.com
          		162.247.243.39
          		truefalse
            		high
            maxcdn.bootstrapcdn.com
            		104.18.10.207
            		truefalse
              		high
              beacons2.gvt2.com
              		209.85.232.94
              		truefalse
                		high
                beacons.gvt2.com
                		142.250.114.94
                		truefalse
                  		high
                  d35tlz0p71apkp.cloudfront.net
                  		108.138.128.50
                  		truefalse
                    		high
                    public.powrcdn.com
                    		104.21.37.40
                    		truefalse
                      		high
                      www.google.com
                      		142.251.40.196
                      		truefalse
                        		high
                        s-0005.dual-s-msedge.net
                        		52.123.129.14
                        		truefalse
                          		high
                          www.powr.io
                          		104.22.51.245
                          		truefalse
                            		high
                            eu-west-1.protection.sophos.com
                            		unknown
                            		unknownfalse
                              		high
                              beacons.gcp.gvt2.com
                              		unknown
                              		unknownfalse
                                		high
                                bam.nr-data.net
                                		unknown
                                		unknownfalse
                                  		high

                                  Contacted URLs

                                  NameMaliciousAntivirus DetectionReputation
                                  https://otelrules.svc.static.microsoft/rules/rule701151v1s19.xmlfalse
                                    		high
                                    https://otelrules.svc.static.microsoft/rules/rule704001v0s19.xmlfalse
                                      		high
                                      https://otelrules.svc.static.microsoft/rules/rule702151v1s19.xmlfalse
                                        		high
                                        https://otelrules.svc.static.microsoft/rules/rule700151v1s19.xmlfalse
                                          		high
                                          https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015false
                                            		high
                                            https://otelrules.svc.static.microsoft/rules/rule703151v1s19.xmlfalse
                                              		high
                                              https://otelrules.svc.static.microsoft/rules/rule120630v0s19.xmlfalse
                                                		high
                                                https://otelrules.svc.static.microsoft/rules/rule120645v0s19.xmlfalse
                                                  		high
                                                  https://www.powr.io/form-builder/i/39325149#pagefalse
                                                    		unknown
                                                    https://www.google.com/recaptcha/api2/reload?k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://otelrules.svc.static.microsoft/rules/rule700001v2s19.xmlfalse
                                                      		high
                                                      https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/apps-view-42a2d7cac8c06236.jsfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://otelrules.svc.static.microsoft/rules/rule701751v1s19.xmlfalse
                                                        		high
                                                        https://otelrules.svc.static.microsoft/rules/rule120663v0s19.xmlfalse
                                                          		high
                                                          https://otelrules.svc.static.microsoft/rules/rule701301v1s19.xmlfalse
                                                            		high
                                                            https://otelrules.svc.static.microsoft/rules/rule702751v1s19.xmlfalse
                                                              		high
                                                              https://otelrules.svc.static.microsoft/rules/rule702301v1s19.xmlfalse
                                                                		high
                                                                https://otelrules.svc.static.microsoft/rules/rule120609v0s19.xmlfalse
                                                                  		high
                                                                  https://otelrules.svc.static.microsoft/rules/rule120627v0s19.xmlfalse
                                                                    		high
                                                                    https://otelrules.svc.static.microsoft/rules/rule703601v0s19.xmlfalse
                                                                      		high
                                                                      https://otelrules.svc.static.microsoft/rules/rule700751v1s19.xmlfalse
                                                                        		high
                                                                        https://otelrules.svc.static.microsoft/rules/rule700301v1s19.xmlfalse
                                                                          		high
                                                                          https://otelrules.svc.static.microsoft/rules/rule701550v1s19.xmlfalse
                                                                            		high
                                                                            https://otelrules.svc.static.microsoft/rules/rule700100v1s19.xmlfalse
                                                                              		high
                                                                              https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89false
                                                                                		high
                                                                                https://otelrules.svc.static.microsoft/rules/rule702550v1s19.xmlfalse
                                                                                  		high
                                                                                  https://otelrules.svc.static.microsoft/rules/rule700550v1s19.xmlfalse
                                                                                    		high
                                                                                    https://otelrules.svc.static.microsoft/rules/rule703400v0s19.xmlfalse
                                                                                      		high
                                                                                      https://otelrules.svc.static.microsoft/rules/rule700901v1s19.xmlfalse
                                                                                        		high
                                                                                        https://otelrules.svc.static.microsoft/rules/rule701100v1s19.xmlfalse
                                                                                          		high
                                                                                          https://otelrules.svc.static.microsoft/rules/rule700400v2s19.xmlfalse
                                                                                            		high
                                                                                            https://otelrules.svc.static.microsoft/rules/rule701901v1s19.xmlfalse
                                                                                              		high
                                                                                              https://otelrules.svc.static.microsoft/rules/rule120635v0s19.xmlfalse
                                                                                                		high
                                                                                                https://otelrules.svc.static.microsoft/rules/rule703850v0s19.xmlfalse
                                                                                                  		high
                                                                                                  https://otelrules.svc.static.microsoft/rules/rule702901v1s19.xmlfalse
                                                                                                    		high
                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120612v0s19.xmlfalse
                                                                                                      		high
                                                                                                      https://otelrules.svc.static.microsoft/rules/rule703000v1s19.xmlfalse
                                                                                                        		high
                                                                                                        https://otelrules.svc.static.microsoft/rules/rule120681v0s19.xmlfalse
                                                                                                          		high
                                                                                                          https://otelrules.svc.static.microsoft/rules/rule120640v0s19.xmlfalse
                                                                                                            		high
                                                                                                            https://otelrules.svc.static.microsoft/rules/rule703450v1s19.xmlfalse
                                                                                                              		high
                                                                                                              https://otelrules.svc.static.microsoft/rules/rule700700v1s19.xmlfalse
                                                                                                                		high
                                                                                                                https://otelrules.svc.static.microsoft/rules/rule702000v1s19.xmlfalse
                                                                                                                  		high
                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule702450v1s19.xmlfalse
                                                                                                                    		high
                                                                                                                    https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5ykIztXMw9ifmfqdUHVVxODGhcze3p-ADNacwxMZ_d4QjDLnl6cjRAFGToeOlRLNU7BuGIjkz58Z-HKi_ab22FjqiBEZW0V-EkjJbWtkdgcPZ1gIG3gTABL2wA4Kr08aqS1SSjHIc2gNkgch7jcJ4hfSFDgHkRDVk6E7vhooz6-3r9zC5BqkNdCXaStG1joZmSty_I&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=f0818c0c2743a669false
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120617v0s19.xmlfalse
                                                                                                                      		high
                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule703750v0s19.xmlfalse
                                                                                                                        		high
                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule703300v0s19.xmlfalse
                                                                                                                          		high
                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule700450v1s19.xmlfalse
                                                                                                                            		high
                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule701700v1s19.xmlfalse
                                                                                                                              		high
                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule702700v1s19.xmlfalse
                                                                                                                                		high
                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule700851v1s19.xmlfalse
                                                                                                                                  		high
                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule703701v0s19.xmlfalse
                                                                                                                                    		high
                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule701851v1s19.xmlfalse
                                                                                                                                      		high
                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule702851v1s19.xmlfalse
                                                                                                                                        		high
                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule120619v0s19.xmlfalse
                                                                                                                                          		high
                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule700600v1s19.xmlfalse
                                                                                                                                            		high
                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule120625v0s19.xmlfalse
                                                                                                                                              		high
                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule120622v0s19.xmlfalse
                                                                                                                                                		high
                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule120653v0s19.xmlfalse
                                                                                                                                                  		high
                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule702600v1s19.xmlfalse
                                                                                                                                                    		high
                                                                                                                                                    https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6WnAZS4kHVzjbTjz-ZKkSPg_my1OzLZJDeUtpp0SofX-PDs5J_d-cXTso6IxeylTODbTMtUQmE2yU66G2YjmTCSeXuFH2uD0BjO8Ik1TQ6DiB0peCBze_6LLwIJ2Lhgz__Hfcoh6Be7XiqvL7N7ZYSjg2knVe06VHv12IqLLyjQ46Huqo2qrHarR2ZmJDA7jDzYiT5&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUr&id=30dd531c5008ee9dfalse
                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                    		unknown
                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120647v0s19.xmlfalse
                                                                                                                                                      		high
                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule224900v0s19.xmlfalse
                                                                                                                                                        		high
                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule703100v1s19.xmlfalse
                                                                                                                                                          		high
                                                                                                                                                          https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5L9XU3cQUrr1kp7c78akOxNepeGibokl9M8YgQFk1PmuLhjlhLHAlFTMnJYj9mZmjcRLf_g6FipoxcAI5CU3SGJBKdLtE9tjKGTNJKjgAg8JpPM8WX78bs1xrRJOuu-uNPOOoyluP6L5FOlIfV-RwudU-kODRK1O9ODdPrZSlpO1Dpmfb0c8qdjpmne-yTL5JPZeZe&k=6Le5I8cUAAAAAK9mUWl2F9U7PJiEXz4nPsQRAoUrfalse
                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                          		unknown
                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule120668v0s19.xmlfalse
                                                                                                                                                            		high
                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule702100v1s19.xmlfalse
                                                                                                                                                              		high
                                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule120620v0s19.xmlfalse
                                                                                                                                                                		high
                                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule703351v0s19.xmlfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule120128v0s19.xmlfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120650v0s19.xmlfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule703551v0s19.xmlfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule703051v3s19.xmlfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule120661v0s19.xmlfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule120655v0s19.xmlfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule120614v0s19.xmlfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://otelrules.svc.static.microsoft/rules/other-Win32-v19.bundlefalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/fontawesome/fontawesome/all-8e10a187476579e4.jsfalse
                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule702350v1s19.xmlfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120639v0s19.xmlfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule701050v1s19.xmlfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule704200v0s19.xmlfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule702200v1s19.xmlfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule704050v0s19.xmlfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule700350v1s19.xmlfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule120648v0s19.xmlfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule120657v0s19.xmlfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule702500v1s19.xmlfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule120660v0s19.xmlfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule703500v0s19.xmlfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule703950v0s19.xmlfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule700200v1s19.xmlfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule700500v1s19.xmlfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule701650v1s19.xmlfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule224902v2s19.xmlfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule700950v1s19.xmlfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule120651v0s19.xmlfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule120402v21s19.xmlfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule120642v0s19.xmlfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule702950v1s19.xmlfalse
                                                                                                                                                                                                                              		high

                                                                                                                                                                                                                              World Map of Contacted IPs

                                                                                                                                                                                                                              • No. of IPs < 25%
                                                                                                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                                                                                                              • 75% < No. of IPs

                                                                                                                                                                                                                              Public IPs

                                                                                                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                              104.18.10.207
                                                                                                                                                                                                                              		maxcdn.bootstrapcdn.comUnited States
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              142.250.65.163
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              142.251.111.84
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              184.31.69.3
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                              142.250.176.206
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              142.251.32.99
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              52.123.129.14
                                                                                                                                                                                                                              		s-0005.dual-s-msedge.netUnited States
                                                                                                                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                              142.251.40.110
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              172.67.5.146
                                                                                                                                                                                                                              		counter.powr.ioUnited States
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              20.189.173.14
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                              142.251.40.196
                                                                                                                                                                                                                              		www.google.comUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              142.251.40.174
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              104.16.79.73
                                                                                                                                                                                                                              		static.cloudflareinsights.comUnited States
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              162.247.243.39
                                                                                                                                                                                                                              		js-agent.newrelic.comUnited States
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              142.251.40.170
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              108.138.128.50
                                                                                                                                                                                                                              		d35tlz0p71apkp.cloudfront.netUnited States
                                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                                              1.1.1.1
                                                                                                                                                                                                                              		unknownAustralia
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              23.223.209.209
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                                              104.22.51.245
                                                                                                                                                                                                                              		www.powr.ioUnited States
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              142.250.81.227
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              142.251.40.164
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              142.251.40.142
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              142.250.65.227
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              162.247.243.29
                                                                                                                                                                                                                              		fastly-tls12-bam.nr-data.netUnited States
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              142.250.65.164
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              104.21.37.40
                                                                                                                                                                                                                              		public.powrcdn.comUnited States
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              142.251.35.164
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              142.251.35.163
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse

                                                                                                                                                                                                                              Private

                                                                                                                                                                                                                              IP
                                                                                                                                                                                                                              192.168.2.17

                                                                                                                                                                                                                              General Information

                                                                                                                                                                                                                              Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                              Analysis ID:1644101
                                                                                                                                                                                                                              Start date and time:2025-03-20 11:15:10 +01:00
                                                                                                                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                              Overall analysis duration:
                                                                                                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                              Report type:full
                                                                                                                                                                                                                              Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                                                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                              Number of analysed new started processes analysed:17
                                                                                                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                                                                                                              Technologies:
                                                                                                                                                                                                                              • EGA enabled
                                                                                                                                                                                                                              Analysis Mode:stream
                                                                                                                                                                                                                              Analysis stop reason:Timeout
                                                                                                                                                                                                                              Sample name:Ashdown Phillips & Partners Ltd.eml
                                                                                                                                                                                                                              Detection:SUS
                                                                                                                                                                                                                              Classification:sus23.winEML@24/21@62/223
                                                                                                                                                                                                                              Cookbook Comments:
                                                                                                                                                                                                                              • Found application associated with file extension: .eml
                                                                                                                                                                                                                              • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                                              • Excluded IPs from analysis (whitelisted): 184.31.69.3, 23.223.209.209, 23.223.209.217, 52.123.129.14, 20.190.152.20
                                                                                                                                                                                                                              • Excluded domains from analysis (whitelisted): ecs.office.com, omex.cdn.office.net, dual-s-0005-office.config.skype.com, fs.microsoft.com, login.live.com, ecs.office.trafficmanager.net, prod.fs.microsoft.com.akadns.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, e16604.dscf.akamaiedge.net, omex.cdn.office.net.akamaized.net, a1864.dscd.akamai.net
                                                                                                                                                                                                                              • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                                                                                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                              • VT rate limit hit for: counter.powr.io

                                                                                                                                                                                                                              Created / dropped Files

                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20250320T0615460618-5128.etl

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                              Category:modified
                                                                                                                                                                                                                              Size (bytes):106496
                                                                                                                                                                                                                              Entropy (8bit):4.515961851520257
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:41DD89645BD799CD1D71151A5A40E96E
                                                                                                                                                                                                                              SHA1:5B5ED3957EA690E00F19F4026EFD89BF2D1D4CDF
                                                                                                                                                                                                                              SHA-256:CFEA378726F9CBCC93F587D5BAC6CFF9F85442D31AA915BC97B6A109FDED0520
                                                                                                                                                                                                                              SHA-512:0F2BEEE1FD88977178FEAADA70DB24D6A95E273490A33D9E14FBC4EE42BC30E3D08D5125F08AE042A54808C4D674682ED2AB4B10E461036BACAD813E801C917A
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              Preview:............................................................................d............U......................eJ..............Zb..2...................................,...@.t.z.r.e.s...d.l.l.,.-.1.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.1.1.1............................................................V[.5............U..............v.2._.O.U.T.L.O.O.K.:.1.4.0.8.:.2.3.4.8.b.4.1.0.5.5.3.6.4.2.5.4.b.0.1.5.3.e.9.b.4.e.f.4.9.9.2.4...C.:.\.U.s.e.r.s.\.t.o.r.r.e.s.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.O.u.t.l.o.o.k. .L.o.g.g.i.n.g.\.O.U.T.L.O.O.K._.1.6._.0._.1.6.8.2.7._.2.0.1.3.0.-.2.0.2.5.0.3.2.0.T.0.6.1.5.4.6.0.6.1.8.-.5.1.2.8...e.t.l...........P.P..........U......................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\olkBC36.tmp

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                              Size (bytes):7719
                                                                                                                                                                                                                              Entropy (8bit):7.488441779277207
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:89C8D47E1B05904E83D12B442C974342
                                                                                                                                                                                                                              SHA1:60A5A4F847CA1A62BB1B11251851E427544FC27C
                                                                                                                                                                                                                              SHA-256:3BF00581D1089715A941B0FBF76AF833021D3FF79F2980A71D2EF9C78878FFAE
                                                                                                                                                                                                                              SHA-512:E8132BE5E4107D59129008198FC214983F988DD63E3BC5CD5E718ADF4A48E429CD14DFA653B8B7681F4371C80E7E8810158D0293C64D2DEC480C8B54661FDF61
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              Preview:$}CP.......X...........Z~...[.D.y."0.<......<\$..........j..}..?...xO.:......E..N`.c.i. ....."...........?.)?........A......*...}.G./......W..O.......R.G.n...+0.+...$..pF..tR.1.U..........7_..%.w7...)..\..,.J...*[..Z../.x.[.m.m"...v7(..D.B.r.:.y....c!'.b'.V\pt.....q.)........O.K..V..[<2.....R9.8".........^...............A......*...}._./......W..O...........D.[...q.sn.,C.^...tQ.q.~.D..&g<5.oM}.|+.>..I.c.}~.[..$...X.....l.......H........?..........&a....k.;...E<.....oR..U..|W..N...d..B.Q.I..8..L..V..+I..a..:..?B..=.O...$..D.H..]......Z.\....C#.....Z(....(....(....(....(....(....(....(....(...h...j.....o.{/.........W.f...}...k........H?...TwB}I..X...c.B.......#_#W.~.....C..?..R...(....(....(....(....(....(....(....(....(....(....(....(....(....(....(....(....(....(....(....(....(....(.......O{u.../,..DD.,I..P4.....[[.sq*E.H]...U.$.z....n.Q...<5-R.o.^.f'...zF=.....c.\.;/..0.y.....\.n..?..@..XxSO.....l..a...G..?h..^xc...'...|Y.H-t.x...6CK..'....X:*r..

                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\olkBC59.tmp

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                              Size (bytes):11002
                                                                                                                                                                                                                              Entropy (8bit):6.859328041770011
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:F72CBA069F49EDF1FBD81CAF30CF860B
                                                                                                                                                                                                                              SHA1:D85A3D4531DEB25BA3C7316CB387EFC1E7DF199D
                                                                                                                                                                                                                              SHA-256:2B22BB64333383DEB05A5876A5C1E6525D0DE7036B0442094FCAC19A31A64054
                                                                                                                                                                                                                              SHA-512:CF40127BD95687B301B37EB9B515B8EE91D3F38F262F7EDC3967BBBE82255ED1B7029260113D0160015ECA231AB57F294E513E096271AEC6A770A2811ADFB297
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              Preview:.[. R=..w....c.?....P~..O:5..<T.D.8....X...v+.3..3...H.?k.&.-......|}..F..bz.t.$...A..........F...Q..X./.{.`{..+.?.*7...w.u..!I.I...i.yCt.~...}....?...>=~...U.l.I..NF...1...........U~i...~.#M....M.]V...Lz..q.[....W..O.....|U..uq.C%...%6.+.W.Y..c...?.n(....+7.z....=..V.o.u.X. .h.....a.8# ......(...(...{X.B.e....".}.A.}+J...&.o...#~...8...:~..+.....*.&.....>.%w.u=,......e..9...+.nn.......J..+...I..Tw.wm...~......(..((...(...(............$.Jv..0...(.".)..2..Ex.z..d.img!......O..W.......y."W.....q.k_T..+.a...`.[....QE..$|pQE..QE..QE..QE..QE..QE..QE..QE..QE..QE..QE..QE..QE..QE..QE..W.|....3.d..\.....{..d....Z.[ye76......r.U5..#V1.V...........z....{.rO..J..K8.(..L?..(..:/.;..`.co_.K_.....|u.;.VO.|F..(M.....7..}w`...M}._..]X...kx.~l.....:yuZ.ZNZ|...~. ..+.....O.x...x.........N...~5..RI...k..E.6..\]..3b1..}......y.W.h;U.x..G.?.%.~....V".4......+....(...(...(...(.............md!f_o_.....4a".S.Xd....S..u....6e.;9.....~........ZY-y{....._5.|.s.3.*qX..v...

                                                                                                                                                                                                                              C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                                                                                                                                              File Type:Microsoft Outlook email folder (>=2003)
                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                              Size (bytes):1287168
                                                                                                                                                                                                                              Entropy (8bit):6.7843712023929745
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:33FB68AA8D421B6C8158E2FD683B95BC
                                                                                                                                                                                                                              SHA1:A84C2D2E172AD7CFFB5DFC090151D659D9CFAE15
                                                                                                                                                                                                                              SHA-256:96EEFCD64C620F2B00FA89756DC547239EDA47EA497BDCC9856F3FF6CA4D8E7B
                                                                                                                                                                                                                              SHA-512:CB090CB7625DC443455FF7981CF2A2C52DD7404047E12D1411A6646C449731509441CBBFBEE3FDC6B8E84A9799745B461C7147BF8733AF084E6A09F0DA496471
                                                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              Preview:!BDNG.x.SM......\..............Q........................@...........@...@...................................@..........................................................................................@...............P........@......M...................................................................................................................................................................................................................................................................................................h#....f.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                              C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                              Size (bytes):1048576
                                                                                                                                                                                                                              Entropy (8bit):7.463083286691052
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:82861ADDCC9BBCE0F681F9F3273AE233
                                                                                                                                                                                                                              SHA1:3B60167A25DF02D7945F08DC04A951D52039EDBA
                                                                                                                                                                                                                              SHA-256:D12F2A076870099E424CCD3D9B7E1BF746602B044441E2CD45C41E5C3D751D02
                                                                                                                                                                                                                              SHA-512:7D60F4B08FF8EE74AB94E10CF4912AC178B31BB3BB2E2EBF7E3968776C99AB30D5CC2A288DEF28530F282071A644B92BAABCD096F692CCD4C049CEC63428DE8D
                                                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              Preview:.~.10..."............s........................#.!BDNG.x.SM......\..............Q........................@...........@...@...................................@..........................................................................................@...............P........@......M...................................................................................................................................................................................................................................................................................................h#....f.~.10..."............s........................#..~.10..."............s........................#.!BDNG.x.SM......\..............Q........................@...........@...@...................................@..........................................................................................@...............P........@......M............................................................................................

                                                                                                                                                                                                                              Chrome Cache Entry: 128

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (65316)
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):97339
                                                                                                                                                                                                                              Entropy (8bit):5.1426577524749115
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:4EADBF7D1721BB2729E398595BC7F0BC
                                                                                                                                                                                                                              SHA1:CDE1A9A9098238450AFB8FCCFCE94C22FA2743E3
                                                                                                                                                                                                                              SHA-256:1CBDA21998B65E08A7E936114CABD7F7783D0F590DD6EFDD58C7FAA8B6E7B9AA
                                                                                                                                                                                                                              SHA-512:2A7F594FF849D49936246E8744037EFF8CB79AA06D3FB0EF3885882896143F07C04B9B5B0669CC3B11129603E0AB829004A95E35BECAAE3C71D86E1DAC0DAD2F
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
                                                                                                                                                                                                                              Preview:/*!. * Bootstrap v3.0.0. *. * Copyright 2013 Twitter, Inc. * Licensed under the Apache License v2.0. * http://www.apache.org/licenses/LICENSE-2.0. *. * Designed and built with all the love in the world by @mdo and @fat.. *//*! normalize.css v2.1.0 | MIT License | git.io/normalize */article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block}audio,canvas,video{display:inline-block}audio:not([controls]){display:none;height:0}[hidden]{display:none}html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}a:focus{outline:thin dotted}a:active,a:hover{outline:0}h1{margin:.67em 0;font-size:2em}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:bold}dfn{font-style:italic}hr{height:0;-moz-box-sizing:content-box;box-sizing:content-box}mark{color:#000;background:#ff0}code,kbd,pre,samp{font-family:monospace,serif;font-size:1em}pre{white-space:pre-wrap}q{quotes:"\201C" "\201D" "\2018" "\2019"}small{font-size:80%}

                                                                                                                                                                                                                              Chrome Cache Entry: 134

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3
                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                              Size (bytes):4562
                                                                                                                                                                                                                              Entropy (8bit):7.902911111146421
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:EA5FA259852C9BB452DF8BFB72041824
                                                                                                                                                                                                                              SHA1:23589B9013A001545C8B34526EE59090A386726A
                                                                                                                                                                                                                              SHA-256:B0550623206C529B94F57378445A6C3A8F2505804A481C49965C215EB62D8169
                                                                                                                                                                                                                              SHA-512:DAB25A459F8CAA14CFC9B45CAB84605E04FB078D7B107EE0B28F3F5C09B956B5A57A2408CECA57337D923230AB0ACA680F2EAF6E3460129E5B38CED6AD1AE38D
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              Preview:......JFIF.............C..............................................!........."$".$.......C.......................................................................d.d.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..r.w..k.d.......s...=8..Mo.w'.r.f.K<.UT.2..'.1..>...i...d...".a.)`.P{.....1.....X...$.ff.@.0}=G_~k..$........:H..C.k.W..q... ..k.u..... ...dJ......3....[....:E.....b&...A.F..z......!.....b.#.b!^..:.8<.....s....Ed'.b{....9..x'..q.ps..G...fy.y#.b....=N.=...g.R.t..U.Y..[u.`s..3.....Q@.L.<.b....#.~..oe/...I.v..\K....`@..wL. .....rr}*..xg..x..;B.TR..>f8.q..O

                                                                                                                                                                                                                              Chrome Cache Entry: 135

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:HTML document, Unicode text, UTF-8 text, with very long lines (22595)
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):295795
                                                                                                                                                                                                                              Entropy (8bit):5.1541068822496
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:E8666610235288C7232D50B27B1FBFF2
                                                                                                                                                                                                                              SHA1:E9D354E129B1DA6BEE876B8D10B01908B77E9018
                                                                                                                                                                                                                              SHA-256:D8849835518390A9BB06F61BFE450E1BB69C31FB6FEE94BD2383CF959123DC3D
                                                                                                                                                                                                                              SHA-512:7080C4D7D20E31A8FF3214421C379A4FFB0D8E5DDBE655B0C288E449E4F6B6FBCC8C366231B65C55A88B240F08EAFC26951A453353741EDC2C6889C071E2F5A1
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://www.powr.io/form-builder/i/39325149
                                                                                                                                                                                                                              Preview:<!DOCTYPE html>.<html lang='en'>.<head>. APP VIEW TEMPLATE-->.<link rel="shortcut icon" type="image/x-icon" href="data:;base64,iVBORw0KGgo=" />.<meta charset='utf-8'>.<meta content='width=device-width, initial-scale=1.0' name='viewport'>.<title>.Form Builder.</title>.<meta content='Form Builder' name='title'>.<meta content='' name='description'>.<meta content='noindex, nofollow' name='robots'>.<meta content='website' property='og:type'>.<meta content='https://www.powr.io/form-builder/i/39325149' property='og:url'>.<meta content='Form Builder' property='og:title'>.<meta content='' property='og:description'>.<meta content='https://s3.us-west-1.amazonaws.com/www.powrcdn.com/screenshot-39325149-1742458782504.jpg' property='og:image'>.<link href='https://www.powr.io/api/v1/oembed?format=json&amp;url=https://www.powr.io/form-builder/i/39325149' rel='alternate' type='application/json+oembed'>.<meta content='summary_large_image' property='twitter:card'>.<meta content='https://www.powr.io/fo

                                                                                                                                                                                                                              Chrome Cache Entry: 139

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                                                              Entropy (8bit):3.75
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:EC331136E75314D2030EE013B6069921
                                                                                                                                                                                                                              SHA1:6B7428B8B15616A67F767D42964AF94FCBE2A803
                                                                                                                                                                                                                              SHA-256:A7358DF6B7B60280F2A0D7CD5B70A9F1DFA4FCE5C31FB1A24FB2F109AF7EE977
                                                                                                                                                                                                                              SHA-512:30C9B411C937F7D3DE9E59D8BE1CDE4F262B05C6AC2EC2D2C1956E705FE255D84DE17913826A0378B7FD4E51E075EE72A6BF16B870BF78B83D4F1D4507A44278
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCU_6zOQBvVgBEgUNBu27_yHGJg5Borejmw==?alt=proto
                                                                                                                                                                                                                              Preview:CgkKBw0G7bv/GgA=

                                                                                                                                                                                                                              Chrome Cache Entry: 140

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (590)
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):558604
                                                                                                                                                                                                                              Entropy (8bit):5.709733010176998
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:6A36163AA0BBF83AB5D1C9FE0FF046C7
                                                                                                                                                                                                                              SHA1:B5D6C2EB38480243E8527D29030A895E4558F0B4
                                                                                                                                                                                                                              SHA-256:430AA09E2AEC35F41AFAC94B13F2550D632F4D12D14549AD3344CF29AA9F40A2
                                                                                                                                                                                                                              SHA-512:A9299850AB3FDEB4E86DA6E8A1D66F4B9C80BAD0E4CFB0105A7D2DCC7FF380181A611B8681B639E46815BEC3DE31DCAA700FD655C23F8896D42391328FEE4663
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js
                                                                                                                                                                                                                              Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT.*/./*.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0.*/./*. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var U=function(){return[function(f,V,Z,P,X,D,G,k,H,w,A,S,n,r,K,M,R,t,z,F,g,L,d,v,O,E,m,N,b,q,fc,e,B,V0,l,PL,HL,kK,cL){return f>>((((f&(kK=[1846,2,33],(f<<kK[1]&7)<kK[1]&&(f>>kK[1]&13)>=7&&(cL=Z.M*4294967296+(Z.o>>>V)),93))==f&&c.call(this,V),f)>>1&kK[1])==kK[1]&&(D=[1,191,1213],V.O$?(R=V.Km,S=V.lP,A=J[5](4,12),b=C[16](52,A),M=b.next().value,F=b.next().value,X=b.next().value,K=b.next().value,l=b.next().value,m=b.next().value,PL=b.next().value,b.next(),b.next(),G=b.next().value,b.next(),B=b.next().value,.e=[C[1](65,S,x[32](6,S),x[32](6,kK[0])),x[27](78,S,x[32](kK[2],S),x[32](6,D[kK[1]])),Q[26](22,S,x[32](65,S),x[32]

                                                                                                                                                                                                                              Chrome Cache Entry: 141

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                              Size (bytes):331
                                                                                                                                                                                                                              Entropy (8bit):4.611558267571266
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:B38BFC02B898246DDE7AF377AE6E10DA
                                                                                                                                                                                                                              SHA1:FD04B71BF9B1EEF411ADEC5A8F0988376D74FA6C
                                                                                                                                                                                                                              SHA-256:2F2974D8EE22C89C293F1BE6693B68039B802E1726484927D5812F2BCF84E9DE
                                                                                                                                                                                                                              SHA-512:570AA670E6FB51608CA223DAF3CB5EE0EC24DDBD18F47BFA55CAF5074EB4C99581417B1A1178AD80C46FAF83672B5B96E72D91469B483BAF1310B817DC90F227
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              Preview:{"day":[{"name":"Total Visits","data":{"2025-03-20":249}},{"name":"Unique Visits","data":{"2025-03-20":172}}],"week":[{"name":"Total Visits","data":{"2025-03-16":249}},{"name":"Unique Visits","data":{"2025-03-16":172}}],"month":[{"name":"Total Visits","data":{"2025-03-01":249}},{"name":"Unique Visits","data":{"2025-03-01":172}}]}

                                                                                                                                                                                                                              Chrome Cache Entry: 142

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):791870
                                                                                                                                                                                                                              Entropy (8bit):5.379181901543899
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:8AD32DFE8B83E143F103E7AFDEEF86C8
                                                                                                                                                                                                                              SHA1:248BF958C1DA301EFF2C74430EBFD71DC3EFE053
                                                                                                                                                                                                                              SHA-256:8607E0C6660133E3EABF3875D660E08606AABE000321AF410A74E0248A88AE76
                                                                                                                                                                                                                              SHA-512:4D51C6F456BB953FDBCBBF6DD8336F1D5E1B5A57B13D66E9AA96E34A11B02C4DDFB1E17D5A7848170A3ABA2FD978A86CA74A363998848CAEE1033CEFB09E94FF
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/apps/formBuilder-f29b7217873957ec.js
                                                                                                                                                                                                                              Preview:(()=>{var n={120:function(n,r,o){n.exports=o(56124)},40323:function(n,r,o){"use strict";var a=o(97032),s=o(63224),y=o(60726),w=o(88734),E=o(24209),P=o(38970),A=o(11028),j=o(14225);n.exports=function(n){return new Promise(function(r,o){var B=n.data,q=n.headers,et=n.responseType;a.isFormData(B)&&delete q["Content-Type"];var en=new XMLHttpRequest;if(n.auth){var er=n.auth.username||"",eo=n.auth.password?unescape(encodeURIComponent(n.auth.password)):"";q.Authorization="Basic "+btoa(er+":"+eo)}var ea=E(n.baseURL,n.url);function onloadend(){if(!!en){var a="getAllResponseHeaders"in en?P(en.getAllResponseHeaders()):null;s(r,o,{data:et&&"text"!==et&&"json"!==et?en.response:en.responseText,status:en.status,statusText:en.statusText,headers:a,config:n,request:en}),en=null}}if(en.open(n.method.toUpperCase(),w(ea,n.params,n.paramsSerializer),!0),en.timeout=n.timeout,"onloadend"in en?en.onloadend=onloadend:en.onreadystatechange=function(){if(!!en&&4===en.readyState&&(0!==en.status||!!(en.responseURL&&

                                                                                                                                                                                                                              Chrome Cache Entry: 144

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):102
                                                                                                                                                                                                                              Entropy (8bit):4.959834136761674
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:85CF33A7525444B6CA922F12FDB45E9C
                                                                                                                                                                                                                              SHA1:5BC107045CCE930F2E2FF8A134A52AFCB7EDB55B
                                                                                                                                                                                                                              SHA-256:223A644C50BB4E93AEE4C2C96AE68188D4BC0B1BA5A10F32293EB32066857A47
                                                                                                                                                                                                                              SHA-512:D17244B9E8467549693502EEDA6A94AC5C24DC4817E9526689322149F1DCA9B4E47AAF385C84D52E10E890BF0512DD941F0382C247C3054F1A7A51DC72132340
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=J79K9xgfxwT6Syzx-UyWdD89
                                                                                                                                                                                                                              Preview:importScripts('https://www.gstatic.com/recaptcha/releases/J79K9xgfxwT6Syzx-UyWdD89/recaptcha__en.js');

                                                                                                                                                                                                                              Chrome Cache Entry: 145

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                              Size (bytes):27838
                                                                                                                                                                                                                              Entropy (8bit):7.9689088285589715
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:2BE3D00C5F03058F160D17492192C8FE
                                                                                                                                                                                                                              SHA1:B30DC110D47C58CCFF866FE66DBBF027EE394505
                                                                                                                                                                                                                              SHA-256:C1768584F96646401AC3D8835F524CBFBB8D1940D8EE6799842E69186290A5EE
                                                                                                                                                                                                                              SHA-512:142B6EB627E7F511B1FA8D557EA1538F3772D48B321857DFAA1E36EE08FA730F4DA12C1AD73366A56498CE95F3D7C2BB4DD69D6B19BCD3048E71B3D8B6DE457B
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              Preview:......JFIF.............C..............................................!........."$".$.......C.......................................................................,.,.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..+|z..8.37.#..U-.X..T.dP..v9...k)(...x.a=.B.e..I'(A=?.G>....lr4..,F.n.......YF..'..NG.4...-...4.%Y6..+(+..Z..4k.V.Y..`.*.G.s...S.m.xE.r..;Uq.OZ.........Hd...#..k.7v.g.gTT6i.w.....T..9#..5..#@w.....jF...]F..H ...07r>Rz...+>{6...Q..Py...Z.i.4R....E.].'+......E.7\...AS...z}k>.ku.Gn..L.....A]..nn.c_..&......\r.s.qUU.N.....|K#E1..dM.%.l..9.\...6..y....g.J..C...

                                                                                                                                                                                                                              Chrome Cache Entry: 146

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                                                              Entropy (8bit):3.875
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:46DF3E5E2D15256CA16616EBFDA5427F
                                                                                                                                                                                                                              SHA1:BE8F9B307E458075DA0D43585A05F1D451469182
                                                                                                                                                                                                                              SHA-256:AF3248D0B278571EFF9A22F8ED1CEB54B70D202B44FD70ECA4CA13A5771CECC3
                                                                                                                                                                                                                              SHA-512:88FBCC0A92317A0BADE7D4B72C023A16792F3728443075BF4B1767C8A55258836B54D56B24EABE36AE4EF240F796B58B8F1EA10C7E3C146BDE89882FC9ADE302
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCU_6zOQBvVgBEgUNkWGVTiEhaVKufEuL6Q==?alt=proto
                                                                                                                                                                                                                              Preview:CgkKBw2RYZVOGgA=

                                                                                                                                                                                                                              Chrome Cache Entry: 148

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (13013), with no line terminators
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):13013
                                                                                                                                                                                                                              Entropy (8bit):5.108423440289367
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:5E9D1C3A05A0741882E908096E53AB32
                                                                                                                                                                                                                              SHA1:091424B5DDC9355ECDDC788AAC787975A03A713A
                                                                                                                                                                                                                              SHA-256:500C4C26ABAEF9C141F6B3EC35BB647E017A15A5D72D8FDB544DB906385D8012
                                                                                                                                                                                                                              SHA-512:5993FEF8CD08F8398657B912BC406A91BA6D3BA2082D7C8AA1C4D778033EA8C6A3DDAA06FA8C2EB05FEDCAB933A7035043096FF22951C7A9D4D2204A83297B1F
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/fontawesome/fontawesome/all-8e10a187476579e4.js
                                                                                                                                                                                                                              Preview:(()=>{var t={},e={};function __webpack_require__(r){var n=e[r];if(void 0!==n)return n.exports;var o=e[r]={exports:{}};return t[r](o,o.exports,__webpack_require__),o.exports}function _typeof(t){return(_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function _createForOfIteratorHelper(t,e){var r="undefined"!=typeof Symbol&&t[Symbol.iterator]||t["@@iterator"];if(!r){if(Array.isArray(t)||(r=_unsupportedIterableToArray(t))||e&&t&&"number"==typeof t.length){r&&(t=r);var n=0,F=function(){};return{s:F,n:function(){return n>=t.length?{done:!0}:{done:!1,value:t[n++]}},e:function(t){throw t},f:F}}throw TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}var o,a=!0,c=!1;return{s:function(){r=r.call(t)},n:function(){var t=r.next();return a=t.

                                                                                                                                                                                                                              Chrome Cache Entry: 149

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (27995), with no line terminators
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):27995
                                                                                                                                                                                                                              Entropy (8bit):5.315806784478887
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:3D7F312BE60D08A2568E311E4762F3AF
                                                                                                                                                                                                                              SHA1:EDC028ACC27FB8DC6E2106A071A03AE7F93DC3B4
                                                                                                                                                                                                                              SHA-256:780861F2AB29C0144055244696561FB0306C8CB3CB7F548F9105C763B0E91F77
                                                                                                                                                                                                                              SHA-512:01507CB531465D496E475994A901D2E54E654810BDADE13BEB0480E9CA75FC92B0E4A5689646CC17FC2B10F93F00C1B000CD5B7C9B024F4A7A60F97905C1658B
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://js-agent.newrelic.com/nr-1184.min.js
                                                                                                                                                                                                                              Preview:!function(n,e,t){function r(t,i){if(!e[t]){if(!n[t]){var a="function"==typeof __nr_require&&__nr_require;if(!i&&a)return a(t,!0);if(o)return o(t,!0);throw new Error("Cannot find module '"+t+"'")}var u=e[t]={exports:{}};n[t][0].call(u.exports,function(e){var o=n[t][1][e];return r(o||e)},u,u.exports)}return e[t].exports}for(var o="function"==typeof __nr_require&&__nr_require,i=0;i<t.length;i++)r(t[i]);return r}({1:[function(n,e,t){e.exports=function(n,e){return"addEventListener"in window?window.addEventListener(n,e,!1):"attachEvent"in window?window.attachEvent("on"+n,e):void 0}},{}],2:[function(n,e,t){function r(n,e,t,r,i){l[n]||(l[n]={});var a=l[n][e];return a||(a=l[n][e]={params:t||{}},i&&(a.custom=i)),a.metrics=o(r,a.metrics),a}function o(n,e){return e||(e={count:0}),e.count+=1,f(n,function(n,t){e[n]=i(t,e[n])}),e}function i(n,e){return e?(e&&!e.c&&(e={t:e.t,min:e.t,max:e.t,sos:e.t*e.t,c:1}),e.c+=1,e.t+=n,e.sos+=n*n,n>e.max&&(e.max=n),n<e.min&&(e.min=n),e):{t:n}}function a(n,e){return

                                                                                                                                                                                                                              Chrome Cache Entry: 150

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (1541), with no line terminators
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):1541
                                                                                                                                                                                                                              Entropy (8bit):5.773841091052362
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:53CF215E00D8240B20E45005C4DBD845
                                                                                                                                                                                                                              SHA1:31D9D08519980D853E01249F7267A712AEFAE57F
                                                                                                                                                                                                                              SHA-256:660755D443D4BA8BA60191D347385E9A8E9728E40F0B343EDB941CC04377865E
                                                                                                                                                                                                                              SHA-512:AA9B4276B1E9964355E23F85723FC4E9D13C43F3E278EAD6ABC961EEF1C59D74017A79DC68122DE53D12D76F6396D53943051CBF831C67FEE9C035763A01728D
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://www.google.com/recaptcha/api.js?onload=onCaptchaLoadCallback&render=explicit
                                                                                                                                                                                                                              Preview:/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]||{},N='grecaptcha';var gr=w[N]=w[N]||{};gr.ready=gr.ready||function(f){(cfg['fns']=cfg['fns']||[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']||[]).push('explicit');(cfg['onload']=cfg['onload']||[]).push('onCaptchaLoadCallback');(cfg['clr']=cfg['clr']||[]).push('true');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.ge

                                                                                                                                                                                                                              Chrome Cache Entry: 152

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):689539
                                                                                                                                                                                                                              Entropy (8bit):5.4254275309357505
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:4CC718214DECEEB3B4CCCE19102FEE4A
                                                                                                                                                                                                                              SHA1:F2722225E53E6B520A5D6FC1662E3A952C599791
                                                                                                                                                                                                                              SHA-256:5783750AA3CDBF86BE8703D67D0C593BD5D8791419B5951B3E48A9BAE4BA25DC
                                                                                                                                                                                                                              SHA-512:439C56F8B628AA5ADAD68A57B112848BD62E036583A40E3478B45CE5336E3E02CC9B1A3B1F2489FB860BCF42A6A95B9439016CE3935A7E315401C4A382D36B4C
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://public.powrcdn.com/latest/assets/packs/2417be3adda3d8bb2b9266ae4679bc73aaefe18b/apps-view-42a2d7cac8c06236.js
                                                                                                                                                                                                                              Preview:(()=>{var o={40252:function(o,a,y){"use strict";function modeChangeHandler(){var o=this;o.$el.on("click",".js-edit-on-click-toggle__button",function(a){if(!$(a.target).hasClass("edit-on-click-toggle__button--active")){var y,E=null===(y=o.model)||void 0===y||null===(y=y.attributes)||void 0===y||null===(y=y.locals)||void 0===y?void 0:y.editOnClickMode;o.model.setLocals({editOnClickMode:!E}),o.render()}})}function openSettingsHandler(o,a){var y=this,E=$(document).find(o);y.$el.find(".edit-on-click--container-template").on("click",function(){var o=null==E?void 0:E.find(a[0]);y.closeDrilldown(E),!(null!=o&&o.hasClass("active"))&&o.click()}),y.$el.find(".edit-on-click--container-options").on("click",function(){var o=null==E?void 0:E.find(a[1]);y.closeDrilldown(E),!(null!=o&&o.hasClass("active"))&&o.click()}),y.$el.find(".edit-on-click--container-design").on("click",function(){var P,A=null==E?void 0:E.find(a[2]);y.closeDrilldown(E),!(null!=A&&A.hasClass("active"))&&A.click(),(null===(P=y.mode

                                                                                                                                                                                                                              Chrome Cache Entry: 155

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:Web Open Font Format (Version 2), TrueType, length 15340, version 1.0
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):15340
                                                                                                                                                                                                                              Entropy (8bit):7.983406336508752
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:19B7A0ADFDD4F808B53AF7E2CE2AD4E5
                                                                                                                                                                                                                              SHA1:81D5D4C7B5035AD10CCE63CF7100295E0C51FDDA
                                                                                                                                                                                                                              SHA-256:C912A9CE0C3122D4B2B29AD26BFE06B0390D1A5BDAA5D6128692C0BEFD1DFBBD
                                                                                                                                                                                                                              SHA-512:49DA16000687AC81FC4CA9E9112BDCA850BB9F32E0AF2FE751ABC57A8E9C3382451B50998CEB9DE56FC4196F1DC7EF46BBA47933FC47EB4538124870B7630036
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
                                                                                                                                                                                                                              Preview:wOF2......;........d..;..........................d..z..J.`..L.Z..<.....\..`..^...x.6.$..6. ..|. ..8..z%......Q.{..q...FF.kd .8.(..d..).!C...Y.JA...r. ..GH8F......nW...".2&....2<..+C...p...b..SC.......J......z.-..Q..#6&1zUe../\...l.....<.....9s...E~.]B-..B.wY..o......Q..*A.F..1j.......-.`P% .. ,..@1.0..~.....WWW.d.u<c{..^.R.+..w....&.........A......+C....(.N.....0.~..0.J.;.Nu..7....]..m.H.....[h.GL3....?)....c.H...2.3.}y........SXI|..iVN'%E.D.W....r..<`....i....6;E$.....U.$j.@...._.......R2....WS...k.vz.R.'a9!^..*.N....h.._.....c.%."..S.2.16B...o.2}.pmU[.|.LI....2.....OWQLO1-....s..8.(...".|6...6R.. ..M-.zO.}w)..v..mXxX...c..3*#.+.v....F`.Z;.zQ.......r,....Yo.....g.h....+.....O.3Y..)Y.8.!....elX......._.3.}k~u.{ C..H.z..FP........@...d..)T.R...L.H.J.j.@..............$...E......y...3.b...I.h u.+%.HA.\..9..8..X.!....gx...].:..V..C...._..X..!....6..)...GM:E.....O.Z.*}k.;.T.k..D.k.O..D5.r..."......?..T.Q.A...CF...3g.5.Dn<.QPy..G..1.9..Q..0..

                                                                                                                                                                                                                              Chrome Cache Entry: 157

                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              File Type:PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                                              Category:downloaded
                                                                                                                                                                                                                              Size (bytes):530
                                                                                                                                                                                                                              Entropy (8bit):7.2576396280117494
                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                              SSDEEP:
                                                                                                                                                                                                                              MD5:88E0F42C9FA4F94AA8BCD54D1685C180
                                                                                                                                                                                                                              SHA1:5AD9D47A49B82718BAA3BE88550A0B3350270C42
                                                                                                                                                                                                                              SHA-256:89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
                                                                                                                                                                                                                              SHA-512:FAFF842E9FF4CC838EC3C724E95EEE6D36B2F8C768DC23E48669E28FC5C19AA24B1B34CF1DBCBE877B3537D6A325B4C35AF440C2B6D58F6A77A04A208D9296F8
                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                                                              URL:https://www.gstatic.com/recaptcha/api2/audio_2x.png
                                                                                                                                                                                                                              Preview:.PNG........IHDR...0...0.......1.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.........IDATX...JBA.....E-R... (#..-*$.}.%.Kt.A..Dx.I...AF.Q.4.......-.6..?.m:.,.......Q..D.L..e4..2.D..8)j4:......&>.s......p?......9.o5>.][H.}...&L.%.xh{~K.J|.b..N..HMp....f.}dd..S..4%...$dK..!..Z..NNs.W&g..Fn....p...w..Ut...E\.e.......6......M.F...X.L......em.....R#'..%....j$/..-......@.l."..M.|....OtW.H.,.-.~W`Z.s8..W...B...C-.8"H....6......9...A..aO.1`.M..A..eA.{...-...U.,.W........IEND.B`.

                                                                                                                                                                                                                              Static File Info

                                                                                                                                                                                                                              General

                                                                                                                                                                                                                              File type:RFC 822 mail, ASCII text, with very long lines (320), with CRLF line terminators
                                                                                                                                                                                                                              Entropy (8bit):6.094738259055353
                                                                                                                                                                                                                              TrID:
                                                                                                                                                                                                                              • E-Mail message (Var. 5) (54515/1) 100.00%
                                                                                                                                                                                                                              File name:Ashdown Phillips & Partners Ltd.eml
                                                                                                                                                                                                                              File size:1'235'297 bytes
                                                                                                                                                                                                                              MD5:fe7eb57f97dc20adf01daac9a3b4593d
                                                                                                                                                                                                                              SHA1:37d525c693484c793e7d728ecc965468d4f291aa
                                                                                                                                                                                                                              SHA256:fb4e16f2724d4fdddfad9e1dc494cc53cad378dd1b7a9f8518e5d7d26bee4c67
                                                                                                                                                                                                                              SHA512:233750fbc341e7310456c162d29a20cbb8eac306803193051b86d7d01e95f512fd4ac83767fedaa8bdcca9e9b7e96d7e7f92c3822ba25a37ede27c89a4d906c1
                                                                                                                                                                                                                              SSDEEP:24576:K7XcljXFlNhFrjaZVwV/qwUiMcTrZtPkeINJPuwV/qwbiMcTrZtPkesNbPU:K7XcljXFlNhFrjaZVQDHF
                                                                                                                                                                                                                              TLSH:8645BF00DDB38EAA479256AB50DE37D0E47C7B76C2ED40F930EE1727EA99461CBCA540
                                                                                                                                                                                                                              File Content Preview:Received: from GV2PR03MB8704.eurprd03.prod.outlook.com (::1) by.. AM6PR03MB5479.eurprd03.prod.outlook.com with HTTPS; Thu, 20 Mar 2025 08:34:48.. +0000..Received: from DB9PR05CA0006.eurprd05.prod.outlook.com (2603:10a6:10:1da::11).. by GV2PR03MB8704.eurpr

                                                                                                                                                                                                                              Static Mail

                                                                                                                                                                                                                              General

                                                                                                                                                                                                                              Subject:Ashdown Phillips & Partners Ltd
                                                                                                                                                                                                                              From:Ian Pratt <Ian@ashdownphillips.com>
                                                                                                                                                                                                                              To:Ian Pratt <Ian@ashdownphillips.com>
                                                                                                                                                                                                                              Cc:
                                                                                                                                                                                                                              BCC:
                                                                                                                                                                                                                              Date:Thu, 20 Mar 2025 08:33:19 +0000
                                                                                                                                                                                                                              Communications:
                                                                                                                                                                                                                              • CAUTION: This email originated from outside of the organisation. If in doubt please use the report message button to Security. Hi, Please see the proposal below from Ashdown Phillips & Partners Ltd Prevail/Ashdown Phillips_&_Partners_Ltd_84KB)<https://eu-west-1.protection.sophos.com?d=powr.io&u=aHR0cHM6Ly93d3cucG93ci5pby9mb3JtLWJ1aWxkZXIvaS8zOTMyNTE0OSNwYWdl&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=ellqTS81Y0JaOWNoL2gvdjVRaUVOSWNBSUVud0FnR2pxcXAwSEs0ZThmZz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ> Please let me know if you have any questions. Regards, Ian Pratt ( he/him ) Centre Manager [cid:2a94536e-ace5-4ea1-9422-614f6e1b7c97] Ladysmith Shopping Centre , AshtonunderLyne , OL6 7RX Mobile: 07825 872 279 https://eu-west-1.protection.sophos.com?d=ashdownphillips.com&u=d3d3LmFzaGRvd25waGlsbGlwcy5jb20=&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=V2R4V3o3M3VpanRmbkRkaURaTm5WRGlaUHpTcFNsd2FSN0dNazhCNmlvVT0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ<https://eu-west-1.protection.sophos.com?d=ashdownphillips.com&u=aHR0cDovL3d3dy5hc2hkb3ducGhpbGxpcHMuY29tLw==&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=M1lSMis2ajRzRlkwTGNlV3lzTmVSaktkSEZxNXVoYVBIc3hJUHhSNXF6MD0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ> [cid:9a7d7d5a-5620-4ea9-8440-b69d0c175d62] [cid:d4488243-9377-4816-bcc5-f0a563fb623b] [cid:9bec5028-506a-4b80-a5a5-280e61e9ae75] [cid:2b874960-2b2d-4490-98bf-c5c8d4e6da30] [cid:bad9fbf0-ddc8-4495-b49d-13a76f05980b] [cid:0590bc4e-31fb-4d2b-b7ef-084881a7a96e] [Instagram] Follow us on Instagram [LinkedIn]<https://eu-west-1.protection.sophos.com?d=linkedin.com&u=aHR0cHM6Ly93d3cubGlua2VkaW4uY29tL2NvbXBhbnkvYXNoZG93bi1waGlsbGlwcy0mLXBhcnRuZXJzLWxpbWl0ZWQv&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=M2dTTXZxNWxDQUkydXZVOXlOMlg1VUx3dDRiR3NPN1pXTXY0WS83RVE3bz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ> Connect with us on LinkedIn<https://eu-west-1.protection.sophos.com?d=linkedin.com&u=aHR0cHM6Ly93d3cubGlua2VkaW4uY29tL2NvbXBhbnkvYXNoZG93bi1waGlsbGlwcy0mLXBhcnRuZXJzLWxpbWl0ZWQv&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=M2dTTXZxNWxDQUkydXZVOXlOMlg1VUx3dDRiR3NPN1pXTXY0WS83RVE3bz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ> Ian Pratt ( he/him ) Centre Manager [cid:779460ec-7593-4add-9c0e-56c38c2fb293] Ladysmith Shopping Centre , AshtonunderLyne , OL6 7RX Mobile: 07825 872 369<tel:07825%20872%20369> https://eu-west-1.protection.sophos.com?d=ashdownphillips.com&u=d3d3LmFzaGRvd25waGlsbGlwcy5jb20=&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=V2R4V3o3M3VpanRmbkRkaURaTm5WRGlaUHpTcFNsd2FSN0dNazhCNmlvVT0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ<https://eu-west-1.protection.sophos.com?d=ashdownphillips.com&u=aHR0cDovL3d3dy5hc2hkb3ducGhpbGxpcHMuY29tLw==&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=M1lSMis2ajRzRlkwTGNlV3lzTmVSaktkSEZxNXVoYVBIc3hJUHhSNXF6MD0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ> [cid:c3236daa-e671-4938-9552-3193e367b7b4] [cid:40df0341-a87a-4140-aa1f-a3cc5bc6dfc3] [cid:6b657fa0-c898-45fd-b35b-5d05ffcfa58f] [cid:1835ffb2-37d0-44c9-97dd-57910b06dc81] [cid:1b1017f0-6e89-41f1-a927-e01a2f009081] [cid:6f4a0a3d-fbe2-4476-a81a-3dfc64262a8f] [Instagram] Follow us on Instagram [LinkedIn]<https://eu-west-1.protection.sophos.com?d=linkedin.com&u=aHR0cHM6Ly93d3cubGlua2VkaW4uY29tL2NvbXBhbnkvYXNoZG93bi1waGlsbGlwcy0mLXBhcnRuZXJzLWxpbWl0ZWQv&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=M2dTTXZxNWxDQUkydXZVOXlOMlg1VUx3dDRiR3NPN1pXTXY0WS83RVE3bz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ> Connect with us on LinkedIn<https://eu-west-1.protection.sophos.com?d=linkedin.com&u=aHR0cHM6Ly93d3cubGlua2VkaW4uY29tL2NvbXBhbnkvYXNoZG93bi1waGlsbGlwcy0mLXBhcnRuZXJzLWxpbWl0ZWQv&p=m&i=NWQ2Y2Q4NzM1NjUyZDAwZDI0MjQwZDk3&t=M2dTTXZxNWxDQUkydXZVOXlOMlg1VUx3dDRiR3NPN1pXTXY0WS83RVE3bz0=&h=1f0dc8332a554b3cba387cf5596bc5f2&s=AVNPUEhUT0NFTkNSWVBUSVar-vD03x3CsXCWT25uVRV_H-1vyNa5-Cr0ev8LDHkqnQ> ---------------------------- This email is confidential and privileged and intended only for the stated addressee(s). If you have received this in error, please inform us immediately and delete it and all copies from your system. Any information that does not relate to business of Ashdown Phillips & Partners Limited shall be understood as neither given nor endorsed by it. Property information supplied by this email does not constitute any part of an offer or contract and is subject to Ashdown Phillips & Partners usual terms and conditions. This email and any attachments are believed to be free of any virus, or defect, but it is the responsibility of the recipient to ensure this. Ashdown Phillips & Partners Limited does not accept responsibility or liability for any loss or damage arising in any way from its receipt or use or for any errors or omissions in its contents which may arise as a result of its transmission. Ashdown Phillips & Partners Limited Registered Office Pippingford Manor, Pippingford Park, Nutley, East Sussex TN22 3HW Registered in England and Wales under Number 5033896 ----------------------------
                                                                                                                                                                                                                              Attachments:
                                                                                                                                                                                                                              • image.png
                                                                                                                                                                                                                              • image.png
                                                                                                                                                                                                                              • image.png
                                                                                                                                                                                                                              • image.png
                                                                                                                                                                                                                              • image.png
                                                                                                                                                                                                                              • image.png
                                                                                                                                                                                                                              • image.png
                                                                                                                                                                                                                              • image.png
                                                                                                                                                                                                                              • image.png
                                                                                                                                                                                                                              • image283057.png
                                                                                                                                                                                                                              • image713344.jpg
                                                                                                                                                                                                                              • image136772.jpg
                                                                                                                                                                                                                              • image242140.jpg
                                                                                                                                                                                                                              • image162960.png
                                                                                                                                                                                                                              • image242855.jpg
                                                                                                                                                                                                                              • image985428.png
                                                                                                                                                                                                                              • image072026.png
                                                                                                                                                                                                                              • image929242.png
                                                                                                                                                                                                                              Key Value
                                                                                                                                                                                                                              Receivedfrom AM0PR01MB4321.eurprd01.prod.exchangelabs.com ([fe80::ef5e:2e4d:345:1413]) by AM0PR01MB4321.eurprd01.prod.exchangelabs.com ([fe80::ef5e:2e4d:345:1413%5]) with mapi id 15.20.8534.034; Thu, 20 Mar 2025 08:33:20 +0000
                                                                                                                                                                                                                              Authentication-Resultsspf=softfail (sender IP is 198.154.180.198) smtp.mailfrom=ashdownphillips.com; dkim=fail (body hash did not verify) header.d=ashdownphillips.com;dmarc=fail action=oreject header.from=ashdownphillips.com;compauth=none reason=454
                                                                                                                                                                                                                              Received-SPFPass (protection.outlook.com: domain of ashdownphillips.com designates 185.58.86.186 as permitted sender) receiver=protection.outlook.com; client-ip=185.58.86.186; helo=eu-smtp-delivery-186.mimecast.com; pr=C
                                                                                                                                                                                                                              X-Sophos-Product-TypeMailflow
                                                                                                                                                                                                                              X-Sophos-Email-ID1f0dc8332a554b3cba387cf5596bc5f2
                                                                                                                                                                                                                              Authentication-Results-Originaldkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ashdownphillips.com
                                                                                                                                                                                                                              DKIM-Signaturev=1; a=rsa-sha256; c=relaxed/relaxed; d=ashdownphillips.com; s=mimecast20180416; t=1742459651; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=hANqTM6CQad4RTW8kNcsuaoruGzxu9kVGZkNquFgWDk=; b=sPm5sR00JeoNcKLnZBWNJQGPfArqwvZUHWY5CTk94HtIaxMpoJOU7zxsZM2ReT3rTKKZ/f wwIF1pz2rqq399l9RAI8ITk8APpOiRuUK50lQA6jbY5ujMScdctDZxNbzqD5mbmcQRne2I s1Kg+5RinwcPflzFa2lDcPPEjL1+AJc=
                                                                                                                                                                                                                              X-MC-UniqueEM8pVLqHPNmQ1fw1Vkrurg-1
                                                                                                                                                                                                                              X-Mimecast-MFC-AGG-IDEM8pVLqHPNmQ1fw1Vkrurg_1742459639
                                                                                                                                                                                                                              X-MS-Exchange-Authentication-Resultsspf=softfail (sender IP is 51.140.37.132) smtp.mailfrom=ashdownphillips.com; dkim=none (message not signed) header.d=none;dmarc=fail action=oreject header.from=ashdownphillips.com
                                                                                                                                                                                                                              X-ExclaimerHostedSignatures-MessageProcessedtrue
                                                                                                                                                                                                                              X-ExclaimerProxyLatency147903167
                                                                                                                                                                                                                              X-ExclaimerImprintLatency2556449
                                                                                                                                                                                                                              X-ExclaimerImprintAction893f4a8055b3438db3430a26fe92e5d3
                                                                                                                                                                                                                              FromIan Pratt <Ian@ashdownphillips.com>
                                                                                                                                                                                                                              ToIan Pratt <Ian@ashdownphillips.com>
                                                                                                                                                                                                                              SubjectAshdown Phillips & Partners Ltd
                                                                                                                                                                                                                              Thread-TopicAshdown Phillips & Partners Ltd
                                                                                                                                                                                                                              Thread-IndexAQHbmXFsrstNSTudLU6/a0gzgiObdLN7sdZ/
                                                                                                                                                                                                                              DateThu, 20 Mar 2025 08:33:19 +0000
                                                                                                                                                                                                                              Message-ID<AM0PR01MB43216446B04787AA289F2DA0A0D82@AM0PR01MB4321.eurprd01.prod.exchangelabs.com>
                                                                                                                                                                                                                              References<AM0PR01MB4321892689F28093D2F13CC3A0D82@AM0PR01MB4321.eurprd01.prod.exchangelabs.com>
                                                                                                                                                                                                                              In-Reply-To<AM0PR01MB4321892689F28093D2F13CC3A0D82@AM0PR01MB4321.eurprd01.prod.exchangelabs.com>
                                                                                                                                                                                                                              Accept-Languageen-GB, en-US
                                                                                                                                                                                                                              X-MS-Has-Attachyes
                                                                                                                                                                                                                              X-MS-TNEF-Correlator
                                                                                                                                                                                                                              msip_labels
                                                                                                                                                                                                                              x-ms-traffictypediagnosticAM0PR01MB4321:EE_|GV1PR01MB8659:EE_|AMS0EPF00000192:EE_|AM9PR01MB8297:EE_|AM4PEPF00025F96:EE_|DBBPR03MB10440:EE_|DB1PEPF00039231:EE_|GV2PR03MB8704:EE_|AM6PR03MB5479:EE_
                                                                                                                                                                                                                              X-MS-Office365-Filtering-Correlation-Ideebbb038-0ea2-4a61-505c-08dd678a0aa5
                                                                                                                                                                                                                              x-ld-processed96b469ba-18f8-4501-b8eb-c714a4c6f559,ExtAddr
                                                                                                                                                                                                                              X-MS-Exchange-SenderADCheck1
                                                                                                                                                                                                                              X-MS-Exchange-AntiSpam-Relay0
                                                                                                                                                                                                                              X-Microsoft-Antispam-UntrustedBCL:0; ARA:13230040|12012899012|5073199012|22003199012|31092699021|5063199012|35042699022|4073199012|4053099003|13003099007|8096899003;
                                                                                                                                                                                                                              X-Microsoft-Antispam-Message-Info-OriginalBRLZTDB7p8ejjAkQRXsZVZIxwxB84CXpQyZsGjSFWpya8L2wHMMXfoy0d9YxuBN+0noTYkmebm/33KeIrmwqp/MB+jfrmsFeqU/G+1g7Rs6FBWBzdhH3lASGa2w0o7x/UiApaK1+OX2HECUnfxycc1OYPi0jD6PK/w2DaY0fQCRb2c3ucDIByKPr8WTJvrX6lclDa6CWXyL4BxwjYFvTCKlIFGQqqLAYSPo38G6zJrmH9rs0hLZiS1/JA3uSV/9o0+bLhcjt3U4rAA87K3mOILWiDQN12X+UJXHBkfpskwB3iZlzdeWs1Avuib5RNINbGjt9yFkiIWZ6+jV3nedJmhagZDM3Na1zaQpTFVs4BYSm+GSLzNbY7kPvdsegcpiYSy/C/doj5GKaNvAAtQ/hY17vYnJS57YW4e3sVdB5h3E4cI0+V2c5B4IrXONLz6BmjWW7DYIJCTzCex/MNdG7VWCIlyyOzv+X/DfHc/rOgS3gGQy/dcNiId8gK+VgA9d8gIqiuauqkH5AklLUSoBTVdAAqQv1MvsntXK/WtHGtR3tDBXj3Uu7t0IF8BjMovrgvBW3TvsKRBXODw8xFB61/spqFhIR2/vg+U7brhJFxFj3+TCQ/Y4kkJsBMo3U22XC67HoCkZJ8nN5eHqEWsex63RdMStKxNbR3Sla9CQZB8Euqu3z77fIhzxIL/npnBcEYyWWpKyGdsy24iCs6Q7ZBNJyBSgcBm/66caJ5HAY5ZJNTwsusUk7YF6LhcXRHezVmQr7c+JQO3cxYE0nka0p5Tbm0BkusftpxD/cvMGDjVZ95E4lABsCl0glxaNVT2WDUmP+LG9lb+EKGXXU7YDI3yceH9+VadT5cfvh3c8hu9m2xf7vNQ1VKBWy1DWzwpf2iU29GJp8Z7DnynBcjZf2KbvUZ4oxbcwIPjFi3sw4OWva3RqtPVLXKd05T3bKRUovIUxjOaqrC7dfomycKSKntrvi9Ibn27dysnK6Qg9vsF9iqtsY9JDuHYPFLtNTO9vTcPYAJHxA7wBPkGAefgikjm5YO+HRdCLM0KcE91Vw1SK3aNv9VvknMwUKnoSXANhLBOi0xUmLx8EOHOavpnjI2YO0l0RiCyZ7nK57jjzHRa4b24b2hEjjtJavWHvuQtOtiEJhNeSd4FG/rw8cDLrlxGPzOCuwO0Ib+VsyB4QHIl26FKp21aeaJPwJA4RCE5r1XW5OsZYLHzXGsVM8fH0IJ6PBWb0onGuLYuWvmXVmNfIaf1wqAW9zWFH6w3cbFrzmi3Rmi0yTzk1hvk7oCqZmG8qqRT1+vbbIw2QFKLHQnaxb9FkcLjF9JOZ2s1nLH4hkT5JvlqR+JweXVlA6N/ZY7IhykV3XroPE/LgvcJ3Gls8r05eN8rwJ3L3kR4LUqRQxXqERaBmGJkfaMuz8ob1uxquIzHwHcyfqv/etYB4otQEaMCSso6K9vR+k1i5vvZB1rgaAhHl8XZ9vz8hcMvOeCDUvVEEVBlgU3hBrdQ4/Gu8r+OMYbKPnwk+q1D9WmuIrKxt2w7j7aVNSl2nFC+oB1/4cMcM3Y0Pa4krV5XzdnM9y9usglm4rJ/hYCPbjgtbHTYnS/uCf/9DjViZFumxQRXvcMKBuUX1U5yw1qAJ/KSR422ZcaiVboO6NBu+ZQ/e1exzrHx6uTHjokW3I4wm45ppIeQ55Wb9uqXK537eCsKcJJXudH70Cvh3PdbPkM/19kLXuytms6xPxvvw+eBuWQ1/tF0Ok4tJmUjdm4vhpdbCWM8KD4gtOZsdUF5Q+FjxQRRW6bDEkQTIE2roTJ1fuWUAVmemAVG7i/IKYt3KbOwmfn3vOD4FZoX21Eyk6C97kxBHc7vpQGbulImmcRLdxznBgUE2GThnS41Ka2k/N6TprS2VM/WH2Eok5Xd549bvSz+qGb2jLgy0zb/bEDBZtZFdVa/JA9umRpvO0y7uoBYCDUK0RAUA4awNVGorW4kcw8fCBrgXYHtrmV3TgDxh8oFb7hEYclflPmY6K/Q6874kDi/niejisvTQHZ6scIesz
                                                                                                                                                                                                                              X-Forefront-Antispam-Report-UntrustedCIP:185.58.86.186; CTRY:GB; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:eu-smtp-delivery-186.mimecast.com; PTR:eu-smtp-delivery-186.mimecast.com; CAT:NONE; SFS:(13230040)(12012899012)(5073199012)(22003199012)(31092699021)(5063199012)(35042699022)(4073199012)(4053099003)(13003099007)(8096899003); DIR:INB;
                                                                                                                                                                                                                              X-MS-Exchange-Transport-CrossTenantHeadersStampedGV2PR03MB8704
                                                                                                                                                                                                                              X-EOPAttributedMessage2
                                                                                                                                                                                                                              X-MS-Exchange-Transport-CrossTenantHeadersStrippedDB1PEPF00039231.eurprd03.prod.outlook.com
                                                                                                                                                                                                                              X-MS-Office365-Filtering-Correlation-Id-Prvs173846bf-945e-421d-a655-08dd6789fd71
                                                                                                                                                                                                                              X-Mimecast-Spam-Score0
                                                                                                                                                                                                                              X-Mimecast-MFC-PROC-IDO9WIPGUXfGj5ZU9pNcDe66w1FckAEFMAjqo8tfzd7B8_1742459639
                                                                                                                                                                                                                              X-Mimecast-Originatorashdownphillips.com
                                                                                                                                                                                                                              Content-Languageen-GB
                                                                                                                                                                                                                              Content-Typemultipart/related; boundary="_021_AM0PR01MB43216446B04787AA289F2DA0A0D82AM0PR01MB4321eurp_"; type="multipart/alternative"
                                                                                                                                                                                                                              X-EOPTenantAttributedMessage7956b84e-0c99-46b5-81c6-28689cfa7221:1
                                                                                                                                                                                                                              Content-Transfer-Encoding8bit
                                                                                                                                                                                                                              X-Sophos-Email-Scan-Details27140d1e1540510e7e771140550e7d75
                                                                                                                                                                                                                              X-Sophos-Email[eu-west-1] Antispam-Engine: 6.0.1, AntispamData: 2025.3.20.74228
                                                                                                                                                                                                                              X-Sophos-SenderHistoryip=185.58.86.186, fs=157743274, fso=160696010, da=235918278, mc=301243, sc=78, hc=301165, sp=0, re=5, sd=0, hd=30
                                                                                                                                                                                                                              X-Sophos-DomainHistoryd=ashdownphillips.com, fs=44754803, fso=91412254, da=96661102, mc=3347, sc=0, hc=3347, sp=0, re=14, sd=0, hd=19
                                                                                                                                                                                                                              X-LASED-SpamProbability0.091123
                                                                                                                                                                                                                              X-LASED-HitsAUTH_RES_PASS 0.000000, BODYTEXTH_SIZE_3000_MORE 0.000000, BODY_SIZE_10000_PLUS 0.000000, BODY_SIZE_100K_PLUS 0.000000, BODY_SIZE_1M_PLUS 0.000000, BODY_SIZE_25K_PLUS 0.000000, BODY_SIZE_500K_PLUS 0.000000, BODY_SIZE_50K_PLUS 0.000000, BODY_SIZE_75K_PLUS 0.000000, DKIM_ALIGNS 0.000000, DKIM_SIGNATURE 0.000000, DQ_S_H 0.000000, FONT_STYLE_1PT 0.000000, FRAUD_HIGH_X3 0.000000, FRAUD_X3 1.000000, FRAUD_X3_LARGE_BODY -1.000000, FROM_SAME_AS_TO 0.050000, FROM_SAME_AS_TO_DOMAIN 0.000000, HREF_LABEL_TEXT_NO_URI 0.000000, HREF_LABEL_TEXT_ONLY 0.000000, HTML_90_100 0.100000, HTML_95_100 0.100000, IMG_AR_1 0.000000, IMG_ATTACHED_2P 0.000000, IMP_FROM_NOTSELF 0.000000, INBOUND_SOPHOS 0.000000, INBOUND_SOPHOS_TOP_REGIONS 0.000000, INVOICE_ATTACHMENT 0.100000, IN_REP_TO 0.000000, JPG_COMMON_HEADER_ORDER 0.000000, JPG_PIXPERBYTE_HIGH 0.000000, JPG_PIXPERBYTE_LOW 0.000000, JPG_SPAMMY_SEGMENT 0.000000, JPG_SPAMMY_Y_RESOLUTION 0.000000, JPG_SPAM_ATTACHED 0.000000, KNOWN_MTA_TFX 0.000000, MULTIPLE_ATTACHMENTS 0.000000, NO_FUR_HEADER 0.000000, OBFUSCATION 0.000000, OBFU_ZERO_WIDTH 0.000000, PNG_PIXPERBYTE_HIGH 0.000000, PNG_PIXPERBYTE_LOW 0.000000, REFERENCES 0.000000, SINGLE_HREF_URI_IN_BODY 0.000000, SUPERLONG_LINE 0.050000, SXL_IP_TFX_WM 0.000000, TEXT_DIRECTION 0.000000, TEXT_DIR_LTR_ONLY 0.000000, __ANY_URI 0.000000, __ATTACH_CTE_BASE64 0.000000, __AUTH_RES_CEMA_DMARC_PASS 0.000000, __AUTH_RES_CEMA_SPF_PASS 0.000000, __AUTH_RES_CEMA_SPF_PASS_POL 0.000000, __AUTH_RES_DKIM_PASS 0.000000, __AUTH_RES_DMARC_PASS 0.000000, __AUTH_RES_ORIG_DKIM_NONE 0.000000, __AUTH_RES_ORIG_DMARC_NONE 0.000000, __AUTH_RES_PASS 0.000000, __BODY_NO_MAILTO 0.000000, __BODY_TEXT_X4 0.000000, __BUSINESS_SIGNATURE 0.000000, __CP_URI_IN_BODY 0.000000, __CT 0.000000, __CTYPE_HAS_BOUNDARY 0.000000, __CTYPE_MULTIPART 0.000000, __CTYPE_MULTIPART_ALT 0.000000, __DKIM_ALIGNS_1 0.000000, __DKIM_ALIGNS_2 0.000000, __DQ_D_H 0.000000, __DQ_IP_FSO_LARGE 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __DQ_S_DOMAIN_HD_10_P 0.000000, __DQ_S_DOMAIN_HD_1_P 0.000000, __DQ_S_DOMAIN_HD_5_P 0.000000, __DQ_S_DOMAIN_HIST_1 0.000000, __DQ_S_DOMAIN_MC_100_P 0.000000, __DQ_S_DOMAIN_MC_10_P 0.000000, __DQ_S_DOMAIN_MC_1K_P 0.000000, __DQ_S_DOMAIN_MC_1_P 0.000000, __DQ_S_DOMAIN_MC_50_P 0.000000, __DQ_S_DOMAIN_MC_5_P 0.000000, __DQ_S_DOMAIN_RE_49_L 0.000000, __DQ_S_DOMAIN_RE_99_L 0.000000, __DQ_S_DOMAIN_SP_0_P 0.000000, __DQ_S_HIST_1 0.000000, __DQ_S_HIST_2 0.000000, __DQ_S_IP_HD_10_P 0.000000, __DQ_S_IP_MC_100_P 0.000000, __DQ_S_IP_MC_10_P 0.000000, __DQ_S_IP_MC_1K_P 0.000000, __DQ_S_IP_MC_1_P 0.000000, __DQ_S_IP_MC_5_P 0.000000, __DQ_S_IP_RE_49_L 0.000000, __DQ_S_IP_RE_99_L 0.000000, __DQ_S_IP_RE_9_L 0.000000, __DQ_S_IP_SC_10_P 0.000000, __DQ_S_IP_SC_1_P 0.000000, __DQ_S_IP_SC_5_P 0.000000, __DQ_S_IP_SP_0_P 0.000000, __EXTORTION_MALWARE 0.000000, __EXTRA_MPART_TYPE_1 0.000000, __EXTRA_MPART_TYPE_N1 0.000000, __FOOTER_DISCLAIMER 0.000000, __FRAUD_COMMON 0.000000, __FRAUD_CONTACT_NUM 0.000000, __FRAUD_REPLY 0.000000, __FRAUD_URGENCY 0.000000, __FROM_ADDY_STARTS_UC 0.000000, __FROM_DOMAIN_IN_ANY_TO1 0.000000, __FROM_DOMAIN_NOT_IN_BODY 0.000000, __FUR_RDNS_MIMECAST 0.000000, __HAS_ATTACHMENT 0.000000, __HAS_ATTACHMENT1 0.000000, __HAS_ATTACHMENT2 0.000000, __HAS_FROM 0.000000, __HAS_HTML 0.000000, __HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_X_FF_ASR 0.000000, __HAS_X_FF_ASR_CAT 0.000000, __HAS_X_FF_ASR_SFV 0.000000, __HIDDEN_HTML_CONTENT 0.000000, __HIGHBITS 0.000000, __HIGHBIT_ASCII_MIX 0.000000, __HREF_LABEL_TEXT 0.000000, __HTML_AHREF_TAG 0.000000, __HTML_ATTR_DIR 0.000000, __HTML_BAD_END 0.000000, __HTML_BOLD 0.000000, __HTML_DIR_LTR 0.000000, __HTML_ENTITIES_X4 0.000000, __HTML_TAG_DIV 0.000000, __HTML_TAG_TABLE 0.000000, __HTTPS_URI 0.000000, __IMG_ATTACHED 0.000000, __IMG_SIZE_10K_50K 0.000000, __IMG_SIZE_1K_10K 0.000000, __IMG_SIZE_1K_LESS 0.000000, __IMP_FROM_NOTSELF 0.000000, __INBOUND_SOPHOS_EU_WEST_1 0.000000, __INVOICE_MULTILINGUAL 0.000000, __IN_REP_TO 0.000000, __JPG_AR_1 0.000000, __JPG_HEIGHT_100 0.000000, __JPG_SPAMMY_SEGMENT_2 0.000000, __JPG_SPAMMY_Y_RESOLUTION_3 0.000000, __JPG_SPAMMY_Y_RESOLUTION_5 0.000000, __JPG_WIDTH_100 0.000000, __JSON_HAS_MODELS 0.000000, __JSON_HAS_SCHEMA_VERSION 0.000000, __JSON_HAS_SENDER_AUTH 0.000000, __JSON_HAS_TENANT_DOMAINS 0.000000, __JSON_HAS_TENANT_ID 0.000000, __JSON_HAS_TENANT_SCHEMA_VERSION 0.000000, __JSON_HAS_TENANT_VIPS 0.000000, __JSON_HAS_TRACKING_ID 0.000000, __MIME_ATTACHMENT_1_N 0.000000, __MIME_ATTACHMENT_N_2 0.000000, __MIME_ATTACHMENT_N_3 0.000000, __MIME_ATTACHMENT_N_4 0.000000, __MIME_HTML 0.000000, __MIME_TEXT_H 0.000000, __MIME_TEXT_H1 0.000000, __MIME_TEXT_H2 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_TEXT_P2 0.000000, __MIME_VERSION 0.000000, __MSGID_32_64_CAPS 0.000000, __MTHREAT_0 0.000000, __MTL_0 0.000000, __MULTIPLE_URI_TEXT 0.000000, __PNG_AR_1 0.000000, __PNG_HEIGHT_100 0.000000, __PNG_WIDTH_100 0.000000, __PRODUCT_TYPE_MAILFLOW 0.000000, __RCPT_DOMAIN_NOT_TO 0.000000, __RCVD_PASS 0.000000, __REFERENCES 0.000000, __SANE_MSGID 0.000000, __SCAN_DETAILS 0.000000, __SCAN_DETAILS_SANE 0.000000, __SCAN_DETAILS_TL_0 0.000000, __STOCK_PHRASE_7 0.000000, __STYLE_RATWARE_NEG 0.000000, __STYLE_TAG 0.000000, __SUBJ_ALPHA_END 0.000000, __TAG_EXISTS_BODY 0.000000, __TAG_EXISTS_HEAD 0.000000, __TAG_EXISTS_HTML 0.000000, __TAG_EXISTS_META 0.000000, __TEXT_DIR_LTR 0.000000, __TO_DOMAIN_IN_FROM 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000, __URI_ENDS_IN_SLASH 0.000000, __URI_HAS_HYPHEN_USC 0.000000, __URI_IN_BODY 0.000000, __URI_IN_BODY_HTTP_X10 0.000000, __URI_NOT_IMG 0.000000, __URI_NO_MAILTO 0.000000, __URI_NS 0.000000, __URI_WITHOUT_PATH 0.000000, __URI_WITH_PATH 0.000000, __X_FF_ASR_SCL_NSP 0.000000, __X_FF_ASR_SFV_NSPM 0.000000, __ZERO_WIDTH_BODY 0.000000
                                                                                                                                                                                                                              X-LASED-ImpersonationFalse
                                                                                                                                                                                                                              X-LASED-SpamNonSpam
                                                                                                                                                                                                                              X-Sophos-MH-Mail-Info-KeyNFpKSmxzNDI0NHpiYlo5LTE3Mi4xOS4yLjExMg==
                                                                                                                                                                                                                              Return-Pathian@ashdownphillips.com
                                                                                                                                                                                                                              X-MS-Exchange-Organization-ExpirationStartTime20 Mar 2025 08:34:33.8232 (UTC)
                                                                                                                                                                                                                              X-MS-Exchange-Organization-ExpirationStartTimeReasonOriginalSubmit
                                                                                                                                                                                                                              X-MS-Exchange-Organization-ExpirationInterval1:00:00:00.0000000
                                                                                                                                                                                                                              X-MS-Exchange-Organization-ExpirationIntervalReasonOriginalSubmit
                                                                                                                                                                                                                              X-MS-Exchange-Organization-Network-Message-Ideebbb038-0ea2-4a61-505c-08dd678a0aa5
                                                                                                                                                                                                                              X-MS-Exchange-Organization-MessageDirectionalityIncoming
                                                                                                                                                                                                                              X-MS-PublicTrafficTypeEmail
                                                                                                                                                                                                                              X-MS-Exchange-Organization-AuthSourceDB1PEPF00039231.eurprd03.prod.outlook.com
                                                                                                                                                                                                                              X-MS-Exchange-Organization-AuthAsAnonymous
                                                                                                                                                                                                                              X-MS-Exchange-Organization-SCL-1
                                                                                                                                                                                                                              X-Microsoft-AntispamBCL:0;ARA:13230040|4073199012|5063199012|5073199012|35042699022|12012899012|31092699021|22003199012|13003099007|4053099003|8096899003;
                                                                                                                                                                                                                              X-Forefront-Antispam-ReportCIP:198.154.180.198;CTRY:US;LANG:en;SCL:-1;SRV:;IPV:NLI;SFV:SKN;H:mfid-euw1.prod.hydra.sophos.com;PTR:mfid-euw1.prod.hydra.sophos.com;CAT:NONE;SFS:(13230040)(4073199012)(5063199012)(5073199012)(35042699022)(12012899012)(31092699021)(22003199012)(13003099007)(4053099003)(8096899003);DIR:INB;
                                                                                                                                                                                                                              X-MS-Exchange-CrossTenant-OriginalArrivalTime20 Mar 2025 08:34:33.7919 (UTC)
                                                                                                                                                                                                                              X-MS-Exchange-CrossTenant-Network-Message-Ideebbb038-0ea2-4a61-505c-08dd678a0aa5
                                                                                                                                                                                                                              X-MS-Exchange-CrossTenant-Id7956b84e-0c99-46b5-81c6-28689cfa7221
                                                                                                                                                                                                                              X-MS-Exchange-CrossTenant-AuthSourceDB1PEPF00039231.eurprd03.prod.outlook.com
                                                                                                                                                                                                                              X-MS-Exchange-CrossTenant-AuthAsAnonymous
                                                                                                                                                                                                                              X-MS-Exchange-CrossTenant-FromEntityHeaderInternet
                                                                                                                                                                                                                              X-MS-Exchange-Transport-EndToEndLatency00:00:15.0415672
                                                                                                                                                                                                                              X-MS-Exchange-Processed-By-BccFoldering15.20.8511.025
                                                                                                                                                                                                                              X-Microsoft-Antispam-Mailbox-Deliveryucf:0;jmr:0;auth:0;dest:I;ENG:(910005)(944506478)(944626604)(4710137)(4717020)(920097)(930097)(140003);
                                                                                                                                                                                                                              X-Microsoft-Antispam-Message-InfoGA4zgA+rj12sLZOwcP0wfpOq5y11ooqxuzLiSPC4Bd0Kh/fIXXwPeXBUDB3oRgq4KTHcXcuOQuyQ/EwMp2l854gpa9hM+X8VSDS9Dv2batKuR93dn+u4I8GqY5XObnc8M6KmrgqQQFf6tw2UbeGFY7+tkxVYjpMaHHh3MZwO+WmAgp085M53uVZ4QIWdKRtfzjaNtTX33awFDnO309KsTNl8e90/ExL4BosHEqLpgQ6vxB6KGMiMDlpqMtST9nFPRQph7TYsPQJtXs4qWRYg5a4lDwPPhc5gOn22iJy6uLvbAHRhhPLV5jfY+COlJkOBcoIDwbM7Hw21MXHgPeVdB/KJpX2nlJZJrjd905YDqwrLphQ9Z97Y+FDuKHWoUJLZsNsIuhAPlsWSYsgsVazRhC0P3evavqbFUr2o6B5rwDkxeJtVop3lrCaNYsVOI5BJF9aPu5RqC43YBFekum2GNm+crXUaNr+iLhB3QTYAeoiXPaN1DJXxUBwo+5XOeeePLk8oYa3ZI+/XHVQ7Hv7994WB6N7TErKZQ+cEuTKiUCjINpFxS+4VmXJKkOUlTugPgdODkA1GNENLDZIrAe8nCKYKdTgAmWXhq8CTRCiI8EbuAqjuJuzHtZZFMl8tN4UHUKHuxUp2OugAN4Kt/5P5zqsCuztcX4u3SmdgaRDlvoatejmWyWt+ne6T8z5lcK7aQalJu5Oc+knLWz+l2V3NB6eUvxft5irLsNolXbd6iT6uVwSvD+sWROyi1Lwu836NWqK/UAYhB275PcXT90y2lEh3jDElg6jqFiiKjnvijPxo6r9su3vT4zldc6zDWm9uHPWId+LazstqSp337YmtkLMduYKUsBMrkL5C4fl80n1A2f1ZQYDw2mm1uQJywUHnjaCHgX++2QXNSsBlGGinp41V7ATt7Z3WpaiXtb9/LgScDZsg5bvE1yJcW0RABYfx60szeMTI0/UZri/jvqn8O+iffKfteo5ErVYO09nM1KvBonSQ1KAVEgP/D+VfHZBuiGbbTXaA4STYlCBhP7LsX2EquY7bjUecfx8vprX8JPY85k1vyMMhqsmrMt7b1Ji1lqjGpuYhRAybw34w266TS+wrbCOYepM/hTgIlmSN5eijXFrdOfXrRuSfzmUCXlVp+HmKOlE/FtfVg+a9bImC1n+hXsnIAf2a1ll7wYQSV51ddLTI1emFrmRaAiu4DWUKhFGddq/EoLFXnh2Kz2NpQ5YUwNska+0UHcuUIcaqnJ2nOnYX4Ua3tASoUT1lEMJv/gzS0NHU4NPygH4WZ8jZsywIB/eLbBXBZmopNiEhY+bMDmCSWBw6gF4gLIKW7pv54/T6JpeVEsK4qGTUDGtuST3N7n21Ka1B5GAm8Cy591Rd00ZBRc3KMEZ/CO6cDgBSMCp/KUeyAQ1+F3Id6iwW/9R4s3lhqihoqPwOtLKvaFr6SYl15KLm2yNScKl1G9+mFrLmiTvCaasN+Lu4NXW9Ay/6KddfDhB6ULzKlk5PBYv17xRy6b25sAPNPGNRzmHvhGl77quLRbH1wzT9j5VoDb6VLyv8mdbehrK1oQBW2SxYmCCto4fHV3BgJWzAh1F5lY9/Fon2Og2NmY+VRkpycuhuBhmQ6Rd32bhHJeT/ZBgSa6NbG83xgc/bp6l4MWL7XrWi+pHK7lZXNt5fUN4PFmTjutOC7PfyY0EAeDPxNR9nUW8qT+WzUF63hzR5mtN6Yanibyc1moW77MGObDrCet8RGJSS1nf//gZ3AbI1plcLXDijBJ5YndVCkVXefDJrXXOochxr6dD3Gvvky97S5gAXTPD1jQHqJuuFSnoh564Q2xJhK7BdRp+dRw0rw/WIiOXM8+qf/ziNA7TAT7hGutP4ipK5yDq6uvfPStnfnh4yQwQ4E+/DmU+FjrVoI8QTX0nUHwgGgfQfmpAdpH6dx8aTALnRCKez5/vIKBqEHx3JfqcWQGZfuZ6vZhyq/Qa2QHPgawXk7Mjot6QJLg4LGUKbAXoiTtJTs1LUFL4NT/MfNzwZaLqVnWJI5LhDDDULcekgGmxNAFyV8cnm6MIZEKpO5zy/2pOCRcA7ifLS89tS1sd6qIwX/Vraf6Kcrhl1yTmnugrChOcXItWr+mxHPnCj+F/Mrjj+l+oEiEmJHUc3/kZWb3ohzNUC8Z1x7u8czF7tG8Hyg45EnCJWgVjPdAnTB+K8R2bUaVvAVTngww0skPZ7BkyPygUdBxNVvYmw
                                                                                                                                                                                                                              MIME-Version1.0

                                                                                                                                                                                                                              File Icon

                                                                                                                                                                                                                              Icon Hash:46070c0a8e0c67d6